beautypg.com

Brocade Network Advisor SAN + IP User Manual v12.1.0 User Manual

Page 25

background image

Brocade Network Advisor SAN + IP User Manual

xxv

53-1002949-01

Tracking smart cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .861
Editing smart cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .864

Network connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .865

Blade processor links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .865

Configuring blade processor links . . . . . . . . . . . . . . . . . . . . . .866

Encryption node initialization and certificate generation. . . . . . . .866

Setting encryption node initialization . . . . . . . . . . . . . . . . . . .867

Key Management Interoperability Protocol . . . . . . . . . . . . . . . . . . .867

Configuration parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .868
Key vault type and vendor . . . . . . . . . . . . . . . . . . . . . . . . . . . . .869

Supported encryption key manager appliances . . . . . . . . . . . . . . .870

Steps for connecting to a DPM appliance . . . . . . . . . . . . . . . . . . . . 871

Exporting the KAC certificate signing request (CSR) . . . . . . . . 871
Submitting the CSR to a certificate authority . . . . . . . . . . . . .872
KAC certificate registration expiry. . . . . . . . . . . . . . . . . . . . . . .872
Importing the signed KAC certificate . . . . . . . . . . . . . . . . . . . .873
Uploading the CA certificate onto the
DPM appliance (and first-time configurations) . . . . . . . . . . . .873
Uploading the KAC certificate onto the
DPM appliance (manual identity enrollment) . . . . . . . . . . . . .875
DPM key vault high availability deployment . . . . . . . . . . . . . . .875
Loading the CA certificate onto the encryption
group leader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .875

Steps for connecting to an LKM/SSKM appliance . . . . . . . . . . . . . 876

Launching the NetApp DataFort Management Console . . . . .877
Establishing the trusted link . . . . . . . . . . . . . . . . . . . . . . . . . . .877
Obtaining and importing the LKM/SSKM certificate. . . . . . . .878
Exporting and registering the switch KAC certificates
on LKM/SSKM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .879
LKM/SSKM key vault high availability deployment . . . . . . . . .879
Data Encryption Keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .880

Steps for connecting to an ESKM/SKM appliance . . . . . . . . . . . . .881

Configuring a Brocade group on ESKM/SKM . . . . . . . . . . . . .882
Registering the ESKM/SKM Brocade group user name
and password. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .883
Setting up the local Certificate Authority (CA)
on ESKM/SKM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .884
Downloading the local CA certificate from ESKM/SKM . . . . .885
Creating and installing the ESKM/SKM server certificate . . .885
Enabling SSL on the Key Management
System (KMS) Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .887
Creating an ESKM/SKM High Availability cluster . . . . . . . . . .887
Copying the local CA certificate for a clustered
ESKM/SKM appliance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .888
Adding ESKM/SKM appliances to the cluster . . . . . . . . . . . . .888
Signing the encryption node KAC certificates . . . . . . . . . . . . .889
Importing a signed KAC certificate into a switch . . . . . . . . . . .890
ESKM/SKM key vault high availability deployment . . . . . . . . .890
Data Encryption Keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .891

See also other documents in the category Brocade Software: