HP 4400 HP StorageWorks Fabric OS 6.2.2e Release Notes (5697-0809, February 20 - Page 29

Encryption behavior

Get HP 4400 PDF manuals and user guides View all HP 4400 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 29 highlights

Table 7 Web Tools functionality in DCFM (continued) Function Device accessibility matrix Web Tools 6.1.0 Zone Admin DCFM Configure > Zoning The Compare dialog provides the Storage-Host and Host-Storage view in a tree representation that is comparable to the Device Accessibility Matrix when all devices are selected. Fabric events Fabric summary FCIP tunnel configuration1 GigE ports interface GigE ports route Non-local switch ports display in zoning tree Monitor > Fabric events Reports > Fabric summary Monitor > Logs > Events Monitor > Reports > Fabric Summary report Port Admin Module, GigE tab Configure > FCIP tunnel Port Admin Module, GigE tab Configure > FCIP tunnel Port Admin Module, GigE tab Configure > FCIP tunnel Zone Admin Admin Domain Switch Admin > DCC policies Performance Monitoring2 Configure > Zoning Remove offline or inaccessible devices Zone Admin Configure > Zoning Replace/Replace All zone members by selecting the offline devices from the zone tree. Offline devices have an unknown overlay badge with good visibility. Zone database summary ping Zone Admin Configure > Zoning Zoning report for both online and offline database 1 Viewing FCIP tunnels is supported in Web Tools 6.1.1, but New, Edit Config, and Delete are available only in DCFM. 2 In Web Tools, non-local switch port id/WWN can be added using text box. Encryption behavior • HP recommends that the encrypted LUN containers be created when all of the nodes/Encryption Engines (EE) in the Data Encryption Key (DEK)/High Availability Cluster (HAC) are up and enabled. • If two EEs are part of a HAC, configure the host/target pair such that they form a multipath from both EEs. Avoid connecting both host/target pairs to the same EE. This connectivity does not provide full redundancy when EE failure results in HAC failover. • LUN configuration ◦ The following process is to be used then when configuring a LUN for encryption: - Add the LUN as clear-text to the Crypto Target Container (CTC). - When the LUN comes online and clear-text host I/O starts, modify the LUN from clear-text to encrypt, including the enable_encexistingdata option to convert the LUN from clear-text to encrypted. ◦ An exception to this LUN configuration process: if the LUN was previously encrypted by the HP encryption switch or HP encryption blade, the LUN can be added to the Crypto Target Container with the -encrypt and -lunstate ="encrypted" options. ◦ LUN configurations must be committed to take effect. No more than 25 LUNs can be added or modified in a single commit operation. Attempts to commit configurations that Encryption behavior 29

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
Table 7 Web Tools functionality in DCFM
(continued)
DCFM
Web Tools 6.1.0
Function
Configure > Zoning
The Compare dialog provides the Storage-Host and
Host-Storage view in a tree representation that is
comparable to the Device Accessibility Matrix when all
devices are selected.
Zone Admin
Device accessibility matrix
Monitor > Logs > Events
Monitor > Fabric events
Fabric events
Monitor > Reports > Fabric
Summary report
Reports > Fabric summary
Fabric summary
Configure > FCIP tunnel
Port Admin Module, GigE tab
FCIP tunnel configuration
1
Configure > FCIP tunnel
Port Admin Module, GigE tab
GigE ports interface
Configure > FCIP tunnel
Port Admin Module, GigE tab
GigE ports route
Configure > Zoning
Zone Admin
Admin Domain
Switch Admin > DCC policies
Performance Monitoring
2
Non-local switch ports
display in zoning tree
Configure > Zoning
Replace/Replace All zone members by selecting the
offline devices from the zone tree. Offline devices have
an unknown overlay badge with good visibility.
Zone Admin
Remove offline or
inaccessible devices
Configure > Zoning
Zoning report for both online and offline database
Zone Admin
Zone database summary
ping
1
Viewing FCIP tunnels is supported in Web Tools 6.1.1, but New, Edit Config, and Delete are available only in DCFM.
2
In Web Tools, non-local switch port id/WWN can be added using text box.
Encryption behavior
HP recommends that the encrypted LUN containers be created when all of the nodes/Encryption
Engines (EE) in the Data Encryption Key (DEK)/High Availability Cluster (HAC) are up and
enabled.
If two EEs are part of a HAC, configure the host/target pair such that they form a multipath
from both EEs. Avoid connecting both host/target pairs to the same EE. This connectivity does
not provide full redundancy when EE failure results in HAC failover.
LUN configuration
The following process is to be used then when configuring a LUN for encryption:
Add the LUN as clear-text to the Crypto Target Container (CTC).
When the LUN comes online and clear-text host I/O starts, modify the LUN from
clear-text to
encrypt
, including the
enable_encexistingdata
option to convert
the LUN from clear-text to encrypted.
An exception to this LUN configuration process: if the LUN was previously encrypted by
the HP encryption switch or HP encryption blade, the LUN can be added to the Crypto
Target Container with the
encrypt
and
lunstate =
encrypted
options.
LUN configurations must be committed to take effect. No more than 25 LUNs can be
added or modified in a single commit operation. Attempts to commit configurations that
Encryption behavior
29