beautypg.com

Encryption user privileges – Brocade Fabric OS Encryption Administrator’s Guide Supporting NetApp Lifetime Key Manager (LKM) and KeySecure Storage Secure Key Manager (SSKM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 33

background image

Fabric OS Encryption Administrator’s Guide (LKM/SSKM)

15

53-1002925-01

Encryption user privileges

2

Encryption user privileges

In Brocade Network Advisor, resource groups are assigned privileges, roles, and fabrics. Privileges
are not directly assigned to users; users get privileges because they belong to a role in a resource
group. A user can only belong to one resource group at a time.

Brocade Network Advisor provides three pre-configured roles:

Storage encryption configuration

Storage encryption key operations

Storage encryption security

Table 1

lists the associated roles and their read/write access to specific operations. The functions

are enabled from the Encryption Center dialog box:

TABLE 1

Encryption privileges

Privilege

Read/Write

Storage Encryption
Configuration

Launch the Encryption center dialog box.

View switch, group, or engine properties.

View the Encryption Group Properties Security tab.

View encryption targets, hosts, and LUNs.

View LUN centric view

View all rekey sessions

Add/remove paths and edit LUN configuration on LUN centric view

Rebalance encryption engines.

Clear tape LUN statistics

Create a new encryption group or add a switch to an existing encryption group.

Edit group engine properties (except for the Security tab)

Add targets.

Select encryption targets and LUNs to be encrypted or edit LUN encryption settings.

Edit encryption target hosts configuration.

Show tape LUN statistics.

Storage Encryption Key
Operations

Launch the Encryption center dialog box.

View switch, group, or engine properties,

View the Encryption Group Properties Security tab.

View encryption targets, hosts, and LUNs.

View LUN centric view.

View all rekey sessions.

Initiate manual rekeying of all disk LUNs.

Initiate refresh DEK.

Enable and disable an encryption engine.

Decommission LUNs.

Zeroize an encryption engine.

Restore a master key.

Edit key vault credentials.

Show tape LUN statistics.

See also other documents in the category Brocade Computer Accessories: