Manualshelf

Administrator's Guide Supporting NetApp Lifetime Key Manager (LKM) and KeySecure Storage Secure Key Manager (SSKM) Environments (Supporting Fabric OS v7.2.0) User Manual

ManualsBrandsBrocade ManualsComputer AccessoriesFabric OS Encryption
12345678910
Fabric OS Encryption Administrator’s Guide (LKM/SSKM) v
53-1002925-01
Configuring encryption storage targets . . . . . . . . . . . . . . . . . . . . . . . 53
Adding an encryption target . . . . . . . . . . . . . . . . . . . . . . . . . . . .54
Configuring hosts for encryption targets . . . . . . . . . . . . . . . . . . . . . . 62
Adding target disk LUNs for encryption . . . . . . . . . . . . . . . . . . . . . . .64
Configuring storage arrays . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69
Adding target tape LUNs for encryption. . . . . . . . . . . . . . . . . . . . . . . 69
Moving targets. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72
Tape LUN write early and read ahead . . . . . . . . . . . . . . . . . . . . . . . . 73
Enabling and disabling tape LUN write early
and read ahead . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73
Tape LUN statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
Viewing and clearing tape container statistics . . . . . . . . . . . . . 75
Viewing and clearing tape LUN statistics for specific
tape LUNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Viewing and clearing statistics for tape LUNs
in a container . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
Encryption engine rebalancing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79
Rebalancing an encryption engine . . . . . . . . . . . . . . . . . . . . . . .80
Security settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80
Zeroizing an encryption engine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Setting zeroization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
Using the Encryption Targets dialog box . . . . . . . . . . . . . . . . . . . . . .82
Redirection zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83
Disk device decommissioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83
Decommissioning Disk LUNs . . . . . . . . . . . . . . . . . . . . . . . . . . .84
Displaying and deleting decommissioned key IDs. . . . . . . . . . . 85
Displaying Universal IDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86
Rekeying all disk LUNs manually . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Setting disk LUN Re-key All . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Viewing disk LUN rekeying details . . . . . . . . . . . . . . . . . . . . . . . 89
Viewing the progress of manual rekey operations. . . . . . . . . . .90
Thin provisioned LUNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Thin provisioning support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92
Viewing time left for auto rekey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
Viewing and editing switch encryption properties . . . . . . . . . . . . . .93
Exporting the public key certificate signing request
(CSR) from properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
Importing a signed public key certificate from properties . . . .96
Enabling and disabling the encryption engine state
from properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97