beautypg.com

Brocade Fabric OS Encryption Administrator’s Guide Supporting RSA Data Protection Manager (DPM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 129

background image

Fabric OS Encryption Administrator’s Guide (DPM)

109

53-1002922-01

Viewing and editing switch encryption properties

2

Discovering

Not a member

-

Encryption Group: The name of the encryption group to which the switch belongs.

-

Encryption Group Status: Status options are:

OK/Converged: the group leader can communicate with all members

Degraded: the group leader cannot communicate with one or more members. The
following operations are not allowed: key vault changes, master key operations,
enable/disable encryption engines, Failback mode changes, HA Cluster creation or
addition (removal is allowed), tape pool changes, and any configuration changes for
storage targets, hosts, and LUNs.

Unknown: The group leader is in an unmanaged fabric.

-

Fabric: The name of the fabric to which the switch belongs.

-

Domain ID: The domain ID of the selected switch.

-

Firmware Version: The current encryption firmware on the switch.

-

Key Vault Type: Options are:

RSA Data Protection Manager (DPM): NOTE: If an encryption group contains mixed
firmware nodes, the Encryption Group Properties Key Vault Type name is based on the
firmware version of the group leader. For example, If a switch is running Fabric
OS 7.1.0 or later, the Key Vault Type is displayed as “RSA Data Protection Manager
(DPM).”If a switch is running Fabric OS prior to v7.1.0, Key Vault Type is displayed as
“RSA Key Manager (RKM)”.

-

Primary Key Vault Link Key Status/Backup Key Vault Link Key Status: (LKM/SSKM key
vault only.) Shown as Not Used.

-

Primary Key Vault Connection Status/Backup Key Vault Connection Status: Whether the
primary key vault link is connected. Options are:

Unknown/Busy

Key Vault Not Configured

No Response

Failed authentication

Connected.

-

Key Vault User Name button: (TEKA key vault only.) Shown as inactive.

Public Key Certificate Request text box: The switch’s KAC certificate signing request, which
must be signed by a certificate authority (CA). The signed certificate must then be imported
onto the switch and onto the primary and backup key vaults.

-

Export button: Exports the public key certificate in CSR format to an external file for signing
by a certificate authority (CA).

-

Import button: Imports a signed public key certificate.

Encryption Engine Properties table: The properties for the encryption engine. There may be
0 to 4 slots, one for each encryption engine in the switch.

-

Current Status: The status of the encryption engine. Many possible values exist. Common
options are:

Not Available (the engine is not initialized)

Disabled

See also other documents in the category Brocade Computer Accessories: