Chapter 9: Configuration
System
Quantum DXi4700 User’s Guide 317
1. Select an Encryption option in OST and Accent Data Transfer Encryption:
None Data is not encrypted.
Default AES 128 OST and Accent data is encrypted using AES 128-bit encryption.
Default AES 256 OST and Accent is encrypted using AES 256-bit encryption.
TLS with AES 256 OST, Accent, and Replication data is encrypted using AES 256-bit encryption
with Transport Layer Security (TLS).
For replication, you must specify encryption settings when configuring the
replication or failback targets (see Replication on page 115).
Note: AES encryption options are available only if the Data-in-Flight license is installed (see
License Keys on page 349).
2. If you selected the TLS with AES 256 encryption option, install the required TLS Certificate and key
files on the DXi:
l Certificate File
l Private Key File
l Certificate Authority File
l Certificate Revocation List (Optional)
OST Media Server with TLS Encryption
The certificate and key files installed on the DXi system must match the files on the OST media
server. For more information on certificate and key files, see the OST Plug-in Installation
Instructions.
Replication with TLS Encryption
To successfully use replication with TLS encryption, you must do the following:
l Configure target DXi with TLS Encryption.
l Configure source DXi with TLS Encryption (system reboot required).
l Select TLS with AES 256 when configuring the target DXi (see Adding a Replication Target on
page 255).
The source DXi key and target DXi key do not need to match, but must meet the following criteria:
l The target key must be signed by a certificate in the source key.
l The source key must be signed by a certificate in the target key.
To Next Page
Loading...
