HP Brocade 8/12c Fabric OS Encryption Administrator's Guide v6.4.0 (53-1001864 - Page 234
encryption, format, LUN state, LUN policy, Encrypt existing data, Key ID, Metadata, on LUN, Results
View all HP Brocade 8/12c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 234 highlights
B DF-compatibility support for disk LUNs TABLE 20 LUN encryption format Support matrix for disk LUNs for various configuration and modify options LUN state LUN policy Encrypt existing data Key ID Metadata Results on LUN Native Encrypted Encrypt NA when NA Yes (Brocade) LUN State = encrypt Native Encrypted Encrypt (Brocade) NA when LUN State = encrypt None No Native (Brocade) Native (Brocade) Encrypted Encrypt Encrypted Cleartext NA when LUN State = encrypt NA when LUN State = encrypt Provided No NA Yes Native (Brocade) Native (Brocade) Encrypted Cleartext Encrypted Cleartext NA when LUN State = encrypt NA when LUN State = encrypt None No Provided No Native Cleartext Encrypt Yes (Brocade) NA Yes Native Cleartext Encrypt Yes (Brocade) Native Cleartext Encrypt Yes (Brocade) None No Provided No No error. If the LUN was previously DF-encrypted, the LUN is set to Read Only until you either remove the LUN and add it back with the native Brocade encryption format, or issue the runtime CLI command to force the change. The data encryption key is retrieved from the key vault based on the LUN serial number, and used for further encryption and decryption. An attempt is made to write the metadata. If the key cannot be retrieved for this LUN based on the LUN serial number, then the LUN is disabled for encryption. You need to either modify the LUN state to cleartext or provide the key ID in the LUN setup. You can also use the runtime cryptocfg --enable -LUN command to force the change, in which case a new key is generated and an attempt is made to write metadata. No error. The LUN is disabled for encryption. Metadata is present on the LUN and the LUN is in encrypted state. You need to either modify the LUN policy to encrypt, or use the runtime cryptocfg --enable -LUN command to force the change from encrypt to cleartext. No error. The KeyID is not valid when this combination is used in cryptocfg --modify -LUN. When issuing cryptocfg --add -LUN, this is an invalid combination The LUN is disabled for encryption. Metadata is present on the LUN and the LUN is in encrypted state. You need to either modify the LUN state to "encrypted" or use the runtime cryptocfg --enable -LUN command to force the change from the current state of the LUN to encrypt. No error. First time encryption started to convert the LUN from cleartext to encrypt. No Error. Key ID is ignored. 216 Fabric OS Encryption Administrator's Guide 53-1001864-01