Table of Contents
Advertisement
20
Steps for connecting to an LKM/SSKM appliance
.
FIGURE 276
2. Select Load from File and browse to the location on your client PC that contains the
Steps for connecting to an LKM/SSKM appliance
The NetApp Lifetime Key Manager (LKM) resides on an FIPS 140-2 Level 3-compliant network
appliance. The encryption engine and LKM appliance communicate over a trusted link. A trusted
link is a secure connection established between the switch or blade and the NetApp LKM/SSKM
appliance, using a shared secret called a link key.
The following configuration steps are performed from the NetApp DataFort Management Console
(DMC) and from the Management application:
•
•
•
•
•
•
718
Encryption Group Properties with Key Vault Certificate
downloaded CA certificate in .pem format.
Install and launch the NetApp DataFort Management Console. Refer to
DataFort Management Console"
Establish the trusted link. Refer to
Obtain and import the LKM/SSKM certificate. Refer to
LKM/SSKM certificate"
on page 720.
Export and register encryption node certificates on LKM/SSKM. Refer to
registering the switch KAC certificates on LKM/SSKM"
If required, create an LKM/SSKM cluster for high availability. Refer to
high availability deployment"
Understanding Data Encryption Keys (DEKs). Refer to
on page 719.
"Establishing the trusted link"
on page 721.
"Data Encryption Keys"
"Launching the NetApp
on page 719.
"Obtaining and importing the
"Exporting and
on page 721.
"LKM/SSKM key vault
on page 722.
Brocade Network Advisor SAN User Manual
53-1003154-01
Advertisement
Chapters
Table of Contents
Troubleshooting
