User's Manual
Chapter 3 Configuring Your Library
Configuring Quantum Encryption Key Manager (Q-EKM)
Scalar i500 User’s Guide 86
6 If you configured a secondary Q-EKM server (previous step), enter
the port number for the secondary Q-EKM server into the
Secondary
Q-EKM port number
text box. The default port number is 3801, unless
SSL is enabled. If SSL is enabled, the default port number is 443.
7 Click
Apply.
Step 5: Configure
Partition Encryption 3
Encryption on the Scalar i500 tape library is enabled by partition only.
You cannot select individual tape drives for encryption; you must select
an entire partition to be encrypted.
If you encrypt a partition, all Q-EKM-supported tape drives in that
partition are enabled for encryption. Any non-Q-EKM-supported tape
drives in that partition are not enabled for encryption, and data written to
non-supported media is not encrypted.
Data written to encryption-supported media in Q-EKM-supported tape
drives will be encrypted unless data was previously written to the media
in a non-encrypted format. In order for data to be encrypted, the media
must be blank or have been written to using library managed encryption
at the first write operation at the beginning of tape (BOT).
Configure the partition(s) as follows:
1 From the web client, select
Setup > Encryption > Partition
Configuration
.
A list of all your partitions displays, along with a drop-down menu
displaying the encryption method for each partition.
2 If you want to change the encryption method on a partition, make
sure that no tape drives in that partition have cartridges in them. If
they do, you cannot change the encryption method.
Note: If you are using a secondary Q-EKM server, then the port
numbers for both the primary and secondary Q-EKM
servers must be set to the same value. If they are not,
synchronization and failover will not occur.