Manualshelf

Fabric OS Encryption Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP ISL Trunking Kit
12345678910
Fabric OS Encryption Administrator’s Guide vii
53-1002159-03
Creating high availability (HA) clusters . . . . . . . . . . . . . . . . . . . . . . . 54
Removing engines from an HA cluster . . . . . . . . . . . . . . . . . . . .55
Swapping engines in an HA cluster . . . . . . . . . . . . . . . . . . . . . . 55
Failback option. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56
Invoking failback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Adding encryption targets. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Configuring hosts for encryption targets . . . . . . . . . . . . . . . . . . . . . . 64
Adding target disk LUNs for encryption . . . . . . . . . . . . . . . . . . . . . . .65
Configuring Storage Arrays . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68
Adding target tape LUNs for encryption. . . . . . . . . . . . . . . . . . . . . . .68
Tape LUN write early and read ahead . . . . . . . . . . . . . . . . . . . . . . . . 71
Enabling and disabling tape LUN write early and read
ahead . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Tape LUN statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73
Viewing and clearing tape container statistics . . . . . . . . . . . . .73
Viewing and clearing tape LUN statistics for a container . . . . . 74
Viewing and clearing statistics for specific tape LUNs . . . . . . .75
Re-balancing the encryption engine . . . . . . . . . . . . . . . . . . . . . . . . . 77
Master keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
Active master key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
Alternate master key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
Master key actions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79
Reasons master keys can be disabled. . . . . . . . . . . . . . . . . . . .79
Saving the master key to a file . . . . . . . . . . . . . . . . . . . . . . . . . .79
Saving a master key to a key vault . . . . . . . . . . . . . . . . . . . . . . . 81
Saving a master key to a smart card set . . . . . . . . . . . . . . . . . .82
Restoring a master key from a file . . . . . . . . . . . . . . . . . . . . . . .84
Restoring a master key from a key vault . . . . . . . . . . . . . . . . . .85
Restoring a master key from a smart card set. . . . . . . . . . . . . .86
Creating a new master key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
Viewing master key IDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88
Zeroizing an encryption engine . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88
Using the Encryption Targets dialog box . . . . . . . . . . . . . . . . . . . . . .90
Redirection zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Re-keying all disk LUNs manually. . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Viewing the progress of manual re-key operations . . . . . . . . . .93
Viewing time left for auto re-key. . . . . . . . . . . . . . . . . . . . . . . . . . . . .94
Viewing and editing switch encryption properties . . . . . . . . . . . . . .95
Exporting the public key certificate signing request (CSR)
from Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
Importing a signed public key certificate from Properties . . . . 97
Enabling and disabling the encryption engine state from
Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97