Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsHousehold Appliances8
31323334353637383940
Brocade Communications Systems, Inc. Page 32 of 48
blocks (in the case of a block-read operation). When a write operation is performed, the storage device after the
operation has completed transmits a single frame back through the TOE to the HBA to acknowledge that all data
was received and written to the storage device.
When a host bus adapter performs a read to a target device for which it has established a connection, the HBA first
issues the appropriate FC/FCIP protocol command to the target at its defined 24-bit address. Next, the TOE inspects
the user’s HBA’s Host address and target address within the frame to verify that connectivity is allowed via the
current zoning configuration.
If connectivity is allowed, then no further action is taken by the TOE besides ensuring that all of the frames
are properly routed to their assigned destination based on their 24-bit destination address.
If connectivity is not allowed, then the TOE sends a rejection command to the HBA and any subsequent
read operations are rejected by the TOE.
Finally, the HBA collects all data frames and combines the data into the requested block for the host.
When a host bus adapter performs a write to a target device for which it has established a connection, the HBA first
issues the appropriate FC/FCIP protocol command to the target at its defined 24-bit address. Next, the TOE inspects
the user’s HBA’s Host address and target address within the frame to verify that connectivity is allowed via the
current zoning configuration.
If connectivity is allowed, then no further action is taken by the TOE besides ensuring that all of the frames
are properly routed to their assigned destination based on their 24-bit destination address.
If connectivity is not allowed, then the TOE sends a rejection command to the HBA and any subsequent
write operations are rejected by the TOE..
Next the HBA breaks up the data block to be written into multiple data frames, and transmits each one to the target.
The TOE inspects the 24-bit address of each data frame, either allowing it to route properly, or rejecting it
depending on the current zoning configuration.
Finally, the storage device transmits back a single frame acknowledging that all data was received and written to the
storage media.
6.1.2.1 User Data Encryption
Some models of the TOE support encryption of user data for specified storage devices. Only the BES switch
applicance and FS8-18 director blade models support the user data encryption feature. User data is encrypted using
the AES256-XTS or AES256-GCM. The encryption component within the BES and FS8-18 products has received
FIPS 140-2 Level 3 certification (certificate 1796).
A storage device configured to host encrypted data receives only encrypted data from the TOE and the TOE
decrypts data received from the storage device.