Manualshelf

Fabric OS Encryption Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP ISL Trunking Kit
41424344454647484950
Fabric OS Encryption Administrator’s Guide 21
53-1002159-03
Smart card usage
2
Registering system cards from a card reader
System cards are smart cards that can be used to control activation of encryption engines.
Encryption switches and blades have a card reader that enables the use of a system card. System
cards discourage theft of encryption switches or blades by requiring the use of a system card at the
switch or blade to enable the encryption engine. When the switch or blade is powered off, the
encryption engine will not work without first inserting a system card into its card reader. If someone
removes a switch or blade with the intent of accessing the encryption engine, it will function as an
ordinary FC switch or blade when it is powered up, but use of the encryption engine is denied.
To register a system card from a card reader, a smart card must physically available. System cards
can be registered during encryption group creation or member configuration when running the
configuration wizard, or they can be registered using the following procedure.
1. Select Configure > Encryption from the menu task bar.
The Encryption Center dialog box displays.
2. Select a switch from the Encryption Center Devices table, then select Switch > System Cards
from the menu task bar, or right-click a switch and select System Cards.
The System Cards dialog box displays.
FIGURE 10 System Cards dialog box
3. Insert a smart card into the card reader. Wait for the card serial number to appear, then enter
card assignment information as directed.
4. Click OK.
5. Wait for the confirmation dialog box indicating initialization is done, then click OK.
The card is added to the Registered System Cards table.
6. Store the card in a secure location, not in proximity to the switch or blade.
Deregistering a system card
System cards can be removed from the database by deregistering them. Use the following
procedure to deregister a system card:
1. Select Configure > Encryption from the menu task bar.
The Encryption Center dialog box displays.