Single fabric deployment - dek cluster, Figure 88 – Brocade Fabric OS Encryption Administrator’s Guide Supporting NetApp Lifetime Key Manager (LKM) and KeySecure Storage Secure Key Manager (SSKM) Environments (Supporting Fabric OS v7.2.0) User Manual

178

Fabric OS Encryption Administrator’s Guide (LKM/SSKM)

53-1002925-01

Single fabric deployment - DEK cluster

4

In

Figure 87

, the two encryption switches provide a redundant encryption path to the target

devices. The encryption switches are interconnected through a dedicated cluster LAN. The Ge1 and
Ge0 gigabit Ethernet ports on each of these switches are attached to this LAN. This LAN connection
provides the communication needed to distribute and synchronize configuration information, and
enable the two switches to act as a high availability (HA) cluster, providing automatic failover if one
of the switches fails, or is taken out of service.

Single fabric deployment - DEK cluster

Figure 88

shows an encryption deployment in a single fabric with two paths between a host and a

target.device.

.

FIGURE 88

Single fabric deployment - DEK cluster

Target

Cluster Link

Cluster Link

Management Link

Management Link

Dedicated Cluster

Network

LAN

Key Management

Appliance

or Key Vault

Management

Station

(DCFM)

Host

Host Port 1

Target

Port 1

Target

Port 2

Host Port 2

Fabric

Management

Network

LAN

Virtual

Initiator

Virtual

Target

Virtual

Target

Virtual

Initiator

Encryption

Switch

Encryption

Switch

Encryption Gro

up

DEK Cluster

Ciphertext

Cleartext