search

Brocade Communications Systems Encryption Switch Manual de servicio

Busca en linea o descarga Manual de servicio para Los conmutadores de red Brocade Communications Systems Encryption Switch. Brocade Communications Systems Encryption Switch Technical data Manual de usuario

  • Descarga
  • Añadir a mis manuales
  • Imprimir
  • Pagina
    / 326
  • Tabla de contenidos
  • SOLUCIÓN DE PROBLEMAS
    •
  • MARCADORES
    • Valorado. / 5. Basado en revisión del cliente
Vista de pagina 0
53-1002720-02
25 Month 2013
®
Fabric OS Encryption
Administrator’s Guide Supporting
RSA Data Protection Manager (DPM)
Environments
Supporting Fabric OS v7.1.0
Vista de pagina 0
1 2 3 4 5 6 ... 325 326

Indice de contenidos

Pagina 1 - Fabric OS Encryption

53-1002720-0225 Month 2013®Fabric OS EncryptionAdministrator’s Guide Supporting RSA Data Protection Manager (DPM) EnvironmentsSupporting Fabric OS v7.

Pagina 2 - Document History

x Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Decommissioning in an EG containing mixed modes . . . . . . . . . 232Decommissioning

Pagina 3 - Contents

82 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape LUN statistics24. Select the LUN or LUNs for which to display or clear statistics

Pagina 4

Fabric OS Encryption Administrator’s Guide (DPM) 8353-1002720-02Tape LUN statistics2NOTEYou can also select a group, switch, or engine from the Encryp

Pagina 5

84 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption engine rebalancing2• Uncompressed Bytes: The number of uncompressed bytes w

Pagina 6

Fabric OS Encryption Administrator’s Guide (DPM) 8553-1002720-02Master keys2Rebalancing an encryption engineTo rebalance an encryption engine, complet

Pagina 7

86 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Master keys2Active master keyThe active master key is used to encrypt newly created da

Pagina 8

Fabric OS Encryption Administrator’s Guide (DPM) 8753-1002720-02Master keys2• Create new master key: Enabled when no master key exists, or the previou

Pagina 9

88 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Master keys26. Enter the passphrase, which is required for restoring the master key. T

Pagina 10 - 53-1002720-02

Fabric OS Encryption Administrator’s Guide (DPM) 8953-1002720-02Master keys26. Re-enter the passphrase for verification, then click OK.A dialog box di

Pagina 11

90 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Master keys28. Enter the mandatory last name and first name of the person to whom the

Pagina 12

Fabric OS Encryption Administrator’s Guide (DPM) 9153-1002720-02Master keys2FIGURE 69 Select a Master Key to Restore (from file) dialog box4. Choose t

Pagina 13 - About This Document

Fabric OS Encryption Administrator’s Guide (DPM) xi53-1002720-02Chapter 6 Maintenance and Troubleshooting In this chapter . . . . . . . . . . . . . .

Pagina 14 - Document conventions

92 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Master keys2FIGURE 70 Select a Master Key to Restore (from key vault) dialog box4. Cho

Pagina 15 - Notes, cautions, and warnings

Fabric OS Encryption Administrator’s Guide (DPM) 9353-1002720-02Master keys2FIGURE 71 Select a Master Key to Restore (from a recovery set of smart car

Pagina 16 - Additional information

94 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Security Settings2Security Settings Security settings help you identify if system card

Pagina 17 - Getting technical help

Fabric OS Encryption Administrator’s Guide (DPM) 9553-1002720-02Zeroizing an encryption engine2NOTEZeroizing an engine affects the I/Os, but all targe

Pagina 18 - Document feedback

96 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Using the Encryption Targets dialog box2Using the Encryption Targets dialog boxThe Enc

Pagina 19 - Encryption Overview

Fabric OS Encryption Administrator’s Guide (DPM) 9753-1002720-02Redirection zones2Redirection zonesIt is recommended that you configure the host and t

Pagina 20 - Terminology

98 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Disk device decommissioning2Provided that the crypto configuration is not left uncommi

Pagina 21

Fabric OS Encryption Administrator’s Guide (DPM) 9953-1002720-02Disk device decommissioning2In order to delete keys from the key vault, you need to kn

Pagina 22 - The Brocade Encryption Switch

100 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Rekeying all disk LUNs manually2Displaying Universal IDsIn order to delete keys from

Pagina 23 - Performance licensing

Fabric OS Encryption Administrator’s Guide (DPM) 10153-1002720-02Rekeying all disk LUNs manually2Setting disk LUN Re-key AllTo rekey all disk LUNs on

Pagina 24 - Usage limitations

xii Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Brocade Encryption Switch removal and replacement. . . . . . . . . 281Multi-node EG

Pagina 25 - FIGURE 2 Encryption overview

102 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Rekeying all disk LUNs manually2.FIGURE 76 Pending manual rekey operations Viewing di

Pagina 26 - FIGURE 3 Frame redirection

Fabric OS Encryption Administrator’s Guide (DPM) 10353-1002720-02Rekeying all disk LUNs manually2FIGURE 77 Encryption Target Disk LUNs dialog box4. Cl

Pagina 27 - IO Sync LAN

104 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Rekeying all disk LUNs manually2Viewing the progress of manual rekey operationsTo mon

Pagina 28 - FIGURE 5 DEK life cycle

Fabric OS Encryption Administrator’s Guide (DPM) 10553-1002720-02Thin provisioned LUNs2• Current LBA: The Logical Block Address (LBA) of the block tha

Pagina 29 - Support for virtual fabrics

106 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing time left for auto rekey2Thin Provisioning supportThin-provisioned logical un

Pagina 30

Fabric OS Encryption Administrator’s Guide (DPM) 10753-1002720-02Viewing time left for auto rekey2FIGURE 79 Time left for auto rekey

Pagina 31

108 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing switch encryption properties2Viewing and editing switch encryptio

Pagina 32 - Encryption Center features

Fabric OS Encryption Administrator’s Guide (DPM) 10953-1002720-02Viewing and editing switch encryption properties2• Switch Status: The health status o

Pagina 33 - Encryption user privileges

110 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing switch encryption properties2• Key Vault User Name button: (TEKA

Pagina 34 - Smart card usage

Fabric OS Encryption Administrator’s Guide (DPM) 11153-1002720-02Viewing and editing encryption group properties2Importing a signed public key certifi

Pagina 35

Fabric OS Encryption Administrator’s Guide (DPM) xiii53-1002720-02About This DocumentIn this chapter•How this document is organized . . . . . . . . .

