Brocade Communications Systems WFT-2D User Manual page 847

•
Figure 351
FIGURE 351
1. Select the High Availability mode. Options are:
2. Enter the Primary Key Vault IP address or hostname, and port number.
3. Enter the Primary Certificate file name, or browse to the file location.
4. (Optional) Enter a Backup Key Vault IP address or hostname, and port number, and Backup
5. Select the method for user authentication. Options are:
Brocade Network Advisor SAN User Manual
53-1003154-01
With the introduction of Fabric OS 7.2.0, KMIP with TEKA 4.0 is also supported, but must be
configured using the CLI. All nodes in a keyAuthority encryption group must be running Fabric
OS 7.2.0 or later. For configuration instructions, refer to the Fabric OS Encryption
Administrator's Guide Supporting Key Management Interoperability Protocol (KMIP)
Key-Compliant Environments.
shows the key vault selection dialog box for KMIP.
Select Key Vault dialog box for KMIP
•
Opaque: Both the primary and secondary key vaults are registered on the BES. The client
archives the key to a single (primary) key vault. For disk operations, an additional
hardening check is done on the secondary key vault before the key is used for encryption.
•
Transparent: A single key vault should be registered on the BES. The client assumes the
entire HA is implemented on the key vault. Key archival and retrieval is done to the KMIP
without any additional hardening checks.
•
No HA: Both the primary and secondary key vaults are registered on the BES. The client
archives keys to both key vaults and ensures that the archival is successful before the key
is used for encryption.
Certificate File, or browse to the desired location.
•
Username and Password: Activates the Primary and Backup Key Vault User Names and
password fields for completion.
Creating a new encryption group
20
795