Key Management - Cisco MDS 9120 Manual

About SME
At the advanced security level, a quorum of SME Recovery Officers is required to perform recovery
procedures. The default is 2 out of 5. In this case 2 of the 5 recovery officers are required to unlock the
master key.
For additional information on SME Administrator and SME Recovery Officer roles, see the
and Assigning SME Roles and SME Users" section on page

Key Management

Cisco Key Management Center (KMC) provides essential features such as key archival, secure export
and import, and key shredding.
Key management features include the following:
•
•
•
•
•
•
•
The centralized key lifecycle management includes the following:
•
•
The Cisco KMC provides dedicated key management for SME, with support for single and multisite
deployments. The Cisco KMC performs key management operations.
The Cisco KMC is either integrated or separated from DCNM-SAN depending on the deployment
requirements.
Single site operations can be managed by the integration of the Cisco KMC in DCNM-SAN. In multisite
deployments, the centralized Cisco KMC can be used together with the local DCNM-SAN servers that
are used for fabric management. This separation provides robustness to the KMC and also supports the
SME deployments in different locations sharing the same Cisco KMC.
Figure 1-2
Cisco MDS 9000 Family NX-OS Storage Media Encryption Configuration Guide
1-4
Master key resides in password protected file or in smart cards.
If the cluster security mode is set to Basic, the master key resides in the password protected file.
–
If the cluster security mode is set to Standard, the master key resides in only one smart card.
–
And the same smart card is required to recover the master key.
If the cluster security mode is set to Advanced, the master key resides in multiple smart cards.
–
Quorum (2 out of 3 or 2 out of 5 or 3 out of 5) of smart cards are required to recover the master
key based on the user selection.
Unique key per tape for an SME tape cluster.
Unique key per LUN for an SME disk cluster.
Keys reside in clear-text only inside a FIPS boundary.
Tape keys and intermediate keys are wrapped by the master key and deactivated in the CKMC.
Disk keys are wrapped by the cluster master key and deactivated in the CKMC.
Option to store tape keys on tape media.
Archive, shred, recover, and distribute media keys.
– Integrated into DCNM-SAN.
– Secure transport of keys.
End-to-end key management using HTTPS/SSL/SSH.
Access controls and accounting.
–
Use of existing AAA mechanisms.
–
shows how Cisco KMC is separated from DCNM-SAN for a multisite deployment.
Chapter 1 Storage Media Encryption Overview
2-32.
"Creating
OL-29289-01