Smart card usage
Smart card usage
Smart Cards are credit card-sized cards that contain a CPU and persistent memory. Smart cards
can be used as security devices. You must have Storage Encryption Security user privileges to
activate, register, and configure smart cards.
Smart cards can be used to do the following:
Smart card readers provide a plug-and-play interface to read and write to a smart card. The
following smart card readers are supported:
See the following procedures for instructions about how to manage smart cards:
Registering authentication cards from a card reader
When authentication cards are used, one or more authentication cards must be read by a card
reader attached to a Management application PC to enable certain security sensitive operations.
These include the following:
To register an authentication card or a set of authentication cards from a card reader, have the
cards physically available. Authentication cards can be registered during encryption group or
member configuration when running the configuration wizard, or they can be registered using the
1. Select Configure > Encryption from the menu bar.
2. Select an encryption group, and select Security Settings.
Control user access to the Management application security administrator roles.
Control activation of encryption engines.
Securely store backup copies of master keys.
GemPlus GemPC USB
"Registering authentication cards from a card reader"
"Registering system cards from a card reader"
"Tracking smart cards"
on page 500
"Saving a master key to a smart card set"
"Restoring a master key from a smart card set"
Master key generation, backup, and restore operations.
Replacement of authentication card certificates.
Enabling and disabling the use of system cards.
Changing the quorum size for authentication cards.
Establishing a trusted link with the NetApp LKM key manager.
The Encryption Center dialog box displays.
on page 496
on page 499
on page 563
on page 567
DCFM Enterprise User Manual