HP StorageWorks P9000 User Manual
Dka encryption user guide
Hide thumbs
Also See for StorageWorks P9000:
- Reference manual (399 pages) ,
- Manual (333 pages) ,
- User manual (322 pages)
Table of Contents
Advertisement
Quick Links
HP StorageWorks
P9000 DKA Encryption User Guide
Abstract
This guide describes and provides instructions for using the HP StorageWorks P9000 DKA Encryption License Key software to
configure and perform HP DKA Encryption License Key operations. The intended audience is a storage system administrator
or authorized service provider with independent knowledge of HP StorageWorks P9000 disk arrays and the HP StorageWorks
Remote Web Console.
HP Part Number: AV400-96364
Published: May 201 1
Edition: Fourth
Advertisement
Table of Contents
Related Manuals for HP StorageWorks P9000
Summary of Contents for HP StorageWorks P9000
- Page 1 P9000 DKA Encryption User Guide Abstract This guide describes and provides instructions for using the HP StorageWorks P9000 DKA Encryption License Key software to configure and perform HP DKA Encryption License Key operations. The intended audience is a storage system administrator or authorized service provider with independent knowledge of HP StorageWorks P9000 disk arrays and the HP StorageWorks Remote Web Console.
- Page 2 © Copyright 2010, 201 1 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.21 1 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license.
-
Page 3: Table Of Contents
Contents 1 About DKA Encryption................5 Resources that can be executed for each function................5 DKA Encryption........................5 Encryption specifications......................5 Encryption key operations......................6 Data encryption operations......................7 Data encryption........................7 Disabling encryption......................7 Changing the encryption key....................7 Audit logging of encryption events....................7 2 Preparing for DKA Encryption operations............8 System requirements .........................8 Interoperability considerations ....................8 Configuring Remote Web Console....................9... - Page 4 Edit Encryption window......................22 Confirm window........................25 Glossary....................26 Index......................27 Contents...
-
Page 5: About Dka Encryption
1 About DKA Encryption Unless otherwise specified, the term P9000 in this guide refers to the following disk array: P9500 Disk Array The GUI illustrations in this guide were created using a Windows computer with the Internet Explorer browser. Actual windows may differ depending on the operating system and browser used. GUI contents also vary with licensed program products, storage system models, and firmware versions. -
Page 6: Encryption Key Operations
Item Specification Encryption key Creation of encryption key Create keys by using Remote Web management Console. Deletion of encryption key Delete keys by using Remote Web Console. However, the key allocated to the parity group cannot be deleted. Scope of encryption key 32 keys per storage system. -
Page 7: Data Encryption Operations
Events related to DKA Encryption, including data encryption operations and encryption key operations, are recorded in the audit log. For information about audit logging and audit log events, see the HP StorageWorks P9000 Remote Web Console User Guide and the HP StorageWorks P9000 Audit Log User Guide. -
Page 8: Preparing For Dka Encryption Operations
2 Preparing for DKA Encryption operations This chapter provides information and instructions to prepare for DKA Encryption operations. System requirements Item Requirement P9500 Microcode 70-01-0x and later Remote Web Console DKA Encryption software license. Virtual LVI/LUN software. The Security Administrator (View & Modify) role is required to enable and disable data encryption. -
Page 9: Configuring Remote Web Console
Assign the Security Administrator (View & Modify) role to the user who will be responsible for backing up and restoring the encryption key. For details of each operation, see the HP StorageWorks P9000 Remote Web Console User Guide. Once the DKA Encryption license key has been enabled and the Security Administrator (View &... -
Page 10: Performing Dka Encryption Operations
3 Performing DKA Encryption operations Creating the encryption key The encryption key can be created in preparation for the case where the change of the encryption key is needed. Up to 32 encryption keys can be created per storage system. However, HP recommends leaving at least 2 keys unused at all times so there is room to change an existing key. -
Page 11: Enabling Data Encryption
lowercase letters (a-z) ◦ symbols: ! “ # $ % & ' ( ) * + , . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~ ◦ Type the password again in Re-enter Password for confirmation. Click Finish to display the Confirm window. -
Page 12: Disabling Data Encryption
Disabling data encryption You can disable data encryption on a parity group only when all volumes in the parity group can be formatted (that is, blocked status). If there are any volumes that cannot be formatted, encryption cannot be disabled. To disable data encryption Click Parity Groups in the Storage Systems tree. -
Page 13: Deleting The Encryption Key