Pagina 36

112 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing encryption group properties2NOTEIf groups are not visible in the

Pagina 37

Fabric OS Encryption Administrator’s Guide (DPM) 11353-1002720-02Viewing and editing encryption group properties2General tabThe General tab (Figure 83

Pagina 38

114 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing encryption group properties2When the first encryption engine come

Pagina 39 - Using system cards

Fabric OS Encryption Administrator’s Guide (DPM) 11553-1002720-02Viewing and editing encryption group properties2Members tabThe Members tab lists grou

Pagina 40

116 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing encryption group properties2FIGURE 84 Encryption Group Properties

Pagina 41 - Using smart cards

Fabric OS Encryption Administrator’s Guide (DPM) 11753-1002720-02Viewing and editing encryption group properties2Table 2 explains the impact of removi

Pagina 42 - Tracking smart cards

118 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing encryption group properties2FIGURE 85 Encryption Group Properties

Pagina 43

Fabric OS Encryption Administrator’s Guide (DPM) 11953-1002720-02Viewing and editing encryption group properties2• Registered Authentication Cards tab

Pagina 44 - Editing smart cards

120 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing encryption group properties2• Right- and Left-arrow buttons: You

Pagina 45 - Blade processor links

Fabric OS Encryption Administrator’s Guide (DPM) 12153-1002720-02Viewing and editing encryption group properties2Tape Pools tabTape pools are managed

Pagina 46 - (KAC) certificate

xiv Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Supported hardware and software. The following hardware platforms support data encryp

Pagina 47

122 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing encryption group properties2All encryption engines in the encrypt

Pagina 48

Fabric OS Encryption Administrator’s Guide (DPM) 12353-1002720-02Viewing and editing encryption group properties24. Based on your selection, do one of

Pagina 49

124 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption-related acronyms in log messages2FIGURE 90 Encryption Group Properties Dia

Pagina 50

Fabric OS Encryption Administrator’s Guide (DPM) 12553-1002720-02Chapter3Configuring Encryption Using the CLIIn this chapter•Overview. . . . . . . . .

Pagina 51

126 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Overview3OverviewThis chapter explains how to use the command line interface (CLI) to

Pagina 52

Fabric OS Encryption Administrator’s Guide (DPM) 12753-1002720-02Command RBAC permissions and AD types35. PortMember: allows all control operations on

Pagina 53 - Creating an encryption group

128 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Command RBAC permissions and AD types3createhaclusterNOMN N N OMN NDisallowedcreateta

Pagina 54

Fabric OS Encryption Administrator’s Guide (DPM) 12953-1002720-02Command RBAC permissions and AD types3rebalanceNOMN N N OMN NDisallowedreclaimNOMN N

Pagina 55

130 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Cryptocfg Help command output3Cryptocfg Help command outputAll encryption operations

Pagina 56

Fabric OS Encryption Administrator’s Guide (DPM) 13153-1002720-02Configuring cluster links3Configuring cluster linksEach encryption switch or FS8-18 b

Pagina 57

Fabric OS Encryption Administrator’s Guide (DPM) xv53-1002720-02Command syntax conventionsCommand syntax in this manual follows these conventions:Note

Pagina 58

132 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring cluster links3DHCP: Offeth0: 10.33.54.208/20eth1: none/noneGateway: 10.33

Pagina 59

Fabric OS Encryption Administrator’s Guide (DPM) 13353-1002720-02Setting encryption node initialization35. Reregister the node with the group leader u

Pagina 60

134 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance3Steps for connecting to a DPM applianceAll sw

Pagina 61

Fabric OS Encryption Administrator’s Guide (DPM) 13553-1002720-02Steps for connecting to a DPM appliance3Initializing the Fabric OS encryption engines

Pagina 62

136 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance36. Register the encryption engine by entering

Pagina 63

Fabric OS Encryption Administrator’s Guide (DPM) 13753-1002720-02Steps for connecting to a DPM appliance33. Request the signed certificate.Generally,

Pagina 64

138 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance3Uploading the CA certificate onto the DPM app

Pagina 65

Fabric OS Encryption Administrator’s Guide (DPM) 13953-1002720-02Steps for connecting to a DPM appliance3i. Repeat step a through step h for each key

Pagina 66

140 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance3To create a Brocade encryption group, complet

Pagina 67

Fabric OS Encryption Administrator’s Guide (DPM) 14153-1002720-02Steps for connecting to a DPM appliance3• Registration File: This file is created as

Pagina 68

xvi Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Key termsFor definitions specific to Brocade and Fibre Channel, see the technical glo

Pagina 69

142 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance3Setting heartbeat signaling valuesEncryption

Pagina 70 - Creating HA clusters

Fabric OS Encryption Administrator’s Guide (DPM) 14353-1002720-02Adding a member node to an encryption group3Adding a member node to an encryption gro

Pagina 71

144 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding a member node to an encryption group35. Use the cryptocfg --import command to

Pagina 72 - Invoking failback

Fabric OS Encryption Administrator’s Guide (DPM) 14553-1002720-02Adding a member node to an encryption group3Encryption Group state: CLUSTER_STATE

Pagina 73 - Adding an encryption target

146 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Generating and backing up the master key3SecurityAdmin:switch> cryptocfg --reg -ke

Pagina 74

Fabric OS Encryption Administrator’s Guide (DPM) 14753-1002720-02Generating and backing up the master key3 Key Vault Type: DPMPrimary Key Va

Pagina 75

148 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02High availability clusters3SecurityAdmin:switch> cryptocfg --show -groupmember -al

Pagina 76

Fabric OS Encryption Administrator’s Guide (DPM) 14953-1002720-02High availability clusters3• HA clusters of FS8-18 blades should not include blades i

Pagina 77

150 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02High availability clusters3NOTEAn HA cluster configuration must have two encryption e

Pagina 78

Fabric OS Encryption Administrator’s Guide (DPM) 15153-1002720-02High availability clusters3<<old node WWN> [old slot number]><<new

Pagina 79

Fabric OS Encryption Administrator’s Guide (DPM) xvii53-1002720-02For information about the Key Management Interoperability Protocol standard, visit t

Pagina 80

152 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02High availability clusters3Policy Configuration ExamplesThe following examples illust

Pagina 81 - FIGURE 46 Next Steps screen

Fabric OS Encryption Administrator’s Guide (DPM) 15353-1002720-02Re-exporting a master key3Re-exporting a master keyWith the introduction of Fabric OS

Pagina 82

154 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Re-exporting a master key3Enter passphrase:Confirm passphrase:Master key exported. M

Pagina 83

Fabric OS Encryption Administrator’s Guide (DPM) 15553-1002720-02Re-exporting a master key3e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:93e3:ae:aa:89:

Pagina 84

156 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Enabling the encryption engine3Enabling the encryption engineEnable the encryption en

Pagina 85

Fabric OS Encryption Administrator’s Guide (DPM) 15753-1002720-02Zoning considerations3 No HA cluster membership EE Attributes: Media Ty

Pagina 86

158 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Zoning considerations3Frame redirection zoningName Server-based frame redirection ena

Pagina 87

Fabric OS Encryption Administrator’s Guide (DPM) 15953-1002720-02Zoning considerations3 Redirect: No The Local Name Server has 1 entry }The nsshow com

Pagina 88

160 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02CryptoTarget container configuration37. Create a zone that includes the initiator and

Pagina 89 - Remote replication LUNs

Fabric OS Encryption Administrator’s Guide (DPM) 16153-1002720-02CryptoTarget container configuration3FIGURE 91 Relationship between initiator, virtua

Pagina 90 - SRDF pairs

xviii Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02If you cannot use the licenseIdShow command because the switch is inoperable, you c

Pagina 91

162 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02CryptoTarget container configuration3You may be prompted to rebalance during the foll

Pagina 92

Fabric OS Encryption Administrator’s Guide (DPM) 16353-1002720-02CryptoTarget container configuration3The following example creates a disk container n

Pagina 93

164 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02CryptoTarget container configuration3zone: red_1109_brcd200c00062b0f726d200200051e41

Pagina 94 - Moving targets

Fabric OS Encryption Administrator’s Guide (DPM) 16553-1002720-02CryptoTarget container configuration3Deleting a CryptoTarget containerYou may delete

Pagina 95

166 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Crypto LUN configuration3Moving a CryptoTarget containerYou can move a CryptoTarget c

Pagina 96

Fabric OS Encryption Administrator’s Guide (DPM) 16753-1002720-02Crypto LUN configuration3CAUTIONWhen configuring a LUN with multiple paths (which mea

Pagina 97 - Tape LUN statistics

168 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Crypto LUN configuration3Configuring a Crypto LUNYou configure a Crypto LUN by adding

Pagina 98

Fabric OS Encryption Administrator’s Guide (DPM) 16953-1002720-02Crypto LUN configuration33. Commit the configuration.FabricAdmin:switch> cryptocfg

Pagina 99

170 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Crypto LUN configuration3The tape policies specified at the LUN configuration level t

Pagina 100

Fabric OS Encryption Administrator’s Guide (DPM) 17153-1002720-02Crypto LUN configuration3Configuring a tape LUNThis example shows how to configure a

Pagina 101

Fabric OS Encryption Administrator’s Guide (DPM) 153-1002720-02Chapter1Encryption OverviewIn this chapter•Host and LUN considerations . . . . . . . .

Pagina 102 - Encryption engine rebalancing

172 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Crypto LUN configuration3a. Discover the LUN. FabricAdmin:switch> cryptocfg --disc

Pagina 103 - Master keys

Fabric OS Encryption Administrator’s Guide (DPM) 17353-1002720-02Crypto LUN configuration3Removing a LUN from a CryptoTarget containerYou can remove a

Pagina 104 - Master key actions

174 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Crypto LUN configuration3Operation Succeeded3. Commit the configuration.FabricAdmin:s

Pagina 105

Fabric OS Encryption Administrator’s Guide (DPM) 17553-1002720-02Impact of tape LUN configuration changes3Impact of tape LUN configuration changesLUN-

Pagina 106 - ATTENTION

176 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Decommissioning LUNs3If a LUN is removed when undergoing decommission or is in a deco

Pagina 107

Fabric OS Encryption Administrator’s Guide (DPM) 17753-1002720-02Decommissioning replicated LUNs3• If you are running Fabric OS 7.1.0, and you want to

Pagina 108

178 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Decommissioning replicated LUNs3NOTEFailure to rekey the secondary LUN might result i

Pagina 109

Fabric OS Encryption Administrator’s Guide (DPM) 17953-1002720-02Force-enabling a decommissioned disk LUN for encryption3Force-enabling a decommission

Pagina 110

180 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02SRDF LUNs31. Log in to the switch that hosts the LUN as Admin or FabricAdmin. 2. Ente

Pagina 111 - Creating a master key

Fabric OS Encryption Administrator’s Guide (DPM) 18153-1002720-02SRDF LUNs3vault, the key vaults must be synchronized to ensure the availability of th

Pagina 112 - Security Settings

Copyright © 2013 Brocade Communications Systems, Inc. All Rights Reserved.ADX, AnyIO, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, I

Pagina 113 - Setting zeroization

2 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Terminology1TerminologyThe following are definitions of terms used extensively in this

Pagina 114

182 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02SRDF LUNs3CAUTIONDo not add a node running an earlier Fabric OS version to an encrypt

Pagina 115 - Disk device decommissioning

Fabric OS Encryption Administrator’s Guide (DPM) 18353-1002720-02Using SRDF, TimeFinder and RecoverPoint with encryption3Using SRDF, TimeFinder and Re

Pagina 116 - Decommissioning disk LUNs

184 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring LUNs for SRDF/TF or RP deployments34. Make a note of the master key'

Pagina 117

Fabric OS Encryption Administrator’s Guide (DPM) 18553-1002720-02Configuring LUNs for SRDF/TF or RP deployments3Steps for dealing with these scenarios

Pagina 118 - Displaying Universal IDs

186 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring LUNs for SRDF/TF or RP deployments3NOTEAll paths to the new SRDF/TF/RP so

Pagina 119 - Setting disk LUN Re-key All

Fabric OS Encryption Administrator’s Guide (DPM) 18753-1002720-02Configuring LUNs for SRDF/TF or RP deployments3Synchronizing source and target LUN SR

Pagina 120

188 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring LUNs for SRDF/TF or RP deployments37. Verify that the Replication LUN typ

Pagina 121

Fabric OS Encryption Administrator’s Guide (DPM) 18953-1002720-02SRDF/TF/RP manual rekeying procedures3Configuring SRDF Gatekeeper LUNsGatekeeper LUNs

Pagina 122

190 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02SRDF/TF/RP manual rekeying procedures35. Wait until the rekey operation on the source

Pagina 123 - Thin provisioned LUNs

Fabric OS Encryption Administrator’s Guide (DPM) 19153-1002720-02SRDF/TF/RP manual rekeying procedures36. After confirming that the rekey has complete

Pagina 124 - Thin Provisioning support

Fabric OS Encryption Administrator’s Guide (DPM) 353-1002720-02Terminology1Opaque Key VaultA storage location that provides untrusted key management f

Pagina 125 - Time left for auto rekey

192 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02SRDF/TF/RP manual rekeying procedures33. During the rekeying operation, if desired, y

Pagina 126

Fabric OS Encryption Administrator’s Guide (DPM) 19353-1002720-02SRDF/TF/RP manual rekeying procedures3Rekeying remote site (R2) SRDF LUNsTo rekey an

Pagina 127

194 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape pool configuration36. Verify that the DEKs are synched up from local site DPM cl

Pagina 128

Fabric OS Encryption Administrator’s Guide (DPM) 19553-1002720-02Tape pool configuration3• The tape pool label created on the encryption switch or bla

Pagina 129

196 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape pool configuration3===========================================================po

Pagina 130

Fabric OS Encryption Administrator’s Guide (DPM) 19753-1002720-02Tape pool configuration35. Configure the tape pool on your backup application with th

Pagina 131 - General tab

198 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring a multi-path Crypto LUN3Impact of tape pool configuration changesTape poo

Pagina 132

Fabric OS Encryption Administrator’s Guide (DPM) 19953-1002720-02Configuring a multi-path Crypto LUN3Multi-path LUN configuration exampleFigure 93 on

Pagina 133 - Members tab

200 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring a multi-path Crypto LUN3b. Create a CryptoTarget container (CTC2) for tar

Pagina 134 - Members tab Remove button

Fabric OS Encryption Administrator’s Guide (DPM) 20153-1002720-02Configuring a multi-path Crypto LUN3b. Add the same LUN to the CryptoTarget container

Pagina 135 - Security tab

4 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02The Brocade Encryption Switch1The Brocade Encryption SwitchThe Brocade Encryption Switc

Pagina 136

202 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02First-time encryption3First-time encryptionFirst-time encryption, also referred to as

Pagina 137 - HA Clusters tab

Fabric OS Encryption Administrator’s Guide (DPM) 20353-1002720-02Thin provisioned LUNs3Thin provisioned LUNsWith the introduction of Fabric OS 7.1.0,

Pagina 138

204 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Thin provisioned LUNs3LUN serial number: 50002AC000BC0A50TP LUN: YesLUN connecti

Pagina 139 - Tape Pools tab

Fabric OS Encryption Administrator’s Guide (DPM) 20553-1002720-02Data rekeying3Data rekeying In a rekeying operation, encrypted data on a LUN is decry

Pagina 140 - Adding tape pools

206 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Data rekeying3Configuring a LUN for automatic rekeyingRekeying options are configured

Pagina 141 - Engine Operations tab

Fabric OS Encryption Administrator’s Guide (DPM) 20753-1002720-02Data rekeying3Initiating a manual rekey session You can initiate a rekeying session m

Pagina 142 - TABLE 3 Encryption acronyms

208 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Data rekeying3Current LBA: 488577Operation succeeded.Suspension and resump

Pagina 143 - In this chapter

Fabric OS Encryption Administrator’s Guide (DPM) 20953-1002720-02Chapter4Deployment ScenariosIn this chapter•Single encryption switch, two paths from

Pagina 144 - Command validation checks

210 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Single encryption switch, two paths from host to target4Single encryption switch, two

Pagina 145

Fabric OS Encryption Administrator’s Guide (DPM) 21153-1002720-02Single fabric deployment - HA cluster4Single fabric deployment - HA clusterFigure 95

Pagina 146 - (Continued)

Fabric OS Encryption Administrator’s Guide (DPM) 553-1002720-02The FS8-18 blade1The FS8-18 bladeThe FS8-18 blade provides the same features and functi

Pagina 147

212 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Single fabric deployment - DEK cluster4In Figure 95, the two encryption switches prov

Pagina 148 - Management LAN configuration

Fabric OS Encryption Administrator’s Guide (DPM) 21353-1002720-02Dual fabric deployment - HA and DEK cluster4In Figure 96, two encryption switches are

Pagina 149 - Configuring cluster links

214 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Multiple paths, one DEK cluster, and two HA clusters4failover for the encryption path

Pagina 150 - Node is a member node

Fabric OS Encryption Administrator’s Guide (DPM) 21553-1002720-02Multiple paths, DEK cluster, no HA cluster4The configuration details shown in Figure

Pagina 151 - • Node CP certificate

216 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Multiple paths, DEK cluster, no HA cluster4The configuration details are as follows:•

Pagina 152

Fabric OS Encryption Administrator’s Guide (DPM) 21753-1002720-02Deployment in Fibre Channel routed fabrics4Deployment in Fibre Channel routed fabrics

Pagina 153

218 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Deployment in Fibre Channel routed fabrics4The following is a summary of steps for cr

Pagina 154 - Submitting the CSR to a CA

Fabric OS Encryption Administrator’s Guide (DPM) 21953-1002720-02Deployment as part of an edge fabric4Deployment as part of an edge fabricIn this depl

Pagina 155

220 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Deployment with FCIP extension switches4Deployment with FCIP extension switchesEncryp

Pagina 156

Fabric OS Encryption Administrator’s Guide (DPM) 22153-1002720-02Data mirroring deployment4Data mirroring deploymentFigure 104 shows a data mirroring

Pagina 157

6 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Recommendation for connectivity1Recommendation for connectivityIn order to achieve high

Pagina 158

222 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Data mirroring deployment4If metadata is not present on the LUNBeginning with Fabric

Pagina 159

Fabric OS Encryption Administrator’s Guide (DPM) 22353-1002720-02VMware ESX server deployments4VMware ESX server deploymentsVMware ESX servers may hos

Pagina 160

224 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02VMware ESX server deployments4Figure 106 shows a VMware ESX server with two guest ope

Pagina 161 - • cryptocfg --enableEE

Fabric OS Encryption Administrator’s Guide (DPM) 22553-1002720-02Chapter5Best Practices and Special TopicsIn this chapter•Firmware upgrade and downgra

Pagina 162

226 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Firmware upgrade and downgrade considerations5Firmware upgrade and downgrade consider

Pagina 163

Fabric OS Encryption Administrator’s Guide (DPM) 22753-1002720-02Firmware upgrade and downgrade considerations5• Guidelines for firmware upgrade of en

Pagina 164

228 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuration upload and download considerations55. Start firmware download (upgrade)

Pagina 165

Fabric OS Encryption Administrator’s Guide (DPM) 22953-1002720-02Configuration upload and download considerations5Information not included in an uploa

Pagina 166 - High availability clusters

230 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02HP-UX considerations5Configuration download at an encryption group memberSwitch speci

Pagina 167 - Creating an HA cluster

Fabric OS Encryption Administrator’s Guide (DPM) 23153-1002720-02AIX Considerations5For HP-UX multi-path configurations:• Add LUN 0 as a cleartext LUN

Pagina 168

Fabric OS Encryption Administrator’s Guide (DPM) 753-1002720-02Brocade encryption solution overview1Brocade encryption solution overviewThe loss of st

Pagina 169

232 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Decommissioning in an EG containing mixed modes5Decommissioning in an EG containing m

Pagina 170 - Policy Configuration Examples

Fabric OS Encryption Administrator’s Guide (DPM) 23353-1002720-02Tape data compression5Tape data compressionData is compressed by the encryption switc

Pagina 171 - Re-exporting a master key

234 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape block zero handling5Tape block zero handlingThe block zero of the tape media is

Pagina 172 - Viewing the master key IDs

Fabric OS Encryption Administrator’s Guide (DPM) 23553-1002720-02Redirection zones5• To enable host MPIO, LUNs must also be available through a second

Pagina 173

236 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Ensure uniform licensing in HA clusters5Ensure uniform licensing in HA clustersLicens

Pagina 174

Fabric OS Encryption Administrator’s Guide (DPM) 23753-1002720-02Turn off compression on extension switches5Turn off compression on extension switches

Pagina 175 - Zoning considerations

238 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02KAC certificate registration expiry5Do not change LUN configuration while rekeyingNev

Pagina 176 - Frame redirection zoning

Fabric OS Encryption Administrator’s Guide (DPM) 23953-1002720-02Changing IP addresses in encryption groups5Changing IP addresses in encryption groups

Pagina 177

240 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Recommendations for Initiator Fan-Ins5FIGURE 107 Fan-in ratios with performance licen

Pagina 178

Fabric OS Encryption Administrator’s Guide (DPM) 24153-1002720-02Best practices for host clusters in an encryption environment5Best practices for host

Pagina 179

8 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Brocade encryption solution overview1Data flow from server to storageThe Brocade Encryp

Pagina 180 - Gathering information

242 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape Device LUN Mapping5

Pagina 181

Fabric OS Encryption Administrator’s Guide (DPM) 24353-1002720-02Chapter6Maintenance and TroubleshootingIn this chapter•Encryption group and HA cluste

Pagina 182

244 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group and HA cluster maintenance6Encryption group and HA cluster maintenan

Pagina 183

Fabric OS Encryption Administrator’s Guide (DPM) 24553-1002720-02Encryption group and HA cluster maintenance6FIGURE 108 Removing a node from an encryp

Pagina 184 - Crypto LUN configuration

246 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group and HA cluster maintenance6 IP Address: 10.32.33.

Pagina 185 - Discovering a LUN

Fabric OS Encryption Administrator’s Guide (DPM) 24753-1002720-02Encryption group and HA cluster maintenance6Deleting an encryption groupYou can delet

Pagina 186 - Configuring a Crypto LUN

248 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group and HA cluster maintenance6Displaying the HA cluster configurationNO

Pagina 187

Fabric OS Encryption Administrator’s Guide (DPM) 24953-1002720-02Encryption group and HA cluster maintenance6Replacing an HA cluster member1. Log in t

Pagina 188

250 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group and HA cluster maintenance6FIGURE 109 Replacing a failed encryption

Pagina 189 - Configuring a tape LUN

Fabric OS Encryption Administrator’s Guide (DPM) 25153-1002720-02Encryption group and HA cluster maintenance6Case 2: Replacing a “live” encryption eng

Pagina 190

Fabric OS Encryption Administrator’s Guide (DPM) 953-1002720-02Data encryption key life cycle management1Data encryption key life cycle managementData

Pagina 191

252 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group and HA cluster maintenance6Performing a manual failback of an encryp

Pagina 192

Fabric OS Encryption Administrator’s Guide (DPM) 25353-1002720-02Encryption group merge and split use cases6• After the failback completes, the crypto

Pagina 193 - Decommissioning LUNs

254 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group merge and split use cases6NOTEWhen attempting to reclaim a failed Br

Pagina 194

Fabric OS Encryption Administrator’s Guide (DPM) 25553-1002720-02Encryption group merge and split use cases6RecoveryIf auto failback policy is set, no

Pagina 195

256 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group merge and split use cases6• The isolation of N3 from the group leade

Pagina 196

Fabric OS Encryption Administrator’s Guide (DPM) 25753-1002720-02Encryption group merge and split use cases6Recovery1. Restore the connection between

Pagina 197

258 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group merge and split use cases6NOTEThe collective time allowed (the heart

Pagina 198 - SRDF LUNs

Fabric OS Encryption Administrator’s Guide (DPM) 25953-1002720-02Encryption group merge and split use cases6NOTEIf one or more EG status displays as C

Pagina 199 - --set -replication enable

260 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group merge and split use cases6Display the encryption group state again.N

Pagina 200 - Reading metadata after sync

Fabric OS Encryption Administrator’s Guide (DPM) 26153-1002720-02Encryption group merge and split use cases6Encryption group not defined: Cluster DB a

Pagina 201 - -newLUN option

10 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Data encryption key life cycle management1FIGURE 5 DEK life cycle

Pagina 202

262 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group merge and split use cases6The above manual configuration recovery pr

Pagina 203

Fabric OS Encryption Administrator’s Guide (DPM) 26353-1002720-02Encryption group database manual operations6Encryption group database manual operatio

Pagina 204

264 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Key vault diagnostics6Aborting a pending database transactionYou can abort a pending

Pagina 205

Fabric OS Encryption Administrator’s Guide (DPM) 26553-1002720-02Measuring encryption performance6• Time of day on the switch• Key Vault client SDK ve

Pagina 206

266 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Measuring encryption performance6• -tx -rx displays the transmit and receive throughp

Pagina 207 - TF snapshot rekeying details

Fabric OS Encryption Administrator’s Guide (DPM) 26753-1002720-02General encryption troubleshooting6General encryption troubleshootingTable 9 lists th

Pagina 208 - <initiator PWWN>

268 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02General encryption troubleshooting6A backup fails because the LUN is always in the in

Pagina 209

Fabric OS Encryption Administrator’s Guide (DPM) 26953-1002720-02General encryption troubleshooting6Decommissioning an R2 LUN (remote replication LUN)

Pagina 210 - ID> <initiator PWWN>

270 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Troubleshooting examples using the CLI6Troubleshooting examples using the CLIEncrypti

Pagina 211

Fabric OS Encryption Administrator’s Guide (DPM) 27153-1002720-02Troubleshooting examples using the CLI6Encryption Disabled CryptoTarget LUNIf the LUN

Pagina 212 - Tape pool configuration

Fabric OS Encryption Administrator’s Guide (DPM) 1153-1002720-02Master key management1Master key managementCommunications with opaque key vaults are e

Pagina 213 - NetBackup labeling

272 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Management application encryption wizard troubleshooting6Management application encry

Pagina 214 - Creating a tape pool

Fabric OS Encryption Administrator’s Guide (DPM) 27353-1002720-02Management application encryption wizard troubleshooting6Errors related to adding a s

Pagina 215 - Modifying a tape pool

274 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Management application encryption wizard troubleshooting6General errors related to th

Pagina 216

Fabric OS Encryption Administrator’s Guide (DPM) 27553-1002720-02LUN policy troubleshooting6LUN policy troubleshootingTable 14 may be used as an aid i

