User Manual v12.3.0 Owner manual
994 Brocade Network Advisor SAN + IP User Manual
53-1003155-01
Supported encryption key manager appliances
25
Authentication Quorum Size: 0
Authentication Cards not configured
NODE LIST
Total Number of defined nodes: 2
Group Leader Node Name: 10:00:00:05:1e:53:ae:4c
Encryption Group state: CLUSTER_STATE_CONVERGED
Crypto Device Config state: In Sync
Encryption Group Config state: In Sync
Node Name IP address Role
10:00:00:05:1e:b6:68:80 10.37.36.128 MemberNode
EE Slot: 1
SP state: Online
10:00:00:05:1e:53:ae:4c 10.37.39.111 GroupLeader (current node)
EE Slot: 0
SP state:
Supported encryption key manager appliances
As stated under “Network connections” on page 988, a supported key management appliance
must be connected on the same LAN as the management port of the encryption switches, or of the
Backbone Chassis Control Processors (CPs) in the case of the encryption blade.
Secure communication between encryption nodes in an encryption group, and between encryption
nodes and key manager appliances requires an exchange of certificates that are used for mutual
authentication. Each supported key manager appliance has unique requirements for setting up a
secure connection and exchanging certificates.
The following key manager appliances are supported:
• RSA Data Protection Manager (DPM). Refer to “Steps for connecting to a DPM appliance” on
page 995.
• NetApp Lifetime Key Manager (LKM) and SafeNet KeySecure for key management (SSKM).
Refer to “Steps for connecting to an LKM/SSKM appliance” on page 1000.
• HP Secure Key Manager (SKM) and Enterprise Secure Key Manager (ESKM). Refer to “Steps
for connecting to an ESKM/SKM appliance” on page 1005.
• Thales e-Security keyAuthority (TEKA). Refer to “Steps for connecting to a TEKA appliance” on
page 1016.
• Tivoli Key Lifecycle Manager (TKLM). Refer to “Steps for connecting to a TKLM appliance” on
page 1021.
• Key Management Interoperability Protocol (KMIP). Refer to “Steps for connecting to a
KMIP-compliant SafeNet KeySecure” on page 1025.