Dell Brocade 6520 Release Notes v1.0 - Page 34

BES/FS8-18 will reject the SCSI commands WRITE SAME, ATSCompare and Write/Vendor Specific

Get Dell Brocade 6520 PDF manuals and user guides View all Dell Brocade 6520 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 34 highlights

 Hot Code Load from FOS v6.4.1a to FOS v7.0 or later is supported. Cryptographic operations and I/O will be disrupted but other layer 2 FC traffic will not be disrupted.  When disk and tape CTCs are hosted on the same encryption engine, re-keying cannot be done while tape backup or restore operations are running. Re-keying operations must be scheduled at a time that does not conflict with normal tape I/O operations. The LUNs should not be configured with auto rekey option when single EE has disk and tape CTCs.  Gatekeeper LUNs used by SYMAPI on the host for configuring SRDF/TF using in-band management must be added to their containers with LUN state as "cleartext", encryption policy as "cleartext" and without "-newLUN" option.  FOS 7.1.0 introduces support for "disk device decommissioning" to following key vault types: ESKM, TEKA, TKLM and KMIP. To use disk device decommissioning feature for these KVs, all the nodes in the encryption group must be running FOS v7.1.0 or later. Firmware downgrade will be prevented from FOS v7.1.0 to a lower version if this feature is in use. Disk Device decommissioning for DPM and LKM key vaults will continue to work as with previous firmware versions.  FOS7.1.0 introduces a new KMIP keyvault type for Safenet KeySecure SW v6.1 KMIP server. Firmware downgrade will be prevented from FOS v7.1.0 to a lower version if key vault type is set to KMIP. Please refer to the KMIP Encryption Admin Guide for more details.  FOS 7.1.0 mandates regular zones for Hosts and Targets must be defined in the effective configuration before adding an initiator into a crypto container. If crypto commit operation is performed without regular zones for Host and Target, frame redirection zones will not be created. Hosts and targets must be zoned together by worldwide port name (WWPN) rather than worldwide node name (WWNN) in configurations where frame redirection will be used  In FOS 7.1.0 the encryption FPGA has been upgraded to include parity protection of lookup memory (ROM) within the AES engine. This change enhances parity error detection capability of the FPGA.  Special Notes for HP Data Protector backup/restore application  Tape Pool encryption policy specification:  On Windows Systems, HP Data Protector can be used with tape pool encryption specification only if the following pool label options are used:  Pick from Barcode  User Supplied - Only 9 characters or less For other options, behavior defaults to Tape LUN encryption policy.  On HP-UX systems, HP Data Protector cannot be used with tape pool encryption specification for any of the pool options. The behavior defaults to Tape LUN Encryption Policy.  Tape LUN encryption policy specification:  No restrictions, tape LUN encryption policy specification can be used with HP Data Protector on HP-UX and Windows systems.  BES/FS8-18 will reject the SCSI commands WRITE SAME, ATS(Compare and Write/Vendor Specific opcode 0xF1) and EXTENDED COPY, which are related to VAAI (vStorage APIs for Array Integration) hardware acceleration in vSphere 4.1/5.x. This will result in non-VAAI methods of data transfer for the underlying arrays, and may affect the performance of VM related operations.  VMware VMFS5 uses ATS commands with arrays that support ATS. BES/FS8-18 does not support this command set and therefore VMFS5 with ATS is not supported. It is recommended to use VMFS3. Fabric OS v7.1.0a Release Notes v1.0 Page 34 of 41

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
Fabric OS v7.1.0a Release Notes v1.0
Page 34 of 41
Hot Code Load from FOS v6.4.1a to FOS v7.0 or later is supported.
Cryptographic operations and I/O
will be disrupted but other layer 2 FC traffic will not be disrupted.
When disk and tape CTCs are hosted on the same encryption engine, re-keying cannot be done while
tape backup or restore operations are running. Re-keying operations must be scheduled at a time that
does not conflict with normal tape I/O operations. The LUNs should not be configured with auto rekey
option when single EE has disk and tape CTCs.
Gatekeeper LUNs used by SYMAPI on the host for configuring SRDF/TF using in-band management
must be added to their containers with
LUN state as “cleartext”, encryption policy as “cleartext” and
without “
-
newLUN” option.
FOS 7.1.0 introduces support for
“disk
device decommissioning
to following key vault types: ESKM,
TEKA, TKLM and KMIP. To use disk device decommissioning feature for these KVs, all the nodes in the
encryption group must be running FOS v7.1.0 or later. Firmware downgrade will be prevented from
FOS v7.1.0 to a lower version if this feature is in use. Disk Device decommissioning for DPM and LKM
key vaults will continue to work as with previous firmware versions.
FOS7.1.0 introduces a new KMIP keyvault type for Safenet KeySecure SW v6.1 KMIP server. Firmware
downgrade will be prevented from FOS v7.1.0 to a lower version if key vault type is set to KMIP. Please
refer to the KMIP Encryption Admin Guide for more details.
FOS 7.1.0 mandates regular zones for Hosts and Targets must be defined in the effective
configuration before adding an initiator into a crypto container. If crypto commit operation is
performed without regular zones for Host and Target, frame redirection zones will not be created.
Hosts and targets must be zoned together by worldwide port name (WWPN) rather than worldwide
node name (WWNN) in configurations where frame redirection will be used
In FOS 7.1.0 the encryption FPGA has been upgraded to include parity protection of lookup memory
(ROM) within the AES engine. This change enhances parity error detection capability of the FPGA.
Special Notes for HP Data Protector backup/restore application
Tape Pool encryption policy specification:
On Windows Systems, HP Data Protector can be used with tape pool encryption
specification only if the following pool label options are used:
Pick from Barcode
User Supplied
Only 9 characters or less
For other options, behavior defaults to Tape LUN encryption policy.
On HP-UX systems, HP Data Protector cannot be used with tape pool encryption
specification for any of the pool options. The behavior defaults to Tape LUN
Encryption Policy.
Tape LUN encryption policy specification:
No restrictions, tape LUN encryption policy specification can be used with HP Data
Protector on HP-UX and Windows systems.
BES/FS8-18 will reject the SCSI commands WRITE SAME, ATS(Compare and Write/Vendor Specific
opcode 0xF1) and EXTENDED COPY, which are related to VAAI (vStorage APIs for Array Integration)
hardware acceleration in vSphere 4.1/5.x. This will result in non-VAAI methods of data transfer for the
underlying arrays, and may affect the performance of VM related operations.
VMware VMFS5 uses ATS commands with arrays that support ATS. BES/FS8-18 does not support this
command set and therefore VMFS5 with ATS is not supported. It is recommended to use VMFS3.