Brocade Communications Systems Encryption Switch Servisní příručka

53-1002720-0225 Month 2013®Fabric OS EncryptionAdministrator’s Guide Supporting RSA Data Protection Manager (DPM) EnvironmentsSupporting Fabric OS v7.

x Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Decommissioning in an EG containing mixed modes . . . . . . . . . 232Decommissioning

82 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape LUN statistics24. Select the LUN or LUNs for which to display or clear statistics

Fabric OS Encryption Administrator’s Guide (DPM) 8353-1002720-02Tape LUN statistics2NOTEYou can also select a group, switch, or engine from the Encryp

84 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption engine rebalancing2• Uncompressed Bytes: The number of uncompressed bytes w

Fabric OS Encryption Administrator’s Guide (DPM) 8553-1002720-02Master keys2Rebalancing an encryption engineTo rebalance an encryption engine, complet

86 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Master keys2Active master keyThe active master key is used to encrypt newly created da

Fabric OS Encryption Administrator’s Guide (DPM) 8753-1002720-02Master keys2• Create new master key: Enabled when no master key exists, or the previou

88 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Master keys26. Enter the passphrase, which is required for restoring the master key. T

Fabric OS Encryption Administrator’s Guide (DPM) 8953-1002720-02Master keys26. Re-enter the passphrase for verification, then click OK.A dialog box di

90 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Master keys28. Enter the mandatory last name and first name of the person to whom the

Fabric OS Encryption Administrator’s Guide (DPM) 9153-1002720-02Master keys2FIGURE 69 Select a Master Key to Restore (from file) dialog box4. Choose t

Fabric OS Encryption Administrator’s Guide (DPM) xi53-1002720-02Chapter 6 Maintenance and Troubleshooting In this chapter . . . . . . . . . . . . . .

92 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Master keys2FIGURE 70 Select a Master Key to Restore (from key vault) dialog box4. Cho

Fabric OS Encryption Administrator’s Guide (DPM) 9353-1002720-02Master keys2FIGURE 71 Select a Master Key to Restore (from a recovery set of smart car

94 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Security Settings2Security Settings Security settings help you identify if system card

Fabric OS Encryption Administrator’s Guide (DPM) 9553-1002720-02Zeroizing an encryption engine2NOTEZeroizing an engine affects the I/Os, but all targe

96 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Using the Encryption Targets dialog box2Using the Encryption Targets dialog boxThe Enc

Fabric OS Encryption Administrator’s Guide (DPM) 9753-1002720-02Redirection zones2Redirection zonesIt is recommended that you configure the host and t

98 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Disk device decommissioning2Provided that the crypto configuration is not left uncommi

Fabric OS Encryption Administrator’s Guide (DPM) 9953-1002720-02Disk device decommissioning2In order to delete keys from the key vault, you need to kn

100 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Rekeying all disk LUNs manually2Displaying Universal IDsIn order to delete keys from

Fabric OS Encryption Administrator’s Guide (DPM) 10153-1002720-02Rekeying all disk LUNs manually2Setting disk LUN Re-key AllTo rekey all disk LUNs on

xii Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Brocade Encryption Switch removal and replacement. . . . . . . . . 281Multi-node EG

102 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Rekeying all disk LUNs manually2.FIGURE 76 Pending manual rekey operations Viewing di

Fabric OS Encryption Administrator’s Guide (DPM) 10353-1002720-02Rekeying all disk LUNs manually2FIGURE 77 Encryption Target Disk LUNs dialog box4. Cl

104 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Rekeying all disk LUNs manually2Viewing the progress of manual rekey operationsTo mon

Fabric OS Encryption Administrator’s Guide (DPM) 10553-1002720-02Thin provisioned LUNs2• Current LBA: The Logical Block Address (LBA) of the block tha

106 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing time left for auto rekey2Thin Provisioning supportThin-provisioned logical un

Fabric OS Encryption Administrator’s Guide (DPM) 10753-1002720-02Viewing time left for auto rekey2FIGURE 79 Time left for auto rekey

108 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing switch encryption properties2Viewing and editing switch encryptio

Fabric OS Encryption Administrator’s Guide (DPM) 10953-1002720-02Viewing and editing switch encryption properties2• Switch Status: The health status o

110 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing switch encryption properties2• Key Vault User Name button: (TEKA

Fabric OS Encryption Administrator’s Guide (DPM) 11153-1002720-02Viewing and editing encryption group properties2Importing a signed public key certifi

Fabric OS Encryption Administrator’s Guide (DPM) xiii53-1002720-02About This DocumentIn this chapter•How this document is organized . . . . . . . . .

112 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing encryption group properties2NOTEIf groups are not visible in the

Fabric OS Encryption Administrator’s Guide (DPM) 11353-1002720-02Viewing and editing encryption group properties2General tabThe General tab (Figure 83

114 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing encryption group properties2When the first encryption engine come

Fabric OS Encryption Administrator’s Guide (DPM) 11553-1002720-02Viewing and editing encryption group properties2Members tabThe Members tab lists grou

116 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing encryption group properties2FIGURE 84 Encryption Group Properties

Fabric OS Encryption Administrator’s Guide (DPM) 11753-1002720-02Viewing and editing encryption group properties2Table 2 explains the impact of removi

118 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing encryption group properties2FIGURE 85 Encryption Group Properties

Fabric OS Encryption Administrator’s Guide (DPM) 11953-1002720-02Viewing and editing encryption group properties2• Registered Authentication Cards tab

120 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing encryption group properties2• Right- and Left-arrow buttons: You

Fabric OS Encryption Administrator’s Guide (DPM) 12153-1002720-02Viewing and editing encryption group properties2Tape Pools tabTape pools are managed

xiv Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Supported hardware and software. The following hardware platforms support data encryp

122 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Viewing and editing encryption group properties2All encryption engines in the encrypt

Fabric OS Encryption Administrator’s Guide (DPM) 12353-1002720-02Viewing and editing encryption group properties24. Based on your selection, do one of

124 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption-related acronyms in log messages2FIGURE 90 Encryption Group Properties Dia

Fabric OS Encryption Administrator’s Guide (DPM) 12553-1002720-02Chapter3Configuring Encryption Using the CLIIn this chapter•Overview. . . . . . . . .

126 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Overview3OverviewThis chapter explains how to use the command line interface (CLI) to

Fabric OS Encryption Administrator’s Guide (DPM) 12753-1002720-02Command RBAC permissions and AD types35. PortMember: allows all control operations on

128 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Command RBAC permissions and AD types3createhaclusterNOMN N N OMN NDisallowedcreateta

Fabric OS Encryption Administrator’s Guide (DPM) 12953-1002720-02Command RBAC permissions and AD types3rebalanceNOMN N N OMN NDisallowedreclaimNOMN N

130 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Cryptocfg Help command output3Cryptocfg Help command outputAll encryption operations

Fabric OS Encryption Administrator’s Guide (DPM) 13153-1002720-02Configuring cluster links3Configuring cluster linksEach encryption switch or FS8-18 b

Fabric OS Encryption Administrator’s Guide (DPM) xv53-1002720-02Command syntax conventionsCommand syntax in this manual follows these conventions:Note

132 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring cluster links3DHCP: Offeth0: 10.33.54.208/20eth1: none/noneGateway: 10.33

Fabric OS Encryption Administrator’s Guide (DPM) 13353-1002720-02Setting encryption node initialization35. Reregister the node with the group leader u

134 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance3Steps for connecting to a DPM applianceAll sw

Fabric OS Encryption Administrator’s Guide (DPM) 13553-1002720-02Steps for connecting to a DPM appliance3Initializing the Fabric OS encryption engines

136 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance36. Register the encryption engine by entering

Fabric OS Encryption Administrator’s Guide (DPM) 13753-1002720-02Steps for connecting to a DPM appliance33. Request the signed certificate.Generally,

138 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance3Uploading the CA certificate onto the DPM app

Fabric OS Encryption Administrator’s Guide (DPM) 13953-1002720-02Steps for connecting to a DPM appliance3i. Repeat step a through step h for each key

140 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance3To create a Brocade encryption group, complet

Fabric OS Encryption Administrator’s Guide (DPM) 14153-1002720-02Steps for connecting to a DPM appliance3• Registration File: This file is created as

xvi Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Key termsFor definitions specific to Brocade and Fibre Channel, see the technical glo

142 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance3Setting heartbeat signaling valuesEncryption

Fabric OS Encryption Administrator’s Guide (DPM) 14353-1002720-02Adding a member node to an encryption group3Adding a member node to an encryption gro

144 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding a member node to an encryption group35. Use the cryptocfg --import command to

Fabric OS Encryption Administrator’s Guide (DPM) 14553-1002720-02Adding a member node to an encryption group3Encryption Group state: CLUSTER_STATE

146 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Generating and backing up the master key3SecurityAdmin:switch> cryptocfg --reg -ke

Fabric OS Encryption Administrator’s Guide (DPM) 14753-1002720-02Generating and backing up the master key3 Key Vault Type: DPMPrimary Key Va

148 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02High availability clusters3SecurityAdmin:switch> cryptocfg --show -groupmember -al

Fabric OS Encryption Administrator’s Guide (DPM) 14953-1002720-02High availability clusters3• HA clusters of FS8-18 blades should not include blades i

150 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02High availability clusters3NOTEAn HA cluster configuration must have two encryption e

Fabric OS Encryption Administrator’s Guide (DPM) 15153-1002720-02High availability clusters3<<old node WWN> [old slot number]><<new

Fabric OS Encryption Administrator’s Guide (DPM) xvii53-1002720-02For information about the Key Management Interoperability Protocol standard, visit t

152 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02High availability clusters3Policy Configuration ExamplesThe following examples illust

Fabric OS Encryption Administrator’s Guide (DPM) 15353-1002720-02Re-exporting a master key3Re-exporting a master keyWith the introduction of Fabric OS

154 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Re-exporting a master key3Enter passphrase:Confirm passphrase:Master key exported. M

Fabric OS Encryption Administrator’s Guide (DPM) 15553-1002720-02Re-exporting a master key3e3:ae:aa:89:ec:12:0c:04:29:61:9c:99:44:a3:9b:93e3:ae:aa:89:

156 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Enabling the encryption engine3Enabling the encryption engineEnable the encryption en

Fabric OS Encryption Administrator’s Guide (DPM) 15753-1002720-02Zoning considerations3 No HA cluster membership EE Attributes: Media Ty

158 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Zoning considerations3Frame redirection zoningName Server-based frame redirection ena

Fabric OS Encryption Administrator’s Guide (DPM) 15953-1002720-02Zoning considerations3 Redirect: No The Local Name Server has 1 entry }The nsshow com

160 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02CryptoTarget container configuration37. Create a zone that includes the initiator and

Fabric OS Encryption Administrator’s Guide (DPM) 16153-1002720-02CryptoTarget container configuration3FIGURE 91 Relationship between initiator, virtua

xviii Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02If you cannot use the licenseIdShow command because the switch is inoperable, you c

162 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02CryptoTarget container configuration3You may be prompted to rebalance during the foll

Fabric OS Encryption Administrator’s Guide (DPM) 16353-1002720-02CryptoTarget container configuration3The following example creates a disk container n

164 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02CryptoTarget container configuration3zone: red_1109_brcd200c00062b0f726d200200051e41

Fabric OS Encryption Administrator’s Guide (DPM) 16553-1002720-02CryptoTarget container configuration3Deleting a CryptoTarget containerYou may delete

166 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Crypto LUN configuration3Moving a CryptoTarget containerYou can move a CryptoTarget c

Fabric OS Encryption Administrator’s Guide (DPM) 16753-1002720-02Crypto LUN configuration3CAUTIONWhen configuring a LUN with multiple paths (which mea

168 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Crypto LUN configuration3Configuring a Crypto LUNYou configure a Crypto LUN by adding

Fabric OS Encryption Administrator’s Guide (DPM) 16953-1002720-02Crypto LUN configuration33. Commit the configuration.FabricAdmin:switch> cryptocfg

170 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Crypto LUN configuration3The tape policies specified at the LUN configuration level t

Fabric OS Encryption Administrator’s Guide (DPM) 17153-1002720-02Crypto LUN configuration3Configuring a tape LUNThis example shows how to configure a

Fabric OS Encryption Administrator’s Guide (DPM) 153-1002720-02Chapter1Encryption OverviewIn this chapter•Host and LUN considerations . . . . . . . .

172 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Crypto LUN configuration3a. Discover the LUN. FabricAdmin:switch> cryptocfg --disc

Fabric OS Encryption Administrator’s Guide (DPM) 17353-1002720-02Crypto LUN configuration3Removing a LUN from a CryptoTarget containerYou can remove a

174 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Crypto LUN configuration3Operation Succeeded3. Commit the configuration.FabricAdmin:s

Fabric OS Encryption Administrator’s Guide (DPM) 17553-1002720-02Impact of tape LUN configuration changes3Impact of tape LUN configuration changesLUN-

176 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Decommissioning LUNs3If a LUN is removed when undergoing decommission or is in a deco

Fabric OS Encryption Administrator’s Guide (DPM) 17753-1002720-02Decommissioning replicated LUNs3• If you are running Fabric OS 7.1.0, and you want to

178 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Decommissioning replicated LUNs3NOTEFailure to rekey the secondary LUN might result i

Fabric OS Encryption Administrator’s Guide (DPM) 17953-1002720-02Force-enabling a decommissioned disk LUN for encryption3Force-enabling a decommission

180 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02SRDF LUNs31. Log in to the switch that hosts the LUN as Admin or FabricAdmin. 2. Ente

Fabric OS Encryption Administrator’s Guide (DPM) 18153-1002720-02SRDF LUNs3vault, the key vaults must be synchronized to ensure the availability of th

Copyright © 2013 Brocade Communications Systems, Inc. All Rights Reserved.ADX, AnyIO, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, I

2 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Terminology1TerminologyThe following are definitions of terms used extensively in this

182 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02SRDF LUNs3CAUTIONDo not add a node running an earlier Fabric OS version to an encrypt

Fabric OS Encryption Administrator’s Guide (DPM) 18353-1002720-02Using SRDF, TimeFinder and RecoverPoint with encryption3Using SRDF, TimeFinder and Re

184 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring LUNs for SRDF/TF or RP deployments34. Make a note of the master key'

Fabric OS Encryption Administrator’s Guide (DPM) 18553-1002720-02Configuring LUNs for SRDF/TF or RP deployments3Steps for dealing with these scenarios

186 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring LUNs for SRDF/TF or RP deployments3NOTEAll paths to the new SRDF/TF/RP so

Fabric OS Encryption Administrator’s Guide (DPM) 18753-1002720-02Configuring LUNs for SRDF/TF or RP deployments3Synchronizing source and target LUN SR

188 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring LUNs for SRDF/TF or RP deployments37. Verify that the Replication LUN typ

Fabric OS Encryption Administrator’s Guide (DPM) 18953-1002720-02SRDF/TF/RP manual rekeying procedures3Configuring SRDF Gatekeeper LUNsGatekeeper LUNs

190 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02SRDF/TF/RP manual rekeying procedures35. Wait until the rekey operation on the source

Fabric OS Encryption Administrator’s Guide (DPM) 19153-1002720-02SRDF/TF/RP manual rekeying procedures36. After confirming that the rekey has complete

Fabric OS Encryption Administrator’s Guide (DPM) 353-1002720-02Terminology1Opaque Key VaultA storage location that provides untrusted key management f

192 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02SRDF/TF/RP manual rekeying procedures33. During the rekeying operation, if desired, y

Fabric OS Encryption Administrator’s Guide (DPM) 19353-1002720-02SRDF/TF/RP manual rekeying procedures3Rekeying remote site (R2) SRDF LUNsTo rekey an

194 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape pool configuration36. Verify that the DEKs are synched up from local site DPM cl

Fabric OS Encryption Administrator’s Guide (DPM) 19553-1002720-02Tape pool configuration3• The tape pool label created on the encryption switch or bla

196 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape pool configuration3===========================================================po

Fabric OS Encryption Administrator’s Guide (DPM) 19753-1002720-02Tape pool configuration35. Configure the tape pool on your backup application with th

198 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring a multi-path Crypto LUN3Impact of tape pool configuration changesTape poo

Fabric OS Encryption Administrator’s Guide (DPM) 19953-1002720-02Configuring a multi-path Crypto LUN3Multi-path LUN configuration exampleFigure 93 on

200 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring a multi-path Crypto LUN3b. Create a CryptoTarget container (CTC2) for tar

Fabric OS Encryption Administrator’s Guide (DPM) 20153-1002720-02Configuring a multi-path Crypto LUN3b. Add the same LUN to the CryptoTarget container

4 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02The Brocade Encryption Switch1The Brocade Encryption SwitchThe Brocade Encryption Switc

202 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02First-time encryption3First-time encryptionFirst-time encryption, also referred to as

Fabric OS Encryption Administrator’s Guide (DPM) 20353-1002720-02Thin provisioned LUNs3Thin provisioned LUNsWith the introduction of Fabric OS 7.1.0,

204 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Thin provisioned LUNs3LUN serial number: 50002AC000BC0A50TP LUN: YesLUN connecti

Fabric OS Encryption Administrator’s Guide (DPM) 20553-1002720-02Data rekeying3Data rekeying In a rekeying operation, encrypted data on a LUN is decry

206 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Data rekeying3Configuring a LUN for automatic rekeyingRekeying options are configured

Fabric OS Encryption Administrator’s Guide (DPM) 20753-1002720-02Data rekeying3Initiating a manual rekey session You can initiate a rekeying session m

208 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Data rekeying3Current LBA: 488577Operation succeeded.Suspension and resump

Fabric OS Encryption Administrator’s Guide (DPM) 20953-1002720-02Chapter4Deployment ScenariosIn this chapter•Single encryption switch, two paths from

210 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Single encryption switch, two paths from host to target4Single encryption switch, two

Fabric OS Encryption Administrator’s Guide (DPM) 21153-1002720-02Single fabric deployment - HA cluster4Single fabric deployment - HA clusterFigure 95

Fabric OS Encryption Administrator’s Guide (DPM) 553-1002720-02The FS8-18 blade1The FS8-18 bladeThe FS8-18 blade provides the same features and functi

212 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Single fabric deployment - DEK cluster4In Figure 95, the two encryption switches prov

Fabric OS Encryption Administrator’s Guide (DPM) 21353-1002720-02Dual fabric deployment - HA and DEK cluster4In Figure 96, two encryption switches are

214 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Multiple paths, one DEK cluster, and two HA clusters4failover for the encryption path

Fabric OS Encryption Administrator’s Guide (DPM) 21553-1002720-02Multiple paths, DEK cluster, no HA cluster4The configuration details shown in Figure

216 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Multiple paths, DEK cluster, no HA cluster4The configuration details are as follows:•

Fabric OS Encryption Administrator’s Guide (DPM) 21753-1002720-02Deployment in Fibre Channel routed fabrics4Deployment in Fibre Channel routed fabrics

218 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Deployment in Fibre Channel routed fabrics4The following is a summary of steps for cr

Fabric OS Encryption Administrator’s Guide (DPM) 21953-1002720-02Deployment as part of an edge fabric4Deployment as part of an edge fabricIn this depl

220 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Deployment with FCIP extension switches4Deployment with FCIP extension switchesEncryp

Fabric OS Encryption Administrator’s Guide (DPM) 22153-1002720-02Data mirroring deployment4Data mirroring deploymentFigure 104 shows a data mirroring

6 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Recommendation for connectivity1Recommendation for connectivityIn order to achieve high

222 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Data mirroring deployment4If metadata is not present on the LUNBeginning with Fabric

Fabric OS Encryption Administrator’s Guide (DPM) 22353-1002720-02VMware ESX server deployments4VMware ESX server deploymentsVMware ESX servers may hos

224 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02VMware ESX server deployments4Figure 106 shows a VMware ESX server with two guest ope

Fabric OS Encryption Administrator’s Guide (DPM) 22553-1002720-02Chapter5Best Practices and Special TopicsIn this chapter•Firmware upgrade and downgra

226 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Firmware upgrade and downgrade considerations5Firmware upgrade and downgrade consider

Fabric OS Encryption Administrator’s Guide (DPM) 22753-1002720-02Firmware upgrade and downgrade considerations5• Guidelines for firmware upgrade of en

228 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuration upload and download considerations55. Start firmware download (upgrade)

Fabric OS Encryption Administrator’s Guide (DPM) 22953-1002720-02Configuration upload and download considerations5Information not included in an uploa

230 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02HP-UX considerations5Configuration download at an encryption group memberSwitch speci

Fabric OS Encryption Administrator’s Guide (DPM) 23153-1002720-02AIX Considerations5For HP-UX multi-path configurations:• Add LUN 0 as a cleartext LUN

Fabric OS Encryption Administrator’s Guide (DPM) 753-1002720-02Brocade encryption solution overview1Brocade encryption solution overviewThe loss of st

232 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Decommissioning in an EG containing mixed modes5Decommissioning in an EG containing m

Fabric OS Encryption Administrator’s Guide (DPM) 23353-1002720-02Tape data compression5Tape data compressionData is compressed by the encryption switc

234 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape block zero handling5Tape block zero handlingThe block zero of the tape media is

Fabric OS Encryption Administrator’s Guide (DPM) 23553-1002720-02Redirection zones5• To enable host MPIO, LUNs must also be available through a second

236 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Ensure uniform licensing in HA clusters5Ensure uniform licensing in HA clustersLicens

Fabric OS Encryption Administrator’s Guide (DPM) 23753-1002720-02Turn off compression on extension switches5Turn off compression on extension switches

238 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02KAC certificate registration expiry5Do not change LUN configuration while rekeyingNev

Fabric OS Encryption Administrator’s Guide (DPM) 23953-1002720-02Changing IP addresses in encryption groups5Changing IP addresses in encryption groups

240 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Recommendations for Initiator Fan-Ins5FIGURE 107 Fan-in ratios with performance licen

Fabric OS Encryption Administrator’s Guide (DPM) 24153-1002720-02Best practices for host clusters in an encryption environment5Best practices for host

8 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Brocade encryption solution overview1Data flow from server to storageThe Brocade Encryp

242 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape Device LUN Mapping5

Fabric OS Encryption Administrator’s Guide (DPM) 24353-1002720-02Chapter6Maintenance and TroubleshootingIn this chapter•Encryption group and HA cluste

244 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group and HA cluster maintenance6Encryption group and HA cluster maintenan

Fabric OS Encryption Administrator’s Guide (DPM) 24553-1002720-02Encryption group and HA cluster maintenance6FIGURE 108 Removing a node from an encryp

246 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group and HA cluster maintenance6 IP Address: 10.32.33.

Fabric OS Encryption Administrator’s Guide (DPM) 24753-1002720-02Encryption group and HA cluster maintenance6Deleting an encryption groupYou can delet

248 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group and HA cluster maintenance6Displaying the HA cluster configurationNO

Fabric OS Encryption Administrator’s Guide (DPM) 24953-1002720-02Encryption group and HA cluster maintenance6Replacing an HA cluster member1. Log in t

250 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group and HA cluster maintenance6FIGURE 109 Replacing a failed encryption

Fabric OS Encryption Administrator’s Guide (DPM) 25153-1002720-02Encryption group and HA cluster maintenance6Case 2: Replacing a “live” encryption eng

Fabric OS Encryption Administrator’s Guide (DPM) 953-1002720-02Data encryption key life cycle management1Data encryption key life cycle managementData

252 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group and HA cluster maintenance6Performing a manual failback of an encryp

Fabric OS Encryption Administrator’s Guide (DPM) 25353-1002720-02Encryption group merge and split use cases6• After the failback completes, the crypto

254 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group merge and split use cases6NOTEWhen attempting to reclaim a failed Br

Fabric OS Encryption Administrator’s Guide (DPM) 25553-1002720-02Encryption group merge and split use cases6RecoveryIf auto failback policy is set, no

256 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group merge and split use cases6• The isolation of N3 from the group leade

Fabric OS Encryption Administrator’s Guide (DPM) 25753-1002720-02Encryption group merge and split use cases6Recovery1. Restore the connection between

258 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group merge and split use cases6NOTEThe collective time allowed (the heart

Fabric OS Encryption Administrator’s Guide (DPM) 25953-1002720-02Encryption group merge and split use cases6NOTEIf one or more EG status displays as C

260 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group merge and split use cases6Display the encryption group state again.N

Fabric OS Encryption Administrator’s Guide (DPM) 26153-1002720-02Encryption group merge and split use cases6Encryption group not defined: Cluster DB a

10 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Data encryption key life cycle management1FIGURE 5 DEK life cycle

262 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption group merge and split use cases6The above manual configuration recovery pr

Fabric OS Encryption Administrator’s Guide (DPM) 26353-1002720-02Encryption group database manual operations6Encryption group database manual operatio

264 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Key vault diagnostics6Aborting a pending database transactionYou can abort a pending

Fabric OS Encryption Administrator’s Guide (DPM) 26553-1002720-02Measuring encryption performance6• Time of day on the switch• Key Vault client SDK ve

266 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Measuring encryption performance6• -tx -rx displays the transmit and receive throughp

Fabric OS Encryption Administrator’s Guide (DPM) 26753-1002720-02General encryption troubleshooting6General encryption troubleshootingTable 9 lists th

268 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02General encryption troubleshooting6A backup fails because the LUN is always in the in

Fabric OS Encryption Administrator’s Guide (DPM) 26953-1002720-02General encryption troubleshooting6Decommissioning an R2 LUN (remote replication LUN)

270 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Troubleshooting examples using the CLI6Troubleshooting examples using the CLIEncrypti

Fabric OS Encryption Administrator’s Guide (DPM) 27153-1002720-02Troubleshooting examples using the CLI6Encryption Disabled CryptoTarget LUNIf the LUN

Fabric OS Encryption Administrator’s Guide (DPM) 1153-1002720-02Master key management1Master key managementCommunications with opaque key vaults are e

272 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Management application encryption wizard troubleshooting6Management application encry

Fabric OS Encryption Administrator’s Guide (DPM) 27353-1002720-02Management application encryption wizard troubleshooting6Errors related to adding a s

274 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Management application encryption wizard troubleshooting6General errors related to th

Fabric OS Encryption Administrator’s Guide (DPM) 27553-1002720-02LUN policy troubleshooting6LUN policy troubleshootingTable 14 may be used as an aid i

276 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Loss of encryption group leader after power outage6Loss of encryption group leader af

Fabric OS Encryption Administrator’s Guide (DPM) 27753-1002720-02MPIO and internal LUN states65. Synchronize the crypto configurations across all memb

278 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02FS8-18 blade removal and replacement61. Enter the cryptocfg --resume_rekey command, f

Fabric OS Encryption Administrator’s Guide (DPM) 27953-1002720-02FS8-18 blade removal and replacement63. If the replaced FS8-18 blade is in member nod

280 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02FS8-18 blade removal and replacement6NOTEBecause the FS8-18 blade was inserted in the

Fabric OS Encryption Administrator’s Guide (DPM) 28153-1002720-02Brocade Encryption Switch removal and replacement611. If a master key is not present,

Fabric OS Encryption Administrator’s Guide (DPM) iii53-1002720-02ContentsAbout This DocumentIn this chapter . . . . . . . . . . . . . . . . . . . . .

12 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Cisco Fabric Connectivity support1Cisco Fabric Connectivity supportThe Brocade Encrypt

282 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Brocade Encryption Switch removal and replacement68. Power on the new Brocade Encrypt

Fabric OS Encryption Administrator’s Guide (DPM) 28353-1002720-02Brocade Encryption Switch removal and replacement621. Import the signed CSR/Cert onto

284 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Brocade Encryption Switch removal and replacement632. If HA cluster membership for th

Fabric OS Encryption Administrator’s Guide (DPM) 28553-1002720-02Brocade Encryption Switch removal and replacement611. Invoke the following command to

286 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Brocade Encryption Switch removal and replacement627. Invoke the following command on

Fabric OS Encryption Administrator’s Guide (DPM) 28753-1002720-02Deregistering a DPM key vault6Deregistering a DPM key vaultEach Brocade Encryption Sw

288 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Reclaiming the WWN base of a failed Brocade Encryption Switch6Reclaiming the WWN base

Fabric OS Encryption Administrator’s Guide (DPM) 28953-1002720-02Downgrading firmware from Fabric OS 7.1.06Downgrading firmware from Fabric OS 7.1.0NO

290 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Fabric OS and DPM Compatibility Matrix6Fabric OS and DPM Compatibility MatrixDPM 3.1

Fabric OS Encryption Administrator’s Guide (DPM) 29153-1002720-02Moving an encryption blade from one EG to another in the same fabric6Admin:switch>

Fabric OS Encryption Administrator’s Guide (DPM) 1353-1002720-02Chapter2Configuring Encryption Using the Management ApplicationIn this chapter•Encrypt

292 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Moving an encryption switch from one EG to another in the same fabric64. Add the move

Fabric OS Encryption Administrator’s Guide (DPM) 29353-1002720-02AppendixAState and Status InformationIn this appendix•Encryption engine security proc

294 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Security processor KEK statusASecurity processor KEK statusTable 20 lists security pr

Fabric OS Encryption Administrator’s Guide (DPM) 29553-1002720-02Encrypted LUN statesALUN_1ST_TIME_REKEY_IN_PROG First time rekey is in progress.LUN_K

296 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encrypted LUN statesALUN_DIS_WR_META_DONE_ERR Disabled (Write metadata done with fail

Fabric OS Encryption Administrator’s Guide (DPM) 29753-1002720-02Encrypted LUN statesATABLE 22 Tape LUN statesInternal Names Console String Explanatio

298 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encrypted LUN statesALUN_ENCRYPT Encryption enabled The tape medium is present, and i

Fabric OS Encryption Administrator’s Guide (DPM) 29953-1002720-02IndexAadd commands--add -haclustermember, 150--add -initiator, 163, 171, 200--add -LU

300 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02create commands--create -container, 162, 171, 199--create -encgroup, 140--create -hac

Fabric OS Encryption Administrator’s Guide (DPM) 30153-1002720-02cryptocfg helpcommand output, 130CryptoTarget containeradding a LUN, 167, 168configur

14 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption Center features2•Viewing and editing encryption group properties . . . . .

