User's Manual

ManualsBrandsQuantum ManualsNetwork RouterScalar i500

Setting Up Quantum Encryption Key Manager on Your Scalar i500 Library

Document 6-01601-04

March 2010

Setting Up Q-EKM On the Library 3

5 Secure Sockets Layer (SSL): To enable SSL for communication between the library and

the key servers, select the

SSL Connection checkbox. The default is Disabled. If you

enable SSL, you must make sure that the

Primary and Secondary Key Server Port

Numbers

(see below) match the SSL port numbers set on the Q-EKM servers. The

default SSL port number is 443.

6 In the

Primary Key Server IP Address or Host text box, enter either:

• The IP address of the primary key server (if DNS is not enabled), or

• The host name of the primary key server (if DNS is enabled).

7 Enter the port number for the primary key server into the

Primary Key Server Port

Number

text box. The default port number is 3801 unless SSL is enabled. If SSL is

enabled, the default port number is 443.

8 If you are using a secondary key server for failover purposes, enter the IP address or

host name of the secondary key server into the

Secondary Key Server IP Address or

Host

text box.

9 If you configured a secondary key server (previous step), enter the port number for

the secondary key server into the

Secondary Key Server Port Number text box. The

default port number is 3801, unless SSL is enabled. If SSL is enabled, the default port

number is 443.

10 Click

Apply.

Note: Keys are always encrypted before being sent from the Q-EKM key

server to a tape drive, whether SSL is enabled or not. Enabling SSL

provides additional security.

Note: If you change the port number setting on the library, you must also

change the port number on the Q-EKM key server to match or

Q-EKM will not work properly. See the Quantum Encryption Key

Manager User’s Guide for information on setting the port number

on the Q-EKM key server.

Note: If you do not plan to use a secondary key server, you may type a

zero IP address, 0.0.0.0, into the

Secondary Key Server IP Address

or Host

text box, or you may leave this text box blank.

Note: If you are using a secondary key server, then the port numbers for

both the primary and secondary key servers must be set to the

same value. If they are not, synchronization and failover will not

occur.