encryption service with key management that works transparently with new and existing SANs. This
solution has advantages over competitive solutions, such as:
• Supports nondisruptive installation and provisioning. You do not need to rewire or reconfigure
your SAN.
• Encryption engines are integrated on the MDS 9000 18/4-port Multiservice Module (MSM-18/4)
and the MDS 9222i Multiservice Fabric Switch. You do not need to purchase and manage
nl
additional switch ports, cables, and applications.
• All VSAN traffic can be encrypted. This enables automated load balancing through network traffic
management across multiple SANs.
• No additional software is required for key and user management or provisioning. SME is integrated
with the Cisco Fabric Manager, which reduces operating expenses.
Features
Management features of the Cisco Fabric Manager are as follows:
• Transparent fabric service
• Encryption
• Security roles
• Key management
• Clustering
• Fibre Channel redirect
• Host-based discovery for provisioning tapes
Hardware requirements
SME requires a minimum of one MDS 9222i switch or one MSM-18/4 module in each cluster. The
SME engines on the switch or module provide transparent encryption and compression to hosts and
storage devices. A smart card reader is required to take advantage of all of the standard and advanced
security levels.
Software requirements
Table 195 lists the software requirements for switches and modules in the SME cluster.
Table 195 SME software requirements
Software versionComponent
Fabric Manager 3.2(3) or laterFabric Manager web client
SAN-OS 3.2(3) or laterMDS switches attached to tape devices
SAN-OS 3.2(3) or later
MDS 9222i switches and switches that include the
MSM-18/4 module
C-series SAN-OS security
This section describes the C-series SAN-OS security features.
Storage security408
To Next Page
Loading...