302 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-0227, 35host and LUN considerations, 1launching the encryption targets dialog box, 96li

Fabric OS Encryption Administrator’s Guide (DPM) 30353-1002720-02Ffailbackinvoking, 54modes, 54failback command, --failback -EE, 252failover and failb

304 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02KEK security processor status, 294Key IDsexporting, 154key vaultderegistration, 287ke

Fabric OS Encryption Administrator’s Guide (DPM) 30553-1002720-02Management application, 61multi-path environmentsconfiguring encrypted tape storage,

306 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02show commands--show, 144, 156--show -container, 163--show -groupmember, 144, 147, 148

Fabric OS Encryption Administrator’s Guide (DPM) 30753-1002720-02troubleshootingcfgshow command, 267configshow, 267cryptocfg --show -groupcfg command,

308 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02

Fabric OS Encryption Administrator’s Guide (DPM) 1553-1002720-02Encryption user privileges2Encryption user privilegesIn BNA, resource groups are assig

16 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Smart card usage2Smart card usageSmart Cards are credit card-sized cards that contain

Fabric OS Encryption Administrator’s Guide (DPM) 1753-1002720-02Smart card usage2• Establishing a trusted link with the NetApp LKM key vault.• Decommi

18 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Smart card usage23. Locate the Authentication Card Quorum Size and select the quorum s

Fabric OS Encryption Administrator’s Guide (DPM) 1953-1002720-02Smart card usage2Registering authentication cards from the databaseSmart cards that ar

20 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Smart card usage2Deregistering an authentication cardAuthentication cards can be remov

Fabric OS Encryption Administrator’s Guide (DPM) 2153-1002720-02Smart card usage2Using system cardsSystem cards are smart cards that can be used to co

iv Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Support for virtual fabrics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

22 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Smart card usage2Enabling or disabling the system card requirementTo use a system card

Fabric OS Encryption Administrator’s Guide (DPM) 2353-1002720-02Smart card usage2Deregistering system cardsSystem cards can be removed from the databa

24 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Smart card usage2Tracking smart cards1. Select Configure > Encryption from the menu

Fabric OS Encryption Administrator’s Guide (DPM) 2553-1002720-02Smart card usage2FIGURE 12 Smart Card asset tracking dialog box3. Select a smart card

26 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Smart card usage2Editing smart cardsSmart cards can be used for user authentication, m

Fabric OS Encryption Administrator’s Guide (DPM) 2753-1002720-02Network connections2Network connectionsBefore you use the encryption setup wizard for

28 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Encryption node initialization and certificate generation2Configuring blade processor

Fabric OS Encryption Administrator’s Guide (DPM) 2953-1002720-02Steps for connecting to a DPM appliance2Setting encryption node initializationEncrypti

30 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance2Exporting the KAC certificate signing request

Fabric OS Encryption Administrator’s Guide (DPM) 3153-1002720-02Steps for connecting to a DPM appliance2KAC certificate registration expiryIt is impor

Fabric OS Encryption Administrator’s Guide (DPM) v53-1002720-02High availability (HA) clusters . . . . . . . . . . . . . . . . . . . . . . . . . . . .

32 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance2Uploading the CA certificate onto the DPM appl

Fabric OS Encryption Administrator’s Guide (DPM) 3353-1002720-02Steps for connecting to a DPM appliance2h. Click Next.i. Repeat step a through step h

34 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Steps for connecting to a DPM appliance2Loading the CA certificate onto the encryption

Fabric OS Encryption Administrator’s Guide (DPM) 3553-1002720-02Encryption preparation2Encryption preparationBefore you use the encryption setup wizar

36 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Creating an encryption group22. Select a switch from the <NO GROUP DEFINED> encr

Fabric OS Encryption Administrator’s Guide (DPM) 3753-1002720-02Creating an encryption group24. From the Configure Switch Encryption welcome screen, c

38 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Creating an encryption group2FIGURE 20 Create a New Encryption Group dialog boxThe dia

Fabric OS Encryption Administrator’s Guide (DPM) 3953-1002720-02Creating an encryption group2FIGURE 21 Select Key Vault dialog boxUsing this dialog bo

40 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Creating an encryption group2Configuring key vault settings for RSA Data Protection Ma

Fabric OS Encryption Administrator’s Guide (DPM) 4153-1002720-02Creating an encryption group2FIGURE 23 Specify Certificate Signing Request File Name d

vi Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Disk device decommissioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

42 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Creating an encryption group2FIGURE 24 Specify Master Key File Name dialog box7. Enter

Fabric OS Encryption Administrator’s Guide (DPM) 4353-1002720-02Creating an encryption group2FIGURE 25 Select Security Settings dialog box10. Set quor

44 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Creating an encryption group2FIGURE 26 Confirm Configuration dialog boxThe Configurati

Fabric OS Encryption Administrator’s Guide (DPM) 4553-1002720-02Creating an encryption group2FIGURE 28 Next Steps dialog box13. Review the post-config

46 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding a switch to an encryption group2Adding a switch to an encryption groupThe setup