Click Open to close the window. The name of the selected file appears in File Name in the Restore Keys window. Type the password for the encryption key in Password. This is the password that was entered when the selected key was backed up. 10. -
Page 14: Troubleshooting
Owner Guide. For troubleshooting information about Remote Web Console, see the HP StorageWorks P9000 Remote Web Console User Guide and HP StorageWorks P9000 Remote Web Console Messages. The following table provides general troubleshooting information for DKA Encryption operations. Table 1 General troubleshooting... -
Page 15: Support And Other Resources
HP. Related information The following documents [and websites] provide related information: HP StorageWorks P9000 Performance for Open and Mainframe Systems User Guide HP StorageWorks P9000 Owner Guide HP StorageWorks P9000 Remote Web Console Messages HP StorageWorks P9000 Remote Web Console User Guide You can find these documents on the Manuals page of the HP Business Support Center website: http://www.hp.com/support/manuals... -
Page 16: Conventions For Storage Capacity Values
Conventions for storage capacity values P9000 disk arrays use the following values to calculate physical storage capacity values (hard disk drives): 1 KB (kilobyte) = 1,000 bytes 1 MB (megabyte) = 1,000 bytes 1 GB (gigabyte) = 1,000... - Page 17 WARNING! Indicates that failure to follow directions could result in bodily harm or death. CAUTION: Indicates that failure to follow directions could result in damage to equipment or data. IMPORTANT: Provides clarifying information or specific instructions. NOTE: Provides additional information. TIP: Provides helpful hints and shortcuts.
-
Page 18: A Dka Encryption Gui Reference
This chapter describes the Remote Web Console windows and dialog boxes for DKA Encryption. For information about common operation such as buttons and task entry, see the HP StorageWorks P9000 Remote Web Console User Guide. Top window when selecting encryption keys This window appears when you select Encryption Keys in Administration. -
Page 19: Create Keys Window
Item Description Number of Creations The number of times that an encryption key is created. Number of Backups The number of times that a backup of an encryption key is created. Used Displays whether the encryption key is used. Create Keys Displays the Create Keys window. -
Page 20: Backup Keys Wizard
Backup Keys wizard Backup Keys window Password field Type the password for the encryption key. The password must be at least 6 characters and up to 255 characters. The valid characters are: Numbers (0 to 9) Upper case (A-Z) Lower case (a-z) Symbols: ! “... -
Page 21: Restore Keys Wizard
When you click Apply, the message which inform the completion of the preparation appears. Click OK and save the backup file. The file extension must be .ekf. Restore Keys wizard Restore Keys window File Name field File name of the backup file selected by clicking Browse is displayed. Browse button Select the backup file (file extension .ekf). -
Page 22: Delete Keys Window
Delete Keys window Selected Keys table Item Description Key ID IDs of encryption keys. Type Types of encryption keys. When the key ID is 0 to 31, Internal is displayed. Edit Encryption wizard Edit Encryption window DKA Encryption GUI reference... - Page 23 Available Parity Groups table Item Description Parity Group ID Parity group numbers. RAID Level RAID level of the parity group. For the combination parity group, the connectivity number is displayed behind the RAID level. Example: 1(2D+2D)*2 Capacity The total capacity of the parity group is displayed by the specified unit. Drive Type/RPM Hard disk drive types and RPM (rotation per minute) of the volume in the parity group.
- Page 24 Selected Parity Groups table Item Description Parity Group ID Parity group numbers. RAID Level RAID level of the parity group. For the combination parity group, the connectivity number is displayed behind the RAID level. Example: 1(2D+2D)*2 Capacity The total capacity of the parity group is displayed by the specified unit. Drive Type/RPM Hard disk drive types and RPM (rotation per minute) of the volume in the parity group.
-
Page 25: Confirm Window
Confirm window Selected Parity Groups table Item Description Parity Group ID Parity group numbers. RAID Level RAID level of the parity group. For the combination parity group, the connectivity number is displayed behind the RAID level. Example: 1(2D+2D)*2 Capacity The total capacity of the parity group. Drive Type/RPM Hard disk drive types and RPM (rotation per minute) of the volume in the parity group. -
Page 26: Glossary
Glossary The basic unit of data in a binary numbering system (binary digit), represented by a 0 or a 1. Eight bits equals one byte. Disk adapter. Logical unit number. A LUN results from mapping a logical unit number, port ID, and LDEV ID to a RAID group. -
Page 27: Index
Index AES-256, related documentation, audit logging, requirements host platforms, license key, backing up the encryption key, microcode, password for encryption key, Remote Web Console, contacting HP, volume types, conventions restoring the encryption key, 6, document, storage capacity values, text symbols, secondary backup key, 6, storage capacity values conventions,...