Manualshelf

Fabric OS Encryption Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP ISL Trunking Kit
31323334353637383940
20 Fabric OS Encryption Administrator’s Guide
53-1002159-03
Smart card usage
2
Using authentication cards
When a quorum of authentication cards is registered for use, an Authenticate dialog box is
displayed to grant access to the following:
The Encryption Group Properties dialog box Link Keys tab (for NetApp LKM only).
The Encryption Group Properties dialog box Security tab, which provides access to the
following:
- Master Key Actions, which includes Backup Master Key, Restore Master Key, and Create
Master Key.
- System Cards radio buttons used to specify whether a system card is Required or
Not Required.
- Authentication Card Quorum Size selector.
- Register from Card Reader, Register From Archive, and Deregister buttons.
The Master Key Backup dialog box.
The Master Key Restore dialog box.
To authenticate using a quorum of authentication cards, complete the following steps:
1. When the Authenticate dialog box is displayed, gather the number of cards needed, per
instructions in the dialog box. The currently registered cards and the assigned owners are
listed in the table near the bottom of the dialog box.
2. Insert a card, then wait for the ID to appear in the Card ID field.
3. Enter the assigned password.
4. Click Authenticate.
5. Wait for the confirmation dialog box, then click OK.
6. Repeat step 2 through step 5 for each card until at least the quorum plus one is reached.
7. Cl ic k OK.
Enabling or disabling the system card requirement
To use a system card to control activation of an encryption engine on a switch, you must enable the
system card requirement. You can use the following procedure to enable or disable the system card
requirement.
1. Select an encryption group from the Encryption Center Devices table, then select Group >
Security from the menu task bar, or right-click a group and select Security.
The Encryption Group Properties dialog box displays, with the Security tab selected.
2. Do one of the following:
Set System Cards to Required to require the use of a system card for controlling activation
of the encryption engine. Click OK after reading the message in the encryption message
dialog box.
Set System Cards to Not Required to permit activation of the encryption engine without the
need to read a system card first.