EasyManua.ls Logo

NetApp AltaVault AVA400 - Page 94

NetApp AltaVault AVA400
276 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
94 NetApp AltaVault Cloud Integrated Storage Administration Guide
Beta Draft
Configuring security settings Configuring KMIP
“To configure cloud settings” on page 95
“To configure the encryption key” on page 95
To add a KMIP server
Before you add a KMIP server, check Web Settings page to verify that you have a certificate under the PEM tab.
1. Choose Configure > KMIP.
2. Under KMIP Servers, select Add a New Server and complete as described in the table.
To add KMIP keys
1. Under KMIP Keys, select Add a New Key and complete as described in the table.
Control Description
Key Server Name Specify the key server name.
Hostname Specify the hostname of the server.
Port Specify the port number.
Protocol Version Select the protocol version from the drop-down list.
Username Specify the username.
Password Specify the password.
Upload CA Certificate Select Browse to navigate to the CA certificate. The certificate must be a .pem file.
Add Adds the KMIP server to the AltaVault. The KMIP server displays in the table below.
Remove Selected Select a KMIP server and click Remove Selected to delete.This will result in AltaVault
not using the key any longer. But the key will remain on the KMS. Deleting the key
from the KMS has to be done through the UI provided by the KMS
Control Description
Key Server Name Select the key server name that was added earlier from the drop-down. If the server is
not available, you must add the KMIP server.
Key Name Specify the key name of the server.
Type Select the type from the drop-down.
Secret Data - Select this option to manage cloud authentication.
Symmetric Key - Select this option to manage datastore encryption key. The selected
key must be an AES-256 key.
Register Key Select yes or no from the drop-down list.
Note: Select yes only if this key does not exist on the KMIP server. Select no if the key
already exists on the KMIP server.
Key Data Specify the cloud authentication parameters.
This field displays only when the Register Key is set to Yes, and the Type is set to
Secret Data.
UUID Specify the UUID from your server.
The UUID field displays only if the Register Key is set to No.

Table of Contents

Related product manuals