Administrator Guide

ManualsBrandsDell ManualsCompellent (SCStorage SC7020

261

262

263

264

265

266

267

268

269

270

When replicating from a Secure Data volume to a non-Secure Data folder, that volume is no longer secure after it leaves the Secure Data

folder. When replicating a non-Secure Data volume to a Secure Data folder, that volume is not secure until it replicates to the Secure Data

folder and Data Progression runs.

Configure Key Server

Before managing SEDs in a Secure Data folder, configure communication between Storage Center and the key management server.

Prerequisites

The Storage Center must have the Self-Encrypting Drives license.

Steps

1. If the Storage Manager Client is connected to a Data Collector, select a Storage Center from the Storage view.

2. In the Summary tab, click Edit Settings.

The Edit Storage Center Settings dialog box opens.

3. Click the Secure Data tab.

4. In the Hostname field, type the host name or IP address of the key management server.

5. In the Port field, type the number of a port with open communication with the key management server.

6. In the Timeout field, type the amount of time in seconds after which Storage Center should stop attempting to reconnect to the key

management server after a failure.

7. To add alternate key management servers, type the host name or IP address of another key management server in the Alternate

Hostnames area. Then click Add.

NOTE:

Alternate hostnames should be added to the configuration after all drives in the system have initially been

managed and fully secured. To ensure optimized access times during initial Key creation, alternate hostnames should

be added only after the drives in the Storage Center have been initially managed and fully secured.

8. If the key management server requires a user name to validate the Storage Center certificate, type the name in the Username field.

9. If the key management server requires a password to validate the Storage Center certificate, type the password in the Password

field.

10. Configure the key management server certificates.

a) Click Configure Key Management Server Certificates.

The Configure Key Management Server Certificates dialog box opens.

b) Click Browse next to the Root CA Certificate. Navigate to the location of the root CA certificate on your computer and select it.

c) Click Browse next to the certificate fields for the controllers Navigate to the location of the controller certificates on your

computer and select them.

d) Click OK.

11. Click OK.

Results

After you configure the key server, the Server Connectivity status is shown as Up on the Edit Storage Center Settings dialog box.

Configure Rekey Interval for Disk Folder

Specify a rekey interval for a Secure Disk folder. When that interval has been reached, a rekey is triggered on each disk in the folder.

Steps

1. If the Storage Manager Client is connected to a Data Collector, select a Storage Center from the Storage view.

2. Click the Storage tab.

3. Click the Disks node.

The Disks view is displayed.

4. Right-click the name of a Secure Disk folder and select Edit Settings.

The Edit Disk Folder Settings dialog box opens.

5. If the Rekey option is not enabled, select the checkbox to enable it.

6. Type a value in the Rekey interval field to specify the amount of time after which a rekey will be triggered on each disk in the folder.

Storage Center Maintenance

267