Chapter 7 Encryption Key Management
Configuring Encryption Key Management on the Library
Scalar i500 User’s Guide 172
• Encryption is configured by partition. Partitions must be configured
for “Library Managed Encryption.” EKM partitions must contain
only the tape drives supported by the encryption system you are
using. (For more information, see Step 6: Configuring Partitions for
Library Managed Encryption on page 184.
About the EKM License 7
If you purchase an EKM license after you purchased your library, you
must install the license key on your library to enable the EKM
functionality. The EKM license is sold on a per-drive basis. The license
corresponds to the number of tape drives that you can enable for library
managed encryption. If your library contains more encryption-enabled
tape drives than are covered by the license, you will need to purchase an
additional license to cover them. Your new license key replaces your
current license key and contains the entire license for the total number of
tape drives.
Configuring Encryption Key Management on the Library
Make sure your Q-EKM, SKM, or KMIP-compliant key servers are
installed and running before configuring the library (see the Quantum
Encryption Key Manager User’s Guide, the Scalar Key Manager User’s Guide,
or your KMIP key manager user’s guide for instructions).
Then follow these steps, in order, to configure the library:
• Step 1: Installing the EKM License Key on the Library
on page 173
• Step 2: Preparing Partitions for Library Managed Encryption
on
page 173
• Step 3: Configuring Encryption Settings and Key Server Addresses
on page 174
• Step 4: Installing TLS Certificates on the Library (SKM Only)
on
page 178
• Step 5: Running EKM Path Diagnostics
on page 184
• Step 6: Configuring Partitions for Library Managed Encryption
on
page 184
To Next Page
Loading...
Need help?
General
