beautypg.com

Brocade Fabric OS Encryption Administrator’s Guide Supporting HP Secure Key Manager (SKM) and HP Enterprise Secure Key Manager (ESKM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 13

background image

Fabric OS Encryption Administrator’s Guide (SKM/ESKM)

xi

53-1002923-01

Encryption group database manual operations . . . . . . . . . . . . . . .259

Manually synchronizing the encryption group database. . . . .259
Manually synchronizing the security database . . . . . . . . . . . .259
Aborting a pending database transaction . . . . . . . . . . . . . . . .260

Key vault diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .260

Measuring encryption performance . . . . . . . . . . . . . . . . . . . . . . . .261

General encryption troubleshooting . . . . . . . . . . . . . . . . . . . . . . . .265

Troubleshooting examples using the CLI . . . . . . . . . . . . . . . . . . . . .268

Encryption Enabled CryptoTarget LUN . . . . . . . . . . . . . . . . . . .268
Encryption Disabled CryptoTarget LUN. . . . . . . . . . . . . . . . . . .269

Management application encryption wizard troubleshooting . . . .270

Errors related to adding a switch to an existing group . . . . . .270
Errors related to adding a switch to a new group . . . . . . . . . . 271
General errors related to the Configure Switch
Encryption wizard. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .272

LUN policy troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273

Loss of encryption group leader after power outage . . . . . . . . . . . 274

MPIO and internal LUN states . . . . . . . . . . . . . . . . . . . . . . . . . . . . .275

Suspension and resumption of rekeying operations. . . . . . . .275

FS8-18 blade removal and replacement. . . . . . . . . . . . . . . . . . . . . 276

Multi-node EG replacement . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
Single-node EG replacement. . . . . . . . . . . . . . . . . . . . . . . . . . .278

Brocade Encryption Switch removal and replacement. . . . . . . . . .279

Multi-node EG Case . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .279
Single-node EG Replacement . . . . . . . . . . . . . . . . . . . . . . . . . .282

Reclaiming the WWN base of a failed Brocade
Encryption Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .284

Removing stale rekey information for a LUN. . . . . . . . . . . . . . . . . .285

Downgrading firmware from Fabric OS 7.2.0 . . . . . . . . . . . . . . . . .285

Fabric OS and ESKM compatibility matrix . . . . . . . . . . . . . . . . . . . .286

Splitting an encryption group into two encryption groups . . . . . . .287

Moving an encryption blade from one EG to another
in the same fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288

Moving an encryption switch from one EG to another
in the same fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .289

Appendix A

State and Status Information

In this appendix. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291

Encryption engine security processor (SP) states. . . . . . . . . . . . . .291

Security processor KEK status. . . . . . . . . . . . . . . . . . . . . . . . . . . . .292

Encrypted LUN states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .292

Index

See also other documents in the category Brocade Computer Accessories: