beautypg.com

Brocade Fabric OS Encryption Administrator’s Guide Supporting HP Secure Key Manager (SKM) and HP Enterprise Secure Key Manager (ESKM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 11

background image

Fabric OS Encryption Administrator’s Guide (SKM/ESKM)

ix

53-1002923-01

Multiple paths, one DEK cluster, and two HA clusters . . . . . . . . . .208

Multiple paths, DEK cluster, no HA cluster . . . . . . . . . . . . . . . . . . .209

Deployment in Fibre Channel routed fabrics. . . . . . . . . . . . . . . . . .211

Deployment as part of an edge fabric . . . . . . . . . . . . . . . . . . . . . . .213

Deployment with FCIP extension switches . . . . . . . . . . . . . . . . . . .215

VMware ESX server deployments. . . . . . . . . . . . . . . . . . . . . . . . . . .216

Chapter 5

Best Practices and Special Topics

Firmware upgrade and downgrade considerations . . . . . . . . . . . .222

General guidelines. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .223
Specific guidelines for HA clusters . . . . . . . . . . . . . . . . . . . . . .224

Configuration upload and download considerations . . . . . . . . . . .225

Configuration upload at an encryption group
leader node . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .225
Configuration upload at an encryption group
member node. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .225
Information not included in an upload . . . . . . . . . . . . . . . . . . .225
Steps before configuration download. . . . . . . . . . . . . . . . . . . .226
Configuration download at the encryption group leader. . . . .226
Configuration download at an encryption group member . . .226
Steps after configuration download . . . . . . . . . . . . . . . . . . . . .226

HP-UX considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .227

AIX Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228

Enabling a disabled LUN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228

Disk metadata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228

Tape metadata . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228

Tape data compression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229

Tape pools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229

Tape block zero handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .230

Tape key expiry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .230

Configuring CryptoTarget containers and LUNs . . . . . . . . . . . . . . .230

Redirection zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .231

Deployment with Admin Domains (AD) . . . . . . . . . . . . . . . . . . . . . .231

Do not use DHCP for IP interfaces . . . . . . . . . . . . . . . . . . . . . . . . . .231

Ensure uniform licensing in HA clusters . . . . . . . . . . . . . . . . . . . . .232

Tape library media changer considerations . . . . . . . . . . . . . . . . . .232

Turn off host-based encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . .232

Avoid double encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .232

PID failover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .232

Turn off compression on extension switches . . . . . . . . . . . . . . . . .233

See also other documents in the category Brocade Computer Accessories: