Manualshelf

Brocade Fabric OS Encryption Administrator's Guide Supporting Fabric OS v6.2.0 (53-1001201-04, May 2009)

ManualsBrandsHP ManualsStorageHP Encryption SAN Switch
12345678910
Encryption Administrator’s Guide ix
53-1001201-04
Data re-keying . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Resource Allocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .161
Re-keying modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .162
Configuring a LUN for automatic re-keying. . . . . . . . . . . . . . . .162
Initiating a manual re-key session . . . . . . . . . . . . . . . . . . . . . .163
Suspension and resumption of re-keying operations . . . . . . .164
First time encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .165
Resource allocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .165
First time encryption modes . . . . . . . . . . . . . . . . . . . . . . . . . . .165
Configuring a LUN for first time encryption . . . . . . . . . . . . . . .165
Advanced encryption group configuration. . . . . . . . . . . . . . . . . . . .166
Removing a node from an encryption group . . . . . . . . . . . . . .166
Deleting an encryption group . . . . . . . . . . . . . . . . . . . . . . . . . .168
Encryption group merge and split use cases. . . . . . . . . . . . . .168
Configuration impact of encryption group split
or node isolation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .173
Chapter 4 Deployment Scenarios
In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .175
Single fabric deployment - HA cluster . . . . . . . . . . . . . . . . . . . . . . . 176
Single fabric deployment - DEK cluster . . . . . . . . . . . . . . . . . . . . . . 177
Dual fabric deployment - HA and DEK cluster. . . . . . . . . . . . . . . . .178
Multiple paths, one DEK cluster, and two HA clusters . . . . . . . . . .179
Multiple paths, DEK cluster, no HA cluster . . . . . . . . . . . . . . . . . . .181
Deployment in Fibre Channel routed fabrics. . . . . . . . . . . . . . . . . .183
Deployment as part of an edge fabric . . . . . . . . . . . . . . . . . . . . . . .185
Deployment with FCIP extension switches . . . . . . . . . . . . . . . . . . .186
Data mirroring deployment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187
If metadata is not present on the LUN . . . . . . . . . . . . . . . . . . .188
Chapter 5 Best Practices and Special Topics
In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189
Firmware download considerations. . . . . . . . . . . . . . . . . . . . . . . . .190
Firmware Upgrades and Downgrades . . . . . . . . . . . . . . . . . . .190
Specific guidelines and procedures . . . . . . . . . . . . . . . . . . . . .191
HP-UX considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192
Enable of a disabled LUN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192
Disk metadata. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192
Tape metadata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192
Tape data compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193
Tape pools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193
Tape block zero handling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193
Tape key expiry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .194