HP StorageWorks Secure Key Manager Installation and replacement guide (AJ087-96013, November 2008)

ManualsBrandsHP ManualsStorageEncryption and Key Management

Contents

1Installingandreplacinghardware.................. 7

Preparingfortheinstallation.................................. 7

Toolsforinstallation ................................... 7

TakingESDprecautions.................................. 7

Groundingmethodstopreventelectrostaticdischarge..................... 7

Rackplanningresources ................................... 8

Rackrequirements.................................... 8

Rackwarnings ..................................... 8

Optimumenvironment .................................... 9

Space and airﬂowrequirements.............................. 9

Temperaturerequirements................................. 9

Powerrequirements .................................. 10

Electricalgroundingrequirements ............................ 10

Unpacking ......................................... 11

Identifyingtheshippingcartoncontents............................. 11

Selectingaracklocation .................................. 12

RemovinganexistingSKM(appliance)fromthesystem ..................... 13

Installingtherailsintherack ................................ 13

Attachingrailstotheappliance ............................... 14

Installingtheapplianceintherack.............................. 14

Attachingthecables.................................... 14

2Conﬁguring the system . . . . ................... 17

StartingtheSKMappliance................................. 17

Conﬁguring the ﬁrstSKMappliance ............................. 19

Setting up the local CertiﬁcateAuthority(CA) ....................... 20

Creating the SKM server certiﬁcate............................ 21

EnablingSSLontheKeyManagementSystem(KMS)Server ................. 23

Establishingacluster.................................... 23

Creatingthecluster .................................. 24

Copying the Local CA certiﬁcate............................. 24

Adding SKM appliances to the cluster . . . . . . . . . . . . . . . . . . . . . . . . . . 25

Creating and installing the SKM Server Certiﬁcate ..................... 26

Propagating third-party certiﬁcates.............................. 27

Copying the certiﬁcates................................. 27

Installing the certiﬁcates ................................ 28

EnrollingclientdeviceswiththeSKM............................. 28

EnrollingETLAlibrarieswiththeSKM............................. 28

SettingupSKMclientaccountsforeachtapelibrary .................... 29

Enrollingthelibraryclients ............................... 31

3 Verifying that installation and initial conﬁguration is successful . . . . . 33

Verifythattapebackupsarebeingencrypted ......................... 33

VerifyallnodesoftheSKMclusterareaccessibletoETLAlibraries ................ 34

A SKM pre-installation survey and checklist, for connecting to ETLAs . . . 37

SKMpre-installationsurvey ................................. 37

Sourcing the SKM security ofﬁcer(SO)roleandensuringinstallationsupport.......... 37

Designingthecluster,identifyinganycross-geographyrequirements.............. 37

Secure Key Manager