Fabric OS Encryption Administrator’s Guide (DPM) 4753-1002720-02Adding a switch to an encryption group2FIGURE 30 Designate Switch Membership dialog bo

48 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding a switch to an encryption group2FIGURE 31 Add Switch to Existing Encryption Gro

Fabric OS Encryption Administrator’s Guide (DPM) 4953-1002720-02Adding a switch to an encryption group26. Enter the location where you want to store t

50 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Replacing an encryption engine in an encryption group2All configuration items have gre

Fabric OS Encryption Administrator’s Guide (DPM) 5153-1002720-02High availability (HA) clusters2FIGURE 36 Engine Operations tab3. Select the engine to

Fabric OS Encryption Administrator’s Guide (DPM) vii53-1002720-02Steps for connecting to a DPM appliance . . . . . . . . . . . . . . . . . . . 134Ini

52 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02High availability (HA) clusters2NOTEIn Fabric OS 6.3.0 and later, HA cluster creation

Fabric OS Encryption Administrator’s Guide (DPM) 5353-1002720-02High availability (HA) clusters2FIGURE 37 Encryption Group Properties dialog box - HA

54 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02High availability (HA) clusters2Swapping engines in an HA clusterSwapping engines is u

Fabric OS Encryption Administrator’s Guide (DPM) 5553-1002720-02Configuring encryption storage targets2Configuring encryption storage targetsAdding an

56 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring encryption storage targets2FIGURE 38 Encryption Targets dialog box3. Click

Fabric OS Encryption Administrator’s Guide (DPM) 5753-1002720-02Configuring encryption storage targets2FIGURE 40 Select Encryption Engine dialog boxTh

58 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring encryption storage targets2FIGURE 41 Select Target dialog boxThe dialog bo

Fabric OS Encryption Administrator’s Guide (DPM) 5953-1002720-02Configuring encryption storage targets2FIGURE 42 Select Hosts dialog boxThe dialog box

60 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring encryption storage targets2• Right arrow button: Moves a host from the Hos

Fabric OS Encryption Administrator’s Guide (DPM) 6153-1002720-02Configuring encryption storage targets2FIGURE 44 Confirmation dialog boxThe screen con

viii Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Impact of tape LUN configuration changes. . . . . . . . . . . . . . . . . . 175Deco

62 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring encryption storage targets2FIGURE 45 Configuration Status screenThe screen

Fabric OS Encryption Administrator’s Guide (DPM) 6353-1002720-02Configuring hosts for encryption targets2FIGURE 46 Next Steps screenThe screen contain

64 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Configuring hosts for encryption targets2NOTEYou can also select a group, switch, or e

Fabric OS Encryption Administrator’s Guide (DPM) 6553-1002720-02Configuring hosts for encryption targets2NOTEBoth the Host Ports in Fabric table and t

66 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding target disk LUNs for encryption2Adding target disk LUNs for encryptionYou can a

Fabric OS Encryption Administrator’s Guide (DPM) 6753-1002720-02Adding target disk LUNs for encryption2• Fabric• State• Thin Provision LUN• Encryption

68 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding target disk LUNs for encryption2FIGURE 51 Select Initiator Port dialog boxThe d

Fabric OS Encryption Administrator’s Guide (DPM) 6953-1002720-02Adding target disk LUNs for encryption2FIGURE 52 Select LUN dialog box The dialog box

70 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding target disk LUNs for encryption29. Click Finish.The new LUN path is added to th

Fabric OS Encryption Administrator’s Guide (DPM) 7153-1002720-02Adding target disk LUNs for encryption2Configuring storage arraysThe Storage Array con

Fabric OS Encryption Administrator’s Guide (DPM) ix53-1002720-02Thin provisioned LUNs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

72 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding target disk LUNs for encryption2SRDF pairsRemote replication is implemented by

Fabric OS Encryption Administrator’s Guide (DPM) 7353-1002720-02Adding target tape LUNs for encryption2Note the following when using the New LUN optio

74 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Adding target tape LUNs for encryption2FIGURE 55 Encryption Targets dialog box3. Selec

Fabric OS Encryption Administrator’s Guide (DPM) 7553-1002720-02Adding target tape LUNs for encryption2FIGURE 57 Add Encryption Target Tape LUNs dialo

76 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Moving targets2• Enable Read Ahead: When selected, enables read pre-fetching on this t

Fabric OS Encryption Administrator’s Guide (DPM) 7753-1002720-02Configuring encrypted tape storage in a multi-path environment2Configuring encrypted t

78 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape LUN write early and read ahead2Tape LUN write early and read aheadThe tape LUN wr

Fabric OS Encryption Administrator’s Guide (DPM) 7953-1002720-02Tape LUN statistics2FIGURE 59 Encryption Target Tape LUNs dialog box - Setting tape LU

80 Fabric OS Encryption Administrator’s Guide (DPM)53-1002720-02Tape LUN statistics2Viewing and clearing tape container statisticsYou can view LUN sta

Fabric OS Encryption Administrator’s Guide (DPM) 8153-1002720-02Tape LUN statistics2• Uncompressed blocks: The number of uncompressed blocks written t