Pagina 217

276 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Loss of encryption group leader after power outage6Loss of encryption group leader af

Pagina 218

Fabric OS Encryption Administrator’s Guide (DPM) 27753-1002720-02MPIO and internal LUN states65. Synchronize the crypto configurations across all memb

Pagina 219

278 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02FS8-18 blade removal and replacement61. Enter the cryptocfg --resume_rekey command, f

Pagina 220 - First-time encryption

Fabric OS Encryption Administrator’s Guide (DPM) 27953-1002720-02FS8-18 blade removal and replacement63. If the replaced FS8-18 blade is in member nod

Pagina 221

280 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02FS8-18 blade removal and replacement6NOTEBecause the FS8-18 blade was inserted in the

Pagina 222 - Space reclamation

Fabric OS Encryption Administrator’s Guide (DPM) 28153-1002720-02Brocade Encryption Switch removal and replacement611. If a master key is not present,

Pagina 223 - Data rekeying

Fabric OS Encryption Administrator’s Guide (DPM) iii53-1002720-02ContentsAbout This DocumentIn this chapter . . . . . . . . . . . . . . . . . . . . .

Pagina 224

12 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Cisco Fabric Connectivity support1Cisco Fabric Connectivity supportThe Brocade Encrypt

Pagina 225

282 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Brocade Encryption Switch removal and replacement68. Power on the new Brocade Encrypt

Pagina 226

Fabric OS Encryption Administrator’s Guide (DPM) 28353-1002720-02Brocade Encryption Switch removal and replacement621. Import the signed CSR/Cert onto

Pagina 227 - Deployment Scenarios

284 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Brocade Encryption Switch removal and replacement632. If HA cluster membership for th

Pagina 228

Fabric OS Encryption Administrator’s Guide (DPM) 28553-1002720-02Brocade Encryption Switch removal and replacement611. Invoke the following command to

Pagina 229

286 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Brocade Encryption Switch removal and replacement627. Invoke the following command on

Pagina 230

Fabric OS Encryption Administrator’s Guide (DPM) 28753-1002720-02Deregistering a DPM key vault6Deregistering a DPM key vaultEach Brocade Encryption Sw

Pagina 231

288 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Reclaiming the WWN base of a failed Brocade Encryption Switch6Reclaiming the WWN base

Pagina 232

Fabric OS Encryption Administrator’s Guide (DPM) 28953-1002720-02Downgrading firmware from Fabric OS 7.1.06Downgrading firmware from Fabric OS 7.1.0NO

Pagina 233

290 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Fabric OS and DPM Compatibility Matrix6Fabric OS and DPM Compatibility MatrixDPM 3.1

Pagina 234

Fabric OS Encryption Administrator’s Guide (DPM) 29153-1002720-02Moving an encryption blade from one EG to another in the same fabric6Admin:switch>

Pagina 235

Fabric OS Encryption Administrator’s Guide (DPM) 1353-1002720-02Chapter2Configuring Encryption Using the Management ApplicationIn this chapter•Encrypt

Pagina 236 - --rdcreate [host wwn]

292 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Moving an encryption switch from one EG to another in the same fabric64. Add the move

Pagina 237

Fabric OS Encryption Administrator’s Guide (DPM) 29353-1002720-02AppendixAState and Status InformationIn this appendix•Encryption engine security proc

Pagina 238 - FIGURE 103 FCIP deployment

294 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Security processor KEK statusASecurity processor KEK statusTable 20 lists security pr

Pagina 239 - Data mirroring deployment

Fabric OS Encryption Administrator’s Guide (DPM) 29553-1002720-02Encrypted LUN statesALUN_1ST_TIME_REKEY_IN_PROG First time rekey is in progress.LUN_K

Pagina 240

296 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encrypted LUN statesALUN_DIS_WR_META_DONE_ERR Disabled (Write metadata done with fail

Pagina 241 - VMware ESX server deployments

Fabric OS Encryption Administrator’s Guide (DPM) 29753-1002720-02Encrypted LUN statesATABLE 22 Tape LUN statesInternal Names Console String Explanatio

Pagina 242

298 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encrypted LUN statesALUN_ENCRYPT Encryption enabled The tape medium is present, and i

Pagina 243

Fabric OS Encryption Administrator’s Guide (DPM) 29953-1002720-02IndexAadd commands--add -haclustermember, 150--add -initiator, 163, 171, 200--add -LU

Pagina 244 - General guidelines

300 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02create commands--create -container, 162, 171, 199--create -encgroup, 140--create -hac

Pagina 245

Fabric OS Encryption Administrator’s Guide (DPM) 30153-1002720-02cryptocfg helpcommand output, 130CryptoTarget containeradding a LUN, 167, 168configur

Pagina 246

14 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption Center features2•Viewing and editing encryption group properties . . . . .

Pagina 247

302 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-0227, 35host and LUN considerations, 1launching the encryption targets dialog box, 96li

Pagina 248 - HP-UX considerations

Fabric OS Encryption Administrator’s Guide (DPM) 30353-1002720-02Ffailbackinvoking, 54modes, 54failback command, --failback -EE, 252failover and failb

Pagina 249 - AIX Considerations

304 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02KEK security processor status, 294Key IDsexporting, 154key vaultderegistration, 287ke

Pagina 250 - Tape metadata

Fabric OS Encryption Administrator’s Guide (DPM) 30553-1002720-02Management application, 61multi-path environmentsconfiguring encrypted tape storage,

Pagina 251 - Tape pools

306 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02show commands--show, 144, 156--show -container, 163--show -groupmember, 144, 147, 148

Pagina 252 - Tape key expiry

Fabric OS Encryption Administrator’s Guide (DPM) 30753-1002720-02troubleshootingcfgshow command, 267configshow, 267cryptocfg --show -groupcfg command,

Pagina 253

308 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02

Pagina 254 - PID failover

Fabric OS Encryption Administrator’s Guide (DPM) 1553-1002720-02Encryption user privileges2Encryption user privilegesIn BNA, resource groups are assig

Pagina 255 - Latency in rekey operations

16 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Smart card usage2Smart card usageSmart Cards are credit card-sized cards that contain

Pagina 256

Fabric OS Encryption Administrator’s Guide (DPM) 1753-1002720-02Smart card usage2• Establishing a trusted link with the NetApp LKM key vault.• Decommi

Pagina 257

18 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Smart card usage23. Locate the Authentication Card Quorum Size and select the quorum s

Pagina 258

Fabric OS Encryption Administrator’s Guide (DPM) 1953-1002720-02Smart card usage2Registering authentication cards from the databaseSmart cards that ar

Pagina 259 - Tape Device LUN Mapping

20 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Smart card usage2Deregistering an authentication cardAuthentication cards can be remov

