Chapter 7 Encryption Key Management
Configuring Encryption Key Management on the Library
Scalar i500 User’s Guide 187
3 SKM Only — FIPS (Federal Information Processing Standard) is a
U.S. government standard relating to computer security and
encryption. To enable FIPS mode on an SKM partition, select the
FIPS
check box. To disable FIPS, clear the
FIPS check box.
See FIPS-Certified Encryption Solution
on page 203 for more
information. FIPS mode is only available with SKM.
4 Click
Apply.
5 Save the library configuration.
Using EKM Path
Diagnostics 7
The EKM Path Diagnostics consists of a series of short tests to validate
whether the key servers are running, connected, and able to serve keys as
required.
Run the Manual EKM Path Diagnostics any time you change the key
server settings or library encryption settings.
If you are running Q-EKM,
you should also run the Manual EKM Path Diagnostics whenever you
replace a tape drive. It is recommended that you test each tape drive that
communicates with Q-EKM key servers.
The diagnostics consists of the following tests:
•
Ping — Verifies the Ethernet communication link between the library
and the key servers.
•
Drive (Q-EKM only) — Verifies the tape drive’s path in the library
(communication from library to tape drive sled and from tape drive
sled to tape drive). The tape drive must be unloaded, ready, and
online in order to run this test. If this test fails, the Path and Config
tests are not performed.
•
Path — Verifies that EKM services are running on the key servers.
•
Config — Verifies that the key servers are capable of serving
encryption keys.
Note: For Q-EKM only: The tape drive used for the test must be
unloaded, ready, and online in order to run any of the tests.
Note:
For Q-EKM only: This test cannot run if the Drive test fails.
To Next Page
Loading...
Need help?
General