Brocade Network Advisor SAN User Manual v11.1x (53-1002167-01, May 2011)
Brocade Network Advisor SAN User Manual 563
53-1002167-01
Viewing and editing switch encryption properties
18
• Backup Key Vault Connection Status - whether the backup key vault link is connected. Possible
values are Unknown, Key Vault Not Configured, No Response, Failed authentication, and
Connected.
• Key Vault User Name – (TEMS only) launches dialog box to identify key vault user information.
• Public Key Certificate Request text box - the switch’s KAC certificate, which must be installed
on the primary and backup key vaults.
• Export button – launches dialog box for saving Certificate Signing Request file.
• Import button – launches dialog box for identifying Signed Certificate file name.
• Encryption Engine Properties table - the properties for the encryption engine. There may be
0 to 4 slots, one for each encryption engine in the switch.
• Current Status - the status of the encryption engine. There are many possible values, but
common values are Not Available (the engine is not initialized), Disabled, Operational, need
master/link key, and Online.
• Set State To - enter a new value, enabled or disabled, and click OK to apply the change.
• Total Targets - the number of encrypted target devices.
• HA Cluster Peer - the name and location of the high-availability (HA) cluster peer (another
encryption engine in the same group), if in an HA configuration.
• HA Cluster Name - the name of the HA cluster (for example, Cluster1), if in an HA configuration.
HA Cluster names can have up to 31 characters. Letters, digits, and underscores are allowed.
• Media Type - the media type of the encryption engine. Possible values are Disk and Tape.
• Re-Balance Recommended - A value of Yes or No indicating whether or not LUN re-balancing is
recommended for an encryption engine that is hosting both disk and tape LUNs.
• System Card Status - the current status of system card information for the encryption engine.
(enabled or disabled).
Exporting the public key certificate signing request (CSR) from
Properties
To export the CSR under Public Key Certificate Request, complete the following steps.
1. Click Export.
A Save dialog box displays.
2. Browse to the location where you want to save the certificate.
3. Click Save.
Alternatively, you may also copy the CSR and paste it to a file.
4. Submit the CSR to a certificate authority (CA) for signing. CA signing requirements and
procedures differ per key manager appliance. Refer to “Supported encryption key manager
appliances” on page 442 and review the following sections to find the procedure that applies.