Fabric OS Encryption Administrator's Guide v6.4.0 (53-1001864-01, June 2010)

78 Fabric OS Encryption Administrator’s Guide
53-1001864-01
Viewing and editing switch encryption properties
2
Domain ID - the domain ID of the selected switch.
Firmware Version - the current encryption firmware on the switch.
Primary Key Vault Link Key Status - the possible statuses are as follows:
- Not Used – the key vault type is not LKM.
- No Link Key – no access request was sent to an LKM yet, or a previous request was not
accepted.
- Waiting for LKM approval – a request was sent to LKM and is waiting for the LKM
administrator’s approval.
- Waiting for local approval – a response was received from LKM.
- Created, not validated – the interim state until first used.
- OK – a shared link key exists and has been successfully used.
Primary Key Vault Connection Status - whether the primary key vault link is connected. Possible
values are Unknown, Key Vault Not Configured, No Response, Failed authentication, and
Connected.
Backup Key Vault Link Key Status - the possible statuses are as follows:
- Not Used – the key vault type is not LKM.
- No Link Key – no access request was sent to an LKM yet, or a previous request was not
accepted.
- Waiting for LKM approval – a request was sent to LKM and is waiting for the LKM
administrator’s approval.
- Waiting for local approval – a response was received from LKM.
- Created, not validated – the interim state until first used.
- OK – a shared link key exists and has been successfully used.
Backup Key Vault Connection Status - whether the backup key vault link is connected. Possible
values are Unknown, Key Vault Not Configured, No Response, Failed authentication, and
Connected.
Public Key Certificate text box - the switch’s KAC certificate, which must be installed on the
primary and backup key vaults.
Save As button - saves the certificate to a file in PEM format. The file may be loaded into the
key vault using the key vault’s tools.
Encryption Engine Properties table - the properties for the encryption engine. There may be 0
to 4 slots, one for each encryption engine in the switch.
Current Status - the status of the encryption engine. There are many possible values, but
common values are Not Available (the engine is not initialized), Disabled, Operational, need
master/link key, and Online.
Set State To - enter a new value, enabled or disabled, and click OK to apply the change.
Total Targets - the number of the encrypted target device.
HA Cluster Peer - the name and location of the high-availability (HA) cluster peer (another
encryption engine in the same group), if in an HA configuration.