Table of Contents
Advertisement
Launching the NetApp DataFort Management Console
The NetApp DataFort Management Console (DMC) must be installed on your PC or workstation to
complete certain procedures described in this chapter. Refer to the appropriate DMC product
documentation for DMC installation instructions. After you install the DMC, complete the following
steps:
1. Launch the DMC.
2. Click the Appliance tab on the top panel.
3. Add the NetApp LKM/SSKM appliance IP address or hostname.
4. Right-click the added IP address and log in to the NetApp LKM/SSKM key vault.
Establishing the trusted link
You must generate the trusted link establishment package (TEP) on all nodes to obtain a trusted
acceptance package (TAP) before you can establish a trusted link between each node and the
NetApp LKM/SSKM appliance.
1. Select Configure > Encryption from the menu task bar to display the Encryption Center
2. Select an LKM/SSKM group from the Encryption Center Devices table, then select Group >
3. Select the switch, then click Establish.
4. Launch the NetApp DataFort Management Console (DMC) and click the View Unapproved
5. Select the switch, then click Approve and Create TAP.
6. Provide a label in the dialog box, then click Approve to approve the TEP.
7.
8. Select the Link Keys tab from the Encryption Group Properties dialog box.
9. Select the switch in the link key status table, then click Accept to retrieve the TAP from the
10. Repeat the above steps for each of the remaining member nodes.
Brocade Network Advisor SAN User Manual
53-1003154-01
dialog box. (Refer to
Figure 266
Link Keys from the menu task bar.
The switch name displays in the link status table under Switch, with a Link Key Status of
Link Key requested, waiting for LKM approval.
This sends a Trust Establishment Package (TEP) message to the LKM/SSKM, which is needed
to establish the trusted link between the switch and the LKM/SSKM appliance.
Trustees tab.
The switch is listed as openkey_trustee_<ip address>, where the IP address is the switch
IP address.
The Approve TEP dialog box displays. The TEP must be approved before a TAP can be created.
A list of recovery cards and recovery officers is displayed. TEP approval is done by a quorum of
recovery officers, using assigned recovery cards. Each recovery officer must individually insert
one of the listed recovery cards into a card reader attached to the PC or workstation, then
enter the password for that card and click Start. The procedure is repeated until a quorum of
recovery officers has approved the TEP.
Save the TAP to a file (location does not matter).
LKM/SSKM appliance.
Steps for connecting to an LKM/SSKM appliance
on page 694.)
20
719
Advertisement
Chapters
Table of Contents
Troubleshooting
