Reference Guide

ManualsBrandsDell ManualsAccess PlatformsBrocade G620

411

412

413

414

415

416

417

418

419

420

Enabling in-flight encryption

Enable in-flight encryption to provide security for frames while they are in flight between two switches. Frames are encrypted at the

egress point of an ISL and then decrypted at the ingress point.

Enabling encryption is an offline event. Ports must be disabled first, and then re-enabled after.

Before performing this procedure, it is recommended that you check for port availability. Enabling encryption fails if you try to exceed the

number of allowable ports available for encryption or compression on the ASIC. Refer to Viewing the encryption and compression

configuration on page 409 for details.

You must also authenticate the port as described in Configuring and enabling authentication for in-flight encryption on page 409.

1. Connect to the switch and log in using an account with secure admin permissions, or an account with OM permissions for the

EncryptionConfiguration RBAC class of commands.

2. Enter the portDisable command to disable the port on which you want to configure encryption.

3. Enter the portCfgEncrypt --enable command.

The following example enables encryption on port 15 of an FC16-32 blade in slot 9 of an enterprise class platform:

switch:admin> portcfgencrypt --enable 9/15

4. Enter the portEnable command to enable the port.

After manually enabling the port, the new configuration becomes active.

The following example enables in-flight encryption on port 0.

switch:admin> portdisable 0

switch:admin> portcfgencrypt --enable 0

switch:admin> portenable 0

You can verify the configuration using the portCfgShow command.

switch:admin> portcfgshow 0

Area Number: 0

Octet Speed Combo: 3(16G,10G)

(output truncated)

D-Port mode: OFF

D-Port over DWDM ..

Compression: OFF

Encryption: ON

Enabling in-flight compression

Enable in-flight compression to provide better bandwidth use on the ISLs, especially over long distance. Frames are compressed at the

egress point of an ISL and then decompressed at the ingress point.

Enabling compression is an offline event. Ports must be disabled first, and then re-enabled after.

Before performing this procedure, it is recommended that you check for port availability. Enabling compression fails if you try to exceed

the number of allowable ports available for encryption or compression on the ASIC. Refer to Viewing the encryption and compression

configuration on page 409 for details.

In-flight Encryption and Compression

Brocade Fabric OS Administration Guide, 8.0.1

412 53-1004111-02