Brocade Fabric OS Encryption Administrator’s Guide Supporting NetApp Lifetime Key Manager (LKM) and KeySecure Storage Secure Key Manager (SSKM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 288

Advertising
background image

270

Fabric OS Encryption Administrator’s Guide (LKM/SSKM)

53-1002925-01

DF-compatibility support for disk LUNs

B

DF
compatible

Cleartext

Encrypt

Yes

NA

Yes

The LUN is disabled for encryption. Metadata
is present on the LUN and the LUN is in
encrypted state. You need to either modify the
LUN state to encrypted or use the runtime
cryptocfg --enable -LUN command to force
the change from the current state of the LUN
to encrypt.

DF
compatible

Cleartext

Encrypt

Yes

None

No

No error. First time encryption started to
convert the LUN from cleartext to encrypt.

DF
compatible

Cleartext

Encrypt

Yes

Provided No

No error. The key ID is ignored.

DF
compatible

Cleartext

Cleartext

NA in case of cleartext
policy

NA

Yes

Not a valid combination. Cleartext support in
DF-compatibility mode is rejected from the CLI.

DF
compatible

Cleartext

Cleartext

NA in case of cleartext
policy

None

No

Not a valid combination. cleartext support in
DF-compatibility mode is rejected from the CLI.

DF
compatible

Cleartext

Cleartext

NA in case of cleartext
policy

Provided No

Not a valid combination. cleartext support in
DF-compatibility mode is rejected from the CLI.

Native
(Brocade)

Cleartext

Encrypt

No

NA

Yes

The LUN is disabled for encryption. Metadata
is present on the LUN and the LUN is in
encrypted state. You need to either modify the
LUN state to “encrypted” or use the runtime
cryptocfg --enable -LUN command to force
the change from the current state of the LUN
to encrypt.

Native
(Brocade)

Cleartext

Encrypt

No

NA

No

No error. Host I/O is encrypted with the new
key and written to the LUN.

DF
compatible

Cleartext

Encrypt

No

NA

Yes

The LUN is disabled for encryption. Metadata
is present on the LUN and the LUN is in
encrypted state. Modify the LUN state to
“encrypted” or use the runtime cryptocfg
--

enable -LUN command to force the change

from the current state of the LUN to encrypt.

DF
compatible

Cleartext

Encrypt

No

NA

No

No error. Host I/O is encrypted with the new
key and written to the LUN.

TABLE 23

Support matrix for disk LUNs for various configuration and modify options (Continued)

LUN
encryption
format

LUN state

LUN policy

Encrypt existing data

Key ID

Metadata
on LUN

Results

Advertising
Popular Brands
Popular manuals