HP Brocade 8/12c Fabric OS Encryption Administrator's Guide - Page 109
Restore Master key, Encryption Group Properties, Con gt; Encryption, Encryption Center
View all HP Brocade 8/12c manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 109 highlights
Zeroizing an encryption engine 2 • If the encryption engine was part of an HA cluster, targets fail over to the peer which assumes the encryption of all storage targets. Data flow will continue to be encrypted. • If there is no HA backup, host traffic to the target will fail as if the target has gone offline. The host will not have unencrypted access to the target. There will be no data flow at all because the encryption virtual targets will be offline. NOTE Zeroizing an engine affects the I/Os but all target and LUN configuration is intact. Encryption target configuration data is not deleted. You can zeroize an encryption engine only if it is enabled (running), or disabled but ready to be enabled. If the encryption engine is not in one of these states, an error message results. When using an opaque key vault, if all encryption engines in an encryption group are zeroized, the encryption group loses the master key required to read data encryption keys from the key vault. After the encryption engines are rebooted and re-enabled, you must restore the master key from a backup copy, or alternatively, you can generate a new master key and back it up. Restoring the master key from a backup copy or generating a new master key and backing it up indicates that all previously generated DEKs will not be decryptable unless the original master key used to encrypt them is restored. Use the Restore Master key wizard from the Encryption Group Properties dialog box to restore the master key from a backup copy. 1. Select Configure > Encryption from the menu task bar. The Encryption Center dialog box displays. 2. Select an encryption engine from the Encryption Center Devices table, then select Engine > Zeroize from the menu task bar, or right-click the encryption engine and select Zeroize. A confirmation dialog box describing consequences and actions required to recover. 3. Click YES to zeroize the encryption engine. Fabric OS Encryption Administrator's Guide 89 53-1002159-03