Manualshelf

Brocade Fabric OS Encryption Administrator's Guide v6.3.0 (53-1001341-02, July 2009)

ManualsBrandsHP ManualsStorageHP Encryption SAN Switch
12345678910
Encryption Administrator’s Guide ix
53-1001341-02
Deployment in Fibre Channel routed fabrics. . . . . . . . . . . . . . . . . .139
Deployment as part of an edge fabric . . . . . . . . . . . . . . . . . . . . . . . 141
Deployment with FCIP extension switches . . . . . . . . . . . . . . . . . . .142
Data mirroring deployment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .143
If metadata is not present on the LUN . . . . . . . . . . . . . . . . . . .144
VmWare ESX server deployments . . . . . . . . . . . . . . . . . . . . . . . . . .145
Chapter 5 Best Practices and Special Topics
In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .147
Firmware download considerations. . . . . . . . . . . . . . . . . . . . . . . . .148
Firmware Upgrades and Downgrades . . . . . . . . . . . . . . . . . . .148
Specific guidelines and procedures . . . . . . . . . . . . . . . . . . . . .149
Configuration upload and download considerations . . . . . . . . . . .150
Configuration Upload at an encryption group leader node. . .150
Configuration upload at an encryption group member node .150
Information not included in an upload . . . . . . . . . . . . . . . . . . .150
Steps before configuration download. . . . . . . . . . . . . . . . . . . .151
Configuration download at the encryption group leader. . . . .151
Configuration download at an encryption group member . . .151
Steps after configuration download . . . . . . . . . . . . . . . . . . . . .152
HP-UX considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153
Enable of a disabled LUN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153
Disk metadata. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153
Tape metadata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153
Tape data compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .154
Tape pools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .154
Tape block zero handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .154
Tape key expiry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .155
DF compatibility for tapes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .155
DF compatibility for disk LUNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . .155
Configuring CryptoTarget containers and LUNs . . . . . . . . . . . . . . .156
Redirection zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .157
Deployment with Admin Domains (AD) . . . . . . . . . . . . . . . . . . . . . .157
Master key usage in RKM and SKM environments . . . . . . . . . . . .157
Do not use DHCP for IP interfaces . . . . . . . . . . . . . . . . . . . . . . . . . .157
Ensure uniform licensing in HA clusters . . . . . . . . . . . . . . . . . . . . .157
Tape library media changer considerations . . . . . . . . . . . . . . . . . .158
Turn off host-based encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . .158
Avoid double encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .158
PID failover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .158