Administrator Guide
Table Of Contents
- About This Guide
- Unisphere and Unisphere Central 2020 R1 Administrator's Guide
- Contents
- Unisphere Overview
- Getting Started
- Storage Center Overview
- Storage Center Hardware Components
- How Storage Virtualization Works
- User Interface for Storage Center Management
- Storage Center Deployment
- Initialize a Storage Center
- Unisphere Discovery Utility
- Storage Center Administration
- Adding and Organizing Storage Centers
- Managing Volumes
- Attributes That Determine Volume Behavior
- Creating Volumes
- Modifying Volumes
- Rename a Volume
- Move a Volume to a Different Volume Folder
- Move Multiple Volumes to a Different Volume Folder
- Expand a Volume
- Enable or Disable Read/Write Caching for a Volume
- Assign Snapshot Profiles to a Volume
- Assign Snapshot Profiles to Multiple Volumes
- Assign a Different Storage Profile to a Volume
- Assign a Different Storage Profile to Multiple Volumes
- Force Writes to the Lowest Storage Tier for a Volume
- Configure a Space Consumption Limit for a Volume
- Configure an OpenVMS Unique Disk ID for a Volume
- Configure Related View Volume Maximums for a Volume
- Copying Volumes
- Creating and Managing Volume Folders
- Creating and Managing Volume Snapshots
- Mapping Volumes to Servers
- Map a Volume to a Server
- Map Multiple Volumes to a Server
- Unmap a Volume from a Server
- Promote a Volume Mapping from a Server to a Server Cluster
- Demote a Mapping from a Server Cluster to an Individual Server
- Deploy a Bootable Volume Image to a New Server
- Change the LUN Used by a Volume/Server Mapping
- Limit the Number of Paths That Can Be Used for a Volume/Server Mapping
- Change a Volume/Server Mapping to Read-Only
- Deleting Volumes and Volume Folders
- Migrating Volumes
- Reset a Controller to Factory Default
- Run the Space Reclamation Wizard
- Managing Virtual Volumes With Unisphere Central
- Managing Storage Containers
- Managing Data Reduction
- Managing Snapshot Profiles
- Managing Storage Profiles
- Managing QoS Profiles
- Importing Volumes from an External Storage Array
- Storage Center Server Administration
- Managing Servers on a Storage Center
- Creating Servers
- Modifying Servers
- Rename a Server
- Move a Server to a Different Server Folder
- Change the Operating System of a Server
- Apply One or More Snapshot Profiles to a Server
- Add a Server to a Server Cluster
- Remove a Server from a Server Cluster
- Convert a Physical Server to a Virtual Server
- Convert a Virtual Server to a Physical Server
- Add One or More HBAs to a Server
- Remove One or More HBAs from a Server
- Mapping Volumes to Servers
- Creating and Managing Server Folders
- Deleting Servers and Server Folders
- Managing Registered Servers
- Server Types That Can Be Centrally Managed
- Storage Manager Server Agent for Windows Servers
- Registering Servers with Unisphere Central
- Organizing and Removing Registered Servers
- Updating Server Information
- Managing Server Data Collection and Reporting Settings
- Creating Server Volumes and Datastores
- Assigning/Creating Virtual Servers on Storage Centers
- Manually Mapping a Windows Server to a Storage Center Server
- Managing Servers on a Storage Center
- Storage Center Maintenance
- Managing Storage Center Settings
- Viewing and Modifying Storage Center Information
- Configuring Storage Center User Preferences
- Set the Default Size for New Volumes
- Set the Default Base Volume Name for New Volumes
- Set Default Cache Settings for New Volumes
- Set Default Data Reduction Settings for New Volumes
- Set the Default Snapshot Options for New Volumes
- Allow or Disallow Advanced Volume Mapping Settings
- Set the Default Operating System for New Servers
- Set the Default Storage Profile for New Volumes
- Set the Default Storage Type for New Volumes
- Set Default Volume QoS Profile
- Allow QoS Profile Selection
- Configuring Storage Center Data Settings
- Set Up Automated Reports for an Individual Storage Center
- Set the Date and Time for a Storage Center
- Configure Storage Center SMTP Server Settings
- Configure SNMP Settings for a Storage Center
- Configuring Filters to Restrict Administrative Access
- Configuring Storage Center Secure Console Settings
- Configuring a Storage Center to Inherit Settings
- Managing Storage Center Users and Groups
- User Privilege Levels
- User Groups
- User Account Management and Authentication
- Managing Local Storage Center Users
- Create a Local Storage Center User
- Configure the Default User Preferences for New Storage Center Users
- Increase the Privilege Level for a Local Storage Center User
- Change the Session Timeout for a Local Storage Center User
- Change the Preferred Language for a Storage Center User
- Enable or Disable Access for a Local Storage Center User
- Modify Local Group Membership for a Local Storage Center User
- Configure Preferences for a Local Storage Center User
- Modify Descriptive Information About a Local Storage Center User
- Change the Password for a Local Storage Center User
- Delete a Local Storage Center User
- Restore a Deleted Local Storage Center User
- Managing Local Storage Center User Groups
- Managing Local Storage Center User Password Requirements
- Enabling Directory Services Authentication
- Managing Directory Service Users
- Grant Access to a Directory User
- Increase the Privilege Level for a Directory Service User
- Change the Session Timeout for a Directory Service User
- Enable or Disable Access for a Directory Service User
- Modify Local Group Membership for a Directory Service User
- Configure Preferences for a Directory Service User
- Modify Descriptive Information About a Directory Service User
- Delete a Directory Service User
- Restore a Deleted Directory Service User
- Managing Directory User Groups
- Managing Front-End I/O Ports
- Managing Back-End I/O Port Hardware
- Grouping Fibre Channel I/O Ports Using Fault Domains
- Grouping iSCSI I/O Ports Using Fault Domains
- iSCSI VLAN Tagging Support
- Creating iSCSI Fault Domains
- Modifying iSCSI Fault Domains
- Rename an iSCSI Fault Domain
- Modify iSCSI Fault Domain Control Port Network Settings
- Add a VLAN ID to a Physical iSCSI Fault Domain
- Modify the MTU for an iSCSI Fault Domain
- Modify the TCP Port for an iSCSI Fault Domain
- Modify the iSCSI Window Size for an iSCSI Fault Domain
- Modify Digest Settings for an iSCSI Fault Domain
- Modify Timeout Settings for an iSCSI Fault Domain
- Add Ports to an iSCSI Fault Domain
- Test Network Connectivity for an iSCSI Port in a Fault Domain
- Remove Ports from an iSCSI Fault Domain
- Delete an iSCSI Fault Domain
- Configuring NAT Port Forwarding for iSCSI Fault Domains
- Configuring CHAP for iSCSI Fault Domains
- Grouping SAS I/O Ports Using Fault Domains
- Managing Disks and Disk Folders
- Managing Secure Data
- Managing Data Redundancy
- Managing Disk Enclosures
- Add an Enclosure
- Remove an Enclosure
- Replace an Enclosure
- Rename a Disk Enclosure
- Set an Asset Tag for a Disk Enclosure
- Delete an Enclosure
- Mute an Enclosure Alarm
- Unmute an Enclosure Alarm
- Clear the Swap Status for an Enclosure Cooling Fan
- Clear the Swap Status for an Enclosure I/O Module
- Clear the Swap Status for an Enclosure Power Supply
- Replace a Failed Power Supply
- Clear the Under Voltage Status for a Power Supply
- Clear the Swap Status for a Temperature Sensor
- Clear the Minimum and Maximum Recorded Values for Temperature Sensor
- Replace a Failed Cooling Fan Sensor
- Enable or Disable the Disk Indicator Light
- Clear the Swap Status for a Disk
- Managing Storage Center Controllers
- Updating Storage Center
- Shutting Down and Restarting a Storage Center
- Managing Field Replaceable Units (FRU)
- Managing Storage Center Settings
- Remote Storage Centers and Replication Bandwidth Controls
- Storage Center Replications and Live Volumes
- Storage Center Replications
- Storage Center Live Volumes
- Live Volume Requirements
- Live Volume Types
- Live Volume Roles
- Automatic Failover for Live Volumes
- Managed Replications for Live Volumes
- Creating Live Volumes
- Modifying Live Volumes
- Swap the Primary Storage Center for a Live Volume
- Cancel the Storage Center Role Swap
- Change the Transfer Type for a Live Volume
- Change the Synchronization Mode for a Synchronous Live Volume
- Add a Managed Replication to a Live Volume
- Include Active Snapshot Data
- Enable or Disable Deduplication for a Live Volume
- Change the Bandwidth Control for a Live Volume
- Configure a Live Volume to Write Data to the Lowest Tier at the Destination
- Allow Replicate Storage to Lowest Tier Selection
- Allow a Live Volume to Automatically Swap Roles
- Revert a Live Volume to a Replication
- Pause a Live Volume
- Resume a Paused Live Volume
- Set Threshold Alert Definitions for a Live Volume
- Delete a Live Volume
- Manually Bring Primary Live Volume Online
- Force Delete a Live Volume
- Modifying Live Volumes with Automatic Failover
- Live Volume ALUA
- Monitoring Live Volumes
- Storage Center DR Preparation and Activation
- How Disaster Recovery Works
- Disaster Recovery Administration Options
- Preparing for Disaster Recovery
- Activating Disaster Recovery
- Restarting Failed Replications
- Restoring Replications and Live Volumes
- Deleting a Restore Point
- Viewing Storage Center Information
- Storage Center Monitoring
- Alerts
- Data Collector Alerts
- Logs
- Thresholds
- I/O Charts
- View Performance Data for a System
- View Performance Data for Volumes
- View Performance Data for Servers
- View Performance Information for Ports
- View Performance Information for Disks
- View Performance Information for Controllers
- View Performance Information for Storage Profiles
- View Performance Information for QoS Profiles
- Export I/O Usage Data
- Most Active Reports
- Storage Center Reports
- Data Collector Management
- Access the Data Collector View
- Configuring Data Collector Settings
- Configuring General Settings
- Restart the Data Collector
- Enable the Chargeback Feature
- Change Storage Center Timeout Settings
- Set the Maximum Memory for a Data Collector on a Windows Server
- Set the Maximum Memory for a Data Collector on a Virtual Appliance
- Select a Network Adapter
- Configure a Custom SSL Certificate
- Configure a Login Banner Message
- Configure Data Collector Ports
- Change Data Collector Data Source
- Change the Database Connection
- Configuring Environment Settings
- Configuring Monitoring Settings
- Configuring Virtual Appliance Settings
- Configuring General Settings
- Managing Available Storage Centers
- Managing Available PS Series Groups
- Managing Available FluidFS Clusters
- Managing the Storage Manager Virtual Appliance
- Migrate a Microsoft SQL Server Database
- Uninstalling the Data Collector
- Data Collector User Management
- Unisphere Central User Privileges
- Authenticating Users with an External Directory Service
- Managing Local Users Through the Data Collector
- Create a User
- Configure or Modify the Email Address of a User
- Change the Privileges Assigned to a User
- Change the Preferred Language for a Unisphere Central User
- Force the User to Change the Password
- Change the Password for a User
- Set Storage Center Mappings for a Reporter User
- Delete a User
- Delete a Storage Center Mapping for a User
- Unlock a Local User Account
- Managing Local User Password Requirements
- Managing User Settings with Unisphere
- SupportAssist Management
Managing Secure Data
Secure Data provides data-at-rest encryption with key management for self-encrypting drives (SED). The Self-Encrypting
Drives feature must be licensed to use Secure Data.
How Secure Data Works
Using Secure Data to manage SEDs requires an external key management server. If a key management server has not been
configured or is unavailable, Storage Center allows SEDs to be managed; however, it will not secure the SEDs until the key
management server is available and configured, at which point they will be secured.
NOTE: Create a backup for the key management server before removing an SED and after managing an SED.
Each FIPS disk in Storage Center has an internal Media Encryption Key (MEK). The key resides on the disk, providing encryption
for data written to the disk and decryption for data as it is read from the disk. Destroying the key makes any data on the disk
immediately and permanently unreadable, a process referred to as a crypto erase. When you add an SED to, or release an SED
from a Secure Data folder, the MEK is destroyed and a new key is generated. Creating a new key allows the disk to be reused,
although all previous data is lost.
WARNING: Managing a FIPS SED and assigning it to a Secure Data folder destroys the encryption key on the
disk, which makes any previous data on the disk unreadable.
Not to be confused with the MEK, the Storage Center manages a separate set of keys for providing data-at-rest encryption.
These keys are referred to as authority credentials. The purpose of these keys is to protect the theft of any number of drives. If
a secured drive from a Secure Data folder is removed from the system such that power is removed, the drive will be locked and
customer data will be unreadable.
WARNING:
Storage Center will not be able to manage a previously-managed drive as an SED if the key has been
deleted from the drive or the key management server.
Authenticating to the drive using the authority credential is the only means of unlocking the drive while preserving customer
data, which can only be obtained by successfully authenticating to the related key management server through a secure
channel.
Use the Copy Volumes to Disk Folder operation to copy volumes from a Secure Data folder to another folder. The destination
folder can be either a secure folder or a nonsecure folder.
To protect data at rest, all SEDs in a Secure Data disk folder lock when power is removed (lock on reset enabled). When power
is removed from the drive, the drive cannot be unlocked without an authority credential.
When replicating from a Secure Data volume to a non-Secure Data folder, that volume is no longer secure after it leaves the
Secure Data folder. When replicating a non-Secure Data volume to a Secure Data folder, that volume is not secure until it
replicates to the Secure Data folder and Data Progression runs.
Configure Key Server
Before managing SEDs in a Secure Data folder, configure communication between Storage Center and the key management
server.
Prerequisites
The Storage Center must have the Self-Encrypting Drives license.
Steps
1. If you are connected to a Data Collector, select a Storage Center from the drop-down list in the left navigation pane of
Unisphere Central.
2. Click
Summary.
The Summary view is displayed.
3. Click (Settings).
The Storage Center Settings dialog box opens.
4. Click the Secure Data tab.
5. In the Hostname field, type the host name or IP address of the key management server.
Storage Center Maintenance
187