Manualshelf

Brocade Fabric OS Encryption Administrator's Guide v6.3.0 (53-1001341-02, July 2009)

ManualsBrandsHP ManualsStorageHP Encryption SAN Switch
11121314151617181920
Encryption Administrator’s Guide xi
53-1001341-02
Appendix A State and Status Information
In this appendix. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189
Encryption engine security processor (SP) states. . . . . . . . . . . . . .189
Security processor KEK status . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190
Encrypted LUN states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190
Appendix B LUN Policies
In this appendix. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195
DF-compatibility support for disk LUNs . . . . . . . . . . . . . . . . . . . . . .195
DF-compatibility support for tape LUNs. . . . . . . . . . . . . . . . . . . . . .199
Appendix C NS-Based Transparent Frame Redirection
Appendix D Supported Key Management Systems
In this appendix. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .203
Key management systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .203
The NetApp Lifetime Key Manager . . . . . . . . . . . . . . . . . . . . . . . . .204
The NetApp DataFort Management Console . . . . . . . . . . . . . .204
Obtaining and importing the LKM certificate. . . . . . . . . . . . . .205
Registering the certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . .206
Establishing the trusted link . . . . . . . . . . . . . . . . . . . . . . . . . . .208
LKM key vault high availability deployment . . . . . . . . . . . . . . .209
The RSA Key Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .212
Obtaining and Importing the RKM certificate . . . . . . . . . . . . .212
Exporting the KAC certificate signing request (CSR) . . . . . . . .212
Submitting the CSR to a certificate authority . . . . . . . . . . . . .213
Importing the signed KAC certificate . . . . . . . . . . . . . . . . . . . .213
Uploading the KAC and CA certificates onto the
RKM appliance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .215
RKM key vault high availability deployment. . . . . . . . . . . . . . .216