Brocade Network Advisor SAN User Manual v11.1x (53-1002167-01, May 2011)
548 Brocade Network Advisor SAN User Manual
53-1002167-01
Master keys
18
6. Insert the recovery card containing a share of the master key that was backed up earlier, and
wait for the card serial number to appear.
7. Enter the password that was used to create the card. After five unsuccessful attempts to enter
the correct password, the card becomes locked and unusable.
8. Click Restore.
The dialog box prompts you to insert the next card, if needed.
9. Repeat step 6 through step 8 until all cards in the set have been read.
10. Click OK.
Creating a new master key
Although it is generally not necessary to create a new master key, you might be required to create
one due to the following:
• The previous master key has been compromised.
• Corporate policy might require a new master key every year for security purposes.
When you create a new master key, the former active master key automatically becomes the
alternate master key.
The new master key cannot be used (no new data encryption keys can be created, so no new
encrypted LUNs can be configured), until you back up the new master key. After you have backed
up the new master key, it is strongly recommended that all encrypted disk LUNs be re-keyed.
Re-keying causes a new data encryption key to be created and encrypted using the new active
master key, thereby removing any dependency on the old master key.
1. Select Configure > Encryption from the menu task bar.
The Encryption Center dialog box displays (Figure 153).
2. Select a group from the Encryption Center Devices table, then select Group > Security from the
menu task bar, or right-click a group and select Security.
The Encryption Group Properties dialog box displays with the Security tab selected.
3. Select Create a New Master Key from the list.
The Confirm Master Key Creation dialog box displays (Figure 256).
FIGURE 256 Confirm master key creation dialog box
4. Read the information, then click Yes to proceed.