Pagina 260

Fabric OS Encryption Administrator’s Guide (DPM) 2153-1002720-02Smart card usage2Using system cardsSystem cards are smart cards that can be used to co

Pagina 261

iv Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Support for virtual fabrics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Pagina 262

22 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Smart card usage2Enabling or disabling the system card requirementTo use a system card

Pagina 263

Fabric OS Encryption Administrator’s Guide (DPM) 2353-1002720-02Smart card usage2Deregistering system cardsSystem cards can be removed from the databa

Pagina 264

24 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Smart card usage2Tracking smart cards1. Select Configure > Encryption from the menu

Pagina 265 - Removing an HA cluster member

Fabric OS Encryption Administrator’s Guide (DPM) 2553-1002720-02Smart card usage2FIGURE 12 Smart Card asset tracking dialog box3. Select a smart card

Pagina 266

26 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Smart card usage2Editing smart cardsSmart cards can be used for user authentication, m

Pagina 267

Fabric OS Encryption Administrator’s Guide (DPM) 2753-1002720-02Network connections2Network connectionsBefore you use the encryption setup wizard for

Pagina 268

28 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption node initialization and certificate generation2Configuring blade processor

Pagina 269 - Deleting an HA cluster member

Fabric OS Encryption Administrator’s Guide (DPM) 2953-1002720-02Steps for connecting to a DPM appliance2Setting encryption node initializationEncrypti

Pagina 270 - Failover/failback example

30 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance2Exporting the KAC certificate signing request

Pagina 271 - Recovery

Fabric OS Encryption Administrator’s Guide (DPM) 3153-1002720-02Steps for connecting to a DPM appliance2KAC certificate registration expiryIt is impor

Pagina 272

Fabric OS Encryption Administrator’s Guide (DPM) v53-1002720-02High availability (HA) clusters . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Pagina 273

32 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance2Uploading the CA certificate onto the DPM appl

Pagina 274

Fabric OS Encryption Administrator’s Guide (DPM) 3353-1002720-02Steps for connecting to a DPM appliance2h. Click Next.i. Repeat step a through step h

Pagina 275

34 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance2Loading the CA certificate onto the encryption

Pagina 276 - -hbmisses and -hbtimeout

Fabric OS Encryption Administrator’s Guide (DPM) 3553-1002720-02Encryption preparation2Encryption preparationBefore you use the encryption setup wizar

Pagina 277

36 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Creating an encryption group22. Select a switch from the <NO GROUP DEFINED> encr

Pagina 278

Fabric OS Encryption Administrator’s Guide (DPM) 3753-1002720-02Creating an encryption group24. From the Configure Switch Encryption welcome screen, c

Pagina 279

38 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Creating an encryption group2FIGURE 20 Create a New Encryption Group dialog boxThe dia

Pagina 280

Fabric OS Encryption Administrator’s Guide (DPM) 3953-1002720-02Creating an encryption group2FIGURE 21 Select Key Vault dialog boxUsing this dialog bo

Pagina 281

40 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Creating an encryption group2Configuring key vault settings for RSA Data Protection Ma

Pagina 282 - Key vault diagnostics

Fabric OS Encryption Administrator’s Guide (DPM) 4153-1002720-02Creating an encryption group2FIGURE 23 Specify Certificate Signing Request File Name d

Pagina 283

vi Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Disk device decommissioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Pagina 284

42 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Creating an encryption group2FIGURE 24 Specify Master Key File Name dialog box7. Enter

Pagina 285 - Problem Resolution

Fabric OS Encryption Administrator’s Guide (DPM) 4353-1002720-02Creating an encryption group2FIGURE 25 Select Security Settings dialog box10. Set quor

Pagina 286 - General errors and conditions

44 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Creating an encryption group2FIGURE 26 Confirm Configuration dialog boxThe Configurati

Pagina 287

Fabric OS Encryption Administrator’s Guide (DPM) 4553-1002720-02Creating an encryption group2FIGURE 28 Next Steps dialog box13. Review the post-config

Pagina 288

46 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding a switch to an encryption group2Adding a switch to an encryption groupThe setup

Pagina 289

Fabric OS Encryption Administrator’s Guide (DPM) 4753-1002720-02Adding a switch to an encryption group2FIGURE 30 Designate Switch Membership dialog bo

Pagina 290

48 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding a switch to an encryption group2FIGURE 31 Add Switch to Existing Encryption Gro

Pagina 291

Fabric OS Encryption Administrator’s Guide (DPM) 4953-1002720-02Adding a switch to an encryption group26. Enter the location where you want to store t

Pagina 292

50 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Replacing an encryption engine in an encryption group2All configuration items have gre

Pagina 293 - LUN policy troubleshooting

Fabric OS Encryption Administrator’s Guide (DPM) 5153-1002720-02High availability (HA) clusters2FIGURE 36 Engine Operations tab3. Select the engine to

Pagina 294

Fabric OS Encryption Administrator’s Guide (DPM) vii53-1002720-02Steps for connecting to a DPM appliance . . . . . . . . . . . . . . . . . . . 134Ini

Pagina 295 - MPIO and internal LUN states

52 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02High availability (HA) clusters2NOTEIn Fabric OS 6.3.0 and later, HA cluster creation

Pagina 296 - Multi-node EG replacement

Fabric OS Encryption Administrator’s Guide (DPM) 5353-1002720-02High availability (HA) clusters2FIGURE 37 Encryption Group Properties dialog box - HA

Pagina 297

54 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02High availability (HA) clusters2Swapping engines in an HA clusterSwapping engines is u

Pagina 298 - Single-node EG replacement

Fabric OS Encryption Administrator’s Guide (DPM) 5553-1002720-02Configuring encryption storage targets2Configuring encryption storage targetsAdding an

Pagina 299 - Multi-node EG Case

56 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring encryption storage targets2FIGURE 38 Encryption Targets dialog box3. Click

Pagina 300

Fabric OS Encryption Administrator’s Guide (DPM) 5753-1002720-02Configuring encryption storage targets2FIGURE 40 Select Encryption Engine dialog boxTh

Pagina 301

58 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring encryption storage targets2FIGURE 41 Select Target dialog boxThe dialog bo

Pagina 302 - Single-node EG Replacement

Fabric OS Encryption Administrator’s Guide (DPM) 5953-1002720-02Configuring encryption storage targets2FIGURE 42 Select Hosts dialog boxThe dialog box

Pagina 303

60 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring encryption storage targets2• Right arrow button: Moves a host from the Hos

Pagina 304

Fabric OS Encryption Administrator’s Guide (DPM) 6153-1002720-02Configuring encryption storage targets2FIGURE 44 Confirmation dialog boxThe screen con

Pagina 305 - Deregistering a DPM key vault

viii Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Impact of tape LUN configuration changes. . . . . . . . . . . . . . . . . . 175Deco

Pagina 306

62 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring encryption storage targets2FIGURE 45 Configuration Status screenThe screen

Pagina 307

Fabric OS Encryption Administrator’s Guide (DPM) 6353-1002720-02Configuring hosts for encryption targets2FIGURE 46 Next Steps screenThe screen contain

Pagina 308 - TABLE 15 Compatibility Matrix

64 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring hosts for encryption targets2NOTEYou can also select a group, switch, or e

Pagina 309

Fabric OS Encryption Administrator’s Guide (DPM) 6553-1002720-02Configuring hosts for encryption targets2NOTEBoth the Host Ports in Fabric table and t

Pagina 310

66 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding target disk LUNs for encryption2Adding target disk LUNs for encryptionYou can a

Pagina 311 - State and Status Information

Fabric OS Encryption Administrator’s Guide (DPM) 6753-1002720-02Adding target disk LUNs for encryption2• Fabric• State• Thin Provision LUN• Encryption

Pagina 312 - Encrypted LUN states

68 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding target disk LUNs for encryption2FIGURE 51 Select Initiator Port dialog boxThe d

Pagina 313

Fabric OS Encryption Administrator’s Guide (DPM) 6953-1002720-02Adding target disk LUNs for encryption2FIGURE 52 Select LUN dialog box The dialog box

Pagina 314

70 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding target disk LUNs for encryption29. Click Finish.The new LUN path is added to th

Pagina 315 - TABLE 22 Tape LUN states

Fabric OS Encryption Administrator’s Guide (DPM) 7153-1002720-02Adding target disk LUNs for encryption2Configuring storage arraysThe Storage Array con

Pagina 316

Fabric OS Encryption Administrator’s Guide (DPM) ix53-1002720-02Thin provisioned LUNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Pagina 317

72 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding target disk LUNs for encryption2SRDF pairsRemote replication is implemented by

Pagina 318

Fabric OS Encryption Administrator’s Guide (DPM) 7353-1002720-02Adding target tape LUNs for encryption2Note the following when using the New LUN optio

Pagina 319

74 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding target tape LUNs for encryption2FIGURE 55 Encryption Targets dialog box3. Selec

Pagina 320

Fabric OS Encryption Administrator’s Guide (DPM) 7553-1002720-02Adding target tape LUNs for encryption2FIGURE 57 Add Encryption Target Tape LUNs dialo

Pagina 321

76 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Moving targets2• Enable Read Ahead: When selected, enables read pre-fetching on this t

Pagina 322

Fabric OS Encryption Administrator’s Guide (DPM) 7753-1002720-02Configuring encrypted tape storage in a multi-path environment2Configuring encrypted t

Pagina 323

78 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape LUN write early and read ahead2Tape LUN write early and read aheadThe tape LUN wr

Pagina 324

Fabric OS Encryption Administrator’s Guide (DPM) 7953-1002720-02Tape LUN statistics2FIGURE 59 Encryption Target Tape LUNs dialog box - Setting tape LU

Pagina 325

80 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape LUN statistics2Viewing and clearing tape container statisticsYou can view LUN sta

Pagina 326

Fabric OS Encryption Administrator’s Guide (DPM) 8153-1002720-02Tape LUN statistics2• Uncompressed blocks: The number of uncompressed blocks written t

Mas documentos para Los conmutadores de red Brocade Communications Systems Encryption Switch

a Ver el documento Brocade Communications Systems Encryption Switch Manual de usuario
Brocade Communications Systems Encryption Switch Manual de usuario (4 paginas)
a Ver el documento Brocade Communications Systems Encryption Switch Manual de servicio
Brocade Communications Systems Encryption Switch Manual de servicio (20 paginas)

Comentarios a estos manuales

Sin comentarios
Relacionado con productos y manuales para Los conmutadores de red Brocade Communications Systems Encryption Switch
Los conmutadores de red Brocade Communications Systems AM866A - StorageWorks 8/8 Base SAN Switch Especificaciones rápidas   (34 paginas)
Los conmutadores de red Brocade Communications Systems Brocade VDX 6710-54 Manual de usuario   (8 paginas)
Los conmutadores de red Brocade Communications Systems 8/40 Manual de servicio   (46 paginas)
Los conmutadores de red Brocade Communications Systems VDX 8770-4 Manual de usuario   (24 paginas)
Los conmutadores de red Brocade Communications Systems VDX 6720-24 Manual de usuario   (8 paginas)
Los conmutadores de red Brocade Communications Systems NetIron CER Series Guía de instalación    (120 paginas)
Los conmutadores de red Brocade Communications Systems 5300 Manual de usuario   (46 paginas)
Los conmutadores de red Brocade Communications Systems 300 Guía de instalación   (48 paginas)
Los conmutadores de red Brocade Communications Systems VDX 8770-4 Manual de servicio   (130 paginas)
Los conmutadores de red Brocade Communications Systems 800 Especificaciones   (49 paginas)
Los conmutadores de red Brocade Communications Systems Encryption Switch Manual de usuario   (4 paginas)
Los conmutadores de red Brocade Communications Systems Brocade 8/24c Manual de servicio   (36 paginas)
Los conmutadores de red Brocade Communications Systems VA-40FC Manual de usuario   (2 paginas)
Los conmutadores de red Brocade Communications Systems Converged Enhanced Ethernet 8000 Manual de servicio   (168 paginas)
Los conmutadores de red Brocade Communications Systems ServerIron ADX 12.4.00a Manual de servicio   (226 paginas)
Los conmutadores de red Brocade Communications Systems NetIron CER Series Manual   (56 paginas)
Los conmutadores de red Brocade Communications Systems 53-1001778-01 Manual de usuario   (17 paginas)
Los conmutadores de red Brocade Communications Systems VDX 6720 Manual de servicio   (78 paginas)
Los conmutadores de red Brocade Communications Systems FCX624S-HPOE Guía de instalación   (48 paginas)
Los conmutadores de red Brocade Communications Systems Brocade VDX 6710-54 Manual de servicio   (72 paginas)
  • DCS Compact Z-Wave Embedded Solutions Acrosser Total Pond
  • NEC Monitores de pantalla táctil Magma Tarjetas de interfaz / adaptadores Beckett Calentadores De Agua Y Calderas Reliable Oficina y ordenador sillas IBM Software De Recuperación De Copia De Seguridad
  • Corsair HX750W Brodit 854979 Coby MID7035 Abbott-freestyle Freedom Lite Canon PowerShot A2000 IS
  • Haier ESA3085 Manual de usuario Motorola MOTOKRZR K1M - K1M Guía de usuario Kurgo Back Seat Barrier Manual de usuario Viore LC32VF62 Manual de usuario