Sun Microsystems StorageTek HP LTO4 Technical Brief
  1. Manuals
  2. Brands
  3. Sun Microsystems Manuals
  4. Software
  5. StorageTek HP LTO4
  6. Technical brief

Sun Microsystems StorageTek HP LTO4 Technical Brief

Key management system hp lto4 encryption-capable tape drives
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Sun StorageTek
Crypto
TM
Key Management System
HP LTO4 Encryption-Capable Tape Drives
Technical Brief
Part Number: 316196601
Revision: A

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the StorageTek HP LTO4 and is the answer not in the manual?

Questions and answers

Related Manuals for Sun Microsystems StorageTek HP LTO4

Summary of Contents for Sun Microsystems StorageTek HP LTO4

  • Page 1 Sun StorageTek Crypto Key Management System HP LTO4 Encryption-Capable Tape Drives Technical Brief Part Number: 316196601 Revision: A...
  • Page 3 Crypto Key Management System Version 2.0 HP LTO4 Tape Drive Technical Brief Sun Microsystems, Inc. www.sun.com Part Number: 316196601 June 2008 Revision: A...
  • Page 4 Copyright © 2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, Etats-Unis. Tous droits réservés. Sun Microsystems, Inc. détient les droits de propriété intellectuels relatifs à la technologie incorporée dans le produit qui est décrit dans ce document.

  • Page 5: Table Of Contents

    Contents Preface v Organization Related Information v Additional Information vi Introduction Drive Tray 2 Specifications 3 Compatibility 5 Order Numbers Dione Card 7 Firmware Requirements 7 Dione Card Components 8 Connecting to the Dione Card 9 KMS Operations Key Lifecycle 10 Media RFID Chips 12 Media Types 12 Removal and Replacement 14...
  • Page 6 Using VOP 19 Start VOP 20 Diagnose Drive Tab 23 Run LED Diagnostic Test 23 Run Loopback Test 24 Get Log 25 Load Firmware 25 iv KMS: LTO4 Technical Brief • June 2008 Revision: A • 316196601...

  • Page 7: Preface

    Preface This technical brief is intended for Sun StorageTek and anyone responsible for planning the installation of the Crypto Key Management System (KMS) encryption solution. Organization This guide has the following organization: Chapter Chapter 1, “Introduction” Chapter 2, “Dione Card” Chapter 3, “Virtual Operator Panel”...

  • Page 8: Additional Information

    Preface Additional Information Sun Microsystems, Inc. (Sun) offers several methods to obtain additional information. Sun’s External Web Site Sun’s external Web site provides marketing, product, event, corporate, and service information. The external Web site is accessible to anyone with a Web browser and an Internet connection.

  • Page 9: Introduction

    C H A P T E R Introduction Overview The Hewlett Packard (HP) LTO4 is the fourth-generation of Ultrium, Linear Tape-Open tape drives. This generation offers more capacity and increased performance than earlier versions of LTO tape drives. Encryption The Hewlett Packard LTO4 is the first, non-StorageTek T-Series tape drive to support the Crypto Key Management System Version 2.0.

  • Page 10: Drive Tray

    Drive Tray Installing this tape drive in one of Sun StorageTek’s automated tape configurations offers customers with an even wider choice of tape-based storage solutions. Server compatibility: Fibre Channel and SCSI models on popular (qualified) ■ platforms from vendors such as Sun, HP, IBM, and Dell. Software compatibility: Support for an extensive list of software applications ■...

  • Page 11: Specifications

    Specifications TABLE 1-1 provides a comparison of tape drive specifications. TABLE 1-1 Tape Drive Specifications Physical Specifications Height Width Length (depth) Weight Performance Specifications Capacity (native) Transfer rate (native) Streaming range (native) Data Buffer size Number of tracks Load to ready * Access time-average (to first file) Tape speed (meters per second) Tape read/write speed...
  • Page 12 Specifications TABLE 1-2 provides a comparison of media specifications. TABLE 1-2 Media Specifications Specification Tape Base film Tape length Tape length used for data Tape width Tape dimensional stability Maximum tape speed Rewind speed Durability Cartridge Width Depth Height Weight Track density (TPI) Data tracks Data channels...

  • Page 13: Compatibility

    Compatibility HP LTO Ultrium 4 drives are specified to interchange with un-encrypted data cartridges from other tape drives that comply to the LTO U-28, U-316 and U-416 specifications: Future compatibility: In the future, HP LTO Ultrium drives will be capable of: Reading and writing tapes from the current generation ■...

  • Page 14: Order Numbers

    Order Numbers Order Numbers License Keys FIGURE 1-2 License Keys LTO4 Encryption Key Marketing Number Bundled X-HP-LTO4-EKEY-B After market X-HP-LTO4-EKEY-A Configured End Items TABLE 1-5 Configured End Items—Order Numbers Part Numbers SL500 LTO4E-HP4FC-SL500Z LTO4E-HPSC-SL500Z SL8500 LTO4E-HP4FC-SL85Z SL3000 LTO4E-HP4FC-SL30Z X-Options (Conversion Bills) TABLE 1-6 Conversion Bill Numbers Part Numbers SL500...

  • Page 15: Dione Card

    C H A P T E R Dione Card The Dione card—pronounced (D - O - nee)—is a custom design that provides an Ethernet interface for the HP LTO4 tape drive. With this interface, the HP LTO4 tape drive can: Encrypt and decrypt data using the Sun StorageTek Crypto Key Management ■...

  • Page 16: Dione Card Components

    Dione Card Components Dione Card Components The Dione card installs in the open area of the drive trays behind the tape drives. Library drive trays that support this card are the: SL8500 ■ SL3000 ■ SL500 ■ L-Series ■ Each drive tray has its own unique configuration depending on the space in the open area of the drive tray.

  • Page 17: Connecting To The Dione Card

    Connecting to the Dione Card FIGURE 2-2 shows two ways to connect to the Dione card: Point-to-point using a crossover cable ■ Network using a switch or hub and standard (straight-through) Ethernet cables ■ Note – The default IP address of the Dione card is 10.0.0.1. This address is the same as the T-Series tape drives.

  • Page 18: Kms Operations

    KMS Operations KMS Operations When the tape drive is powered-on, the Dione card communicates to the drive over the serial port to take control of drive encryption and decryption. HP LTO4 tape drives have the capability of storing one (1) key while encrypting or decrypting data.
  • Page 19 FIGURE 2-3 Key Lifecycle A potential issue: That LTO4 drive firmware will not request a write key in the following scenario: Read, Space, Write-Filemark, Write. The drive will use the same key obtained for the Read command to encrypt the data provided for the Write command.

  • Page 20: Media Rfid Chips

    KMS Operations At release, the functionality to set a key in a compromised state is not present. This is a low impact issue due to the system assigning unique encryption keys for each tape cartridge. It is rare that a compromised key scenario would ever be encountered.
  • Page 21 FIGURE 2-4 provides an example of a KMS Manager display screen using the elements from and HP LTO4 drive. FIGURE 2-4 KMS Manager Data Unit List 1. Data Unit ID (data cartridge) 2. External Tag (volume serial number) 3. Description (LTO4 or LTO4WORM) 4.

  • Page 22: Removal And Replacement

    Removal and Replacement Removal and Replacement Encryption-capable HP LTO 4 tape drives contain an Ethernet card, which is a field replaceable unit (FRU). Depending on the library, each drive tray contains the card in a different location; however, the removal and replacement procedures are similar. For specific information about the drive trays, refer to: SL8500 Modular Library System Installation Manual SL3000 Modular Library System Installation Manual...
  • Page 23 3. Place the drive and drive tray on a suitable work surface. Caution: Potential ESD damage: The encryption card contains ESD-sensitive components. Make sure you follow proper ESD precautions. 4. Remove the two T9 screws from the top cover and remove the cover. 5.
  • Page 24 Removal and Replacement 16 KMS: LTO4 Technical Brief • June 2008 Revision: A • 316196601...

  • Page 25: Virtual Operator Panel

    C H A P T E R Virtual Operator Panel The Sun StorageTek Virtual Operator Panel (VOP) is a computer-based application that provides a graphical user interface (GUI) to these tape drives: T10000A ■ T10000B ■ T9840D ■ With the VOP at Version 1.0.12 and higher, support for the HP LTO4 tape drive is provided through the translation device for the tape drive.

  • Page 26: Vop Prerequisites

    The VOP application uses an Ethernet connection to communicate with the tape drives, either: Point-to-point, using a cross-over cable ■ Networked, using a switch and standard—straight—Ethernet cables ■ This Ethernet interface provides communication with the tape drives and allows: Customer operators to: ■...

  • Page 27: Using Vop

    Using VOP There are two versions of VOP: 1) Customer and 2) Service. Refer to the VOP documentation for information about how to download and install these applications. TABLE 3-1 VOP Versions, Files, Documents, and Download Sites Version Document Files Customer 96179 VOP_CUST_REL_1.0.12.zip...

  • Page 28: Start Vop

    Using VOP Start VOP Important: Remember, the Service Delivery Platform (SDP) does not support the LTO4 ■ drives. You may need to make adjustments to the network addresses if mixing tape drives on the same KMA and/or SDP network (LAN 2). With this Ethernet connection, you cannot perform the same or similar functions ■...
  • Page 29 5. Select the Configure Drive tab and enter the required information. You will need customer input for the KMA ID, IP Address, and Passphrase. FIGURE 3-4 Configure Drive 6. Click Commit and respond “Yes” to the set drive offline pop-up (if still online). The commit process takes about 30 seconds to complete.
  • Page 30 Using VOP During the commit process, the tape drive goes offline then IPLs to save the new settings to the Dione card. Important: When the drive comes back online, it is now using the new IP address. 8. To continue with the configuration and to “enroll” the tape drive, you must connect the drive to the KMS network.

  • Page 31: Diagnose Drive Tab

    Diagnose Drive Tab The Dione card and the VOP Diagnose Drive tab allow you to perform limit tests, get logs for engineering review, and to load Dione card firmware. Run LED Diagnostic Test To run the LED diagnostic test: 1. Click on Run LED Diag. The display changes the button to EXIT LED Diag. 2.

  • Page 32: Run Loopback Test

    Diagnose Drive Tab Run Loopback Test To run the Loopback diagnostic test: 1. Click on Run Loopback Test. 2. Observe the display as the test starts and ends. FIGURE 3-8 Run LED Diag 24 KMS: LTO4 Technical Brief • June 2008 Revision: A •...

  • Page 33: Get Log

    Get Log If a Dione card or connection is consistently having problems, engineering may request you retrieve a log of events from the Dione card. 1. Click Get Log. 2. Create and select a location for the file. Once the file has transferred, the operation is complete. FIGURE 3-9 Run LED Diag Load Firmware To load new Dione card firmware:...
  • Page 34 Diagnose Drive Tab 26 KMS: LTO4 Technical Brief • June 2008 Revision: A • 316196601...
  • Page 35 Index batch file , 19 cartridge memory , 12 comparisons LTO tape drives media compatibility, media compliance regulations Configure Drive tab , 21 connecting to a Dione card conversion bills Data Unit , 12 default IP address , 9, 20 Dione card components connections to...
  • Page 36 overview specifications LTO4 interfaces manual organization manuals media encryption-capability introduction RFID chip , 12 Mid-range class Monitor Drive tab , 17 NIST 800-57 guidelines , 10 operating systems, VOP , 18 order numbers organization organization of this manual overview Dione card LTO4 , 17 part numbers...
  • Page 38 ERMAN : 1-650-960-1300 EADQUARTERS THE NETWORK IS THE COMPUTER Sun Microsystems, Inc. All rights reserved. Sun, Sun Microsystems, and the Sun logo are trademarks or registered trademarks of Sun Microsystems, Inc. in the SUN™ ©2006 United States and other countries.

This manual is also suitable for:

Storagetek crypto

Table of Contents