Manualshelf

Brocade Fabric OS Encryption Administrator's Guide v6.3.0 (53-1001341-02, July 2009)

ManualsBrandsHP ManualsStorageHP Encryption SAN Switch
221222223224225226227228229230
Encryption Administrator’s Guide 211
53-1001341-02
The NetApp Lifetime Key Manager
D
LKM Key Vault Deregistration
Deregistration of either Primary or Secondary LKM KV from an encryption switch or blade is
allowed independently.
Deregistration of Primary LKM - You can deregister the Primary LKM from an encryption switch
or blade without deregistering the backup or secondary LKM for maintenance or replacement
purposes. However, when the primary LKM is deregistered, key creation operations will fail
until either primary LKM is reregistered or the secondary LKM is deregistered and reregistered
as Primary LKM.
When the Primary LKM is replaced with a different LKM, you must first synchronize the DEKs
from secondary LKM before reregistering the primary LKM.
Deregistration of Secondary LKM - You can deregister the Secondary LKM independently.
Future key operations will use only the Primary LKM until the secondary LKM is reregistered on
the encryption switch or blade.
When the Secondary LKM is replaced with a different LKM, you must first synchronize the
DEKs from Primary LKM before reregistering the secondary LKM.