Manualshelf

DCFM Enterprise User Manual (53-1001775-01, June 2010)

ManualsBrandsHP ManualsStorageHP StorageWorks Edge Switch 2/12
541542543544545546547548549550
508 DCFM Enterprise User Manual
53-1001775-01
The NetApp DataFort Management Console
20
The NetApp DataFort Management Console
The NetApp DataFort Management Console (DMC) must be installed on your PC or workstation to
complete certain procedures described in this appendix. Refer to the appropriate DMC product
documentation for DMC installation instructions. After you install DMC, do the following.
1. Launch the DMC.
2. Click the Appliance tab on the top panel.
3. Add the NetApp LKM appliance IP address or hostname.
4. Right-click the added IP address and log into the NetApp LKM key vault.
Establishing the trusted link
You must generate the trusted link establishment package (TEP) on all nodes to obtain a trusted
acceptance package (TAP) before you can establish a trusted link between each node and the
NetApp LKM appliance.
1. From the Encryption Center, select Group > Link Keys.
The switch name displays in the link status table under Switch, with a Link Key Status of Link
Key requested, pending LKM approval.
2. Select the switch, and click Establish.
This results in a Trusted link establishment package (TEP), which is needed to establish the
trusted link between the switch and the LKM appliance.
3. Launch the NetApp DataFort Management Console (DMC) and click the View Unapproved
Trustees tab.
The switch is listed as openkey_trustee_<ip address>, where the IP address is the switch IP
address.
4. Select the switch, and click Approve and Create TAP.
The Approve TEP dialog box displays. The TEP must be approved before a TAP can be created.
5. Provide a label in the dialog box and click Approve to approve the TEP.
A list of recovery cards and recovery officers is displayed. TEP approval is done by a quorum of
recovery officers, using assigned recovery cards. Each recovery officer must individually insert
one of listed recovery cards into a card reader attached to the PC or workstation, enter the
password for that card, and click Start. The procedure is repeated until a quorum of recovery
officers has approved the TEP.
6. Save the TAP to a file (location does not matter).
7. Select the Link Keys tab on the Encryption Group Properties dialog box.
8. Select the switch in the link key status table, and click Accept to retrieve the TAP from the LKM
appliance.
9. Repeat the above steps for each of the remaining member nodes.