Cryptocfg – Dell POWEREDGE M1000E User Manual

Page 198

Advertising
background image

170

Fabric OS Command Reference

53-1002746-01

cryptoCfg

2

cryptoCfg

Performs encryption configuration and management functions.

SYNOPSIS

cryptocfg --help -nodecfg

cryptocfg --help -groupcfg

cryptocfg --help -hacluster

cryptocfg --help -devicecfg

cryptocfg --help -transcfg

cryptocfg --help -decommission

DESCRIPTION

Use the cryptoCfg command to configure and manage the Brocade Encryption Switch and the FS8-18
encryption blade. These platforms support the encryption of data-at-rest for tape devices and disk array
logical unit numbers (LUNs).

The cryptoCfg CLI consists of eight command sets grouped around the following configuration
functions:

1.

Node configuration

2.

Encryption group configuration

3.

High Availability (HA) cluster configuration

4.

Storage device configuration and management

5.

Transaction management

6.

Device decommissioning

Each of these command groups is documented in a separate section that includes function, synopsis,
description, and operands. Examples are presented at the end of the help page.

For detailed encryption switch management and configuration procedures, refer to the Fabric OS
Encryption Administrator's Guide.

NOTES

The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.

CAUTION: When configuring a LUN with multiple paths, there is a considerable risk of ending up
with potentially catastrophic scenarios where different policies exist for each path of the LUN, or
a situation where one path ends up being exposed through the encryption switch and other path
has direct access to the device from a host outside the secured realm of the encryption platform.
To protect against this risk, it is necessary to configure containers IN SEQUENCE and with the
same policies and not issue a commit until the configuration for all hosts accessing the LUN is
complete. Failure to follow correct configuration procedures for multi-path LUNs results in data
corruption. If you are configuring multi-path LUNs as part of an HA cluster or DEK cluster or as a
standalone LUN accessed by multiple hosts, follow the instructions described in the section
"Configuring a multi-path Crypto LUN" in the Fabric OS Encryption Administrator's Guide.

FUNCTION

1. Node configuration

SYNOPSIS

cryptocfg --help -nodecfg

Advertising
Popular Brands
Popular manuals