Single fabric deployment - dek cluster, Figure 93 – Brocade Fabric OS Encryption Administrator’s Guide Supporting HP Secure Key Manager (SKM) and HP Enterprise Secure Key Manager (ESKM) Environments (Supporting Fabric OS v7.2.0) User Manual

206

Fabric OS Encryption Administrator’s Guide (SKM/ESKM)

53-1002923-01

Single fabric deployment - DEK cluster

4

In

Figure 92

, the two encryption switches provide a redundant encryption path to the target

devices. The encryption switches are interconnected through a dedicated cluster LAN. The Ge1 and
Ge0 gigabit Ethernet ports on each of these switches are attached to this LAN. This LAN connection
provides the communication needed to distribute and synchronize configuration information, and
enable the two switches to act as a high availability (HA) cluster, providing automatic failover if one
of the switches fails, or is taken out of service.

Single fabric deployment - DEK cluster

Figure 93

shows an encryption deployment in a single fabric with two paths between a host and a

target.device.

.

FIGURE 93

Single fabric deployment - DEK cluster

Target

Cluster Link

Cluster Link

Management Link

Management Link

Dedicated Cluster

Network

LAN

Key Management

Appliance

or Key Vault

Management

Station

(DCFM)

Host

Host Port 1

Target

Port 1

Target

Port 2

Host Port 2

Fabric

Management

Network

LAN

Virtual

Initiator

Virtual

Target

Virtual

Target

Virtual

Initiator

Encryption

Switch

Encryption

Switch

Encryption Gro

up

DEK Cluster

Ciphertext

Cleartext