User Manual v12.3.0 Owner manual

ManualsBrandsBrocade ManualsSoftwareNetwork Advisor SAN + IP

1211

Brocade Network Advisor SAN + IP User Manual 1147

53-1003155-01

Viewing and editing switch encryption properties

• Primary Key Vault Link Key Status/Backup Key Vault Link Key Status: Status options are:

- Not Used: The key vault type is not LKM/SSKM.

- No Link Keys, ready to establish: No access request has been sent to an LKM/SSKM,

or a previous request was not accepted.

- Link key requested, waiting for LKM approval: A request has been sent to LKM/SSKM

and is waiting for the LKM/SSKM administrator’s approval.

- Created, not validated: An interim state until first used Link Key valid, online:

(LKM/SSKM only) a shared link key exists and has been successfully used.

• Primary Key Vault Connection Status/Backup Key Vault Connection Status: Whether the

primary key vault link is connected. Options are:

- Unknown/Busy

- Key Vault Not Configured

- No Response

- Failed authentication

- Connected

• Key Vault User Name button: (TEKA only.) Launches a dialog box to identify key vault user

information. A user name is automatically generated on the switch side for use in defining

a TEKA client for the switch.

• Public Key Certificate Request text box: The switch’s KAC certificate signing request, which

must be signed by a certificate authority (CA). The signed certificate must then be

imported onto the switch and onto the primary and backup key vaults.

• Export button: Exports the public key certificate in CSR format to an external file for signing

by a certificate authority (CA).

• Import button: Imports a signed public key certificate.

• Encryption Engine Properties table: The properties for the encryption engine. There may

be 0 to 4 slots, one for each encryption engine in the switch.

• Current Status: The status of the encryption engine. Many possible values exist. Common

options are:

- Not Available (the engine is not initialized)

- Disabled

- Operational

- need master/link key

- Online

• Set State To: Identifies if the state is enabled or disabled. You can click the line item in the

table to change the value, then click OK to apply the change.

• Total Targets: The number of encrypted target devices.

• HA Cluster Peer: The name and location of the high-availability (HA) cluster peer (another

encryption engine in the same group), if in an HA configuration. If no peer is configured, No

Peer is displayed.

• HA Cluster Name: The name of the HA cluster (for example, Cluster1), if in an HA

configuration. HA Cluster names can have up to 31 characters. Letters, digits, and

underscores are allowed.

• Media Type: The media type of the encryption engine. Options are Disk and Tape, or

Disk/Tape when both are present.