Security settings configured elsewhere – HP Secure Key Manager User Manual

Page 174

Advertising
background image

Description

Component

Prevents administrators from changing RAID drives through the Management Console.

IMPORTANT:

You cannot replace RAID drives and remain FIPS-compliant. To change RAID
drives you must either disable FIPS or return the device for drive replacement.
This option will appear on RAID capable devices only.

Disable Hotswap-
pable RAID Drives

Click to change the settings in this section.

IMPORTANT:

Deselecting

any of these fields will bring SKM out of FIPS compliance.

Edit

Security Settings Configured Elsewhere

Use this section to monitor the status of security settings that are configured on other pages of the
Management Console.

IMPORTANT:

Modifying

any of the items in the Security Settings Configured Elsewhere section immediately takes

the SKM out of FIPS compliance.

Figure 95 Viewing the Security Settings Configured Elsewhere section

The following table describes the components of the Security Settings Configured Elsewhere section.

Table 75 Security Settings Configured Elsewhere section components

Description

Component

Displays the value of the Allow Key and Policy Configuration Operations field in the
KMS Server Settings section. When enabled, users can configure keys and authoriz-
ation policies through the XML Interface. Click the link to access the KMS Server Set-
tings section. For FIPS compliance, this functionality must be disabled, or SSL must be
enabled.

Allow Key and Policy
Configuration Opera-
tions

Displays the value of the Allow Key Export field in the KMS Server Settings section.
When enabled, users can export keys from the SKM through the XML Interface. Click
the link to access the KMS Server Settings section. For FIPS compliance, this function-
ality must be disabled, or SSL must be enabled.

Allow Key Export

Displays the value of the User Directory field in the KMS Server Authentication Settings
section, which determines whether the KMS Server uses a local directory or an LDAP
server. Click the link to access the KMS Server Authentication Settings section. For
FIPS compliance, a local user directory must be used.

User Directory

Using the Management Console

174

Advertising
Popular Brands
Popular manuals