beautypg.com

Members tab – Brocade Fabric OS Encryption Administrator’s Guide Supporting Key Management Interoperability Protocol (KMIP) Key-Compliant Environments (Supporting Fabric OS v7.1.0) User Manual

Page 148

background image

130

Fabric OS Encryption Administrator’s Guide (KMIP)

53-1002747-02

Viewing and editing encryption group properties

2

Not responding

Failed authentication

High Availability Mode: Options are:

Opaque: Both the primary and secondary key vaults are registered on the Brocade
Encryption Switch. The client archives the key to a single (primary) key vault. For disk
operations, an additional key hardening check is done on the secondary key vault
before the key is used for encryption.

Transparent: A single key vault should be registered on the Brocade Encryption Switch.
The client assumes the entire HA is implemented on the key vault. Key archival and
retrieval is done to the KMIP without any additional key hardening checks.

No HA: Both the primary and secondary key vaults are registered on the Brocade
Encryption Switch. The client archives keys to both key vaults and ensures that the
archival is successful before the key is used for encryption.

None: High availability is not configured.

User Authentication: The methods used to authenticate a user. Options are:

Username and Password: Activates the Primary and Backup Key Vault User Names
and password fields for completion.

Username: Activates the Primary and Backup Key Vault User Names for completion.

None: Deactivates Primary and Backup Key Vault User Names and password fields.

Certificate Type: Displays the TLS certificate type used between the Brocade Encryption
Switch and the key vault. Options are:

CA Signed: The Brocade Encryption Switch KAC certificate is signed by a CA, imported
back on the Brocade Encryption Switch and registered as a KAC certificate. The CA will
be registered as a key vault certificate on the Brocade Encryption Switch.

Self Signed: The self-signed certificates are exchanged and registered on both ends.
The key vault certificate is registered on the Brocade Encryption Switch and the
Brocade Encryption Switch KAC certificate is registered on the key vault.

Vendor Name: Displays the supported key vendor server. The vendor name will display the
connected key vault through KMIP.

Primary Key Vault Certificate table: Displays the details of the primary vault certificate; for
example, version and signature information. The Load from File button allows you to locate
and load a primary key vault certificate from a different location.

Backup Key Vault Certificate table: Displays the details of the backup vault certificate; for
example, version and signature information. The Load from File button allows you to locate
and load a backup key vault certificate from a different location.

Members tab

The Members tab lists group switches, their role, and their connection status with the Group
Leader. The table columns are not editable. The tab displays the configured membership for the
group and includes the following:

Node WWN: The member switch’s world wide name.

IP Address: The switch’s IP address or host name.

Node Name: The switch’s node name, if known. If unknown, this field is blank.

See also other documents in the category Brocade Computer Accessories: