Chapter 7 Encryption Key Management
Configuring Encryption Key Management on the Library
Scalar i500 User’s Guide 191
• For SKM and KMIP Key Manager: Automatic EKM Path Diagnostics is
enabled by default and should always be left enabled. You should not
need to disable it unless Quantum Support directs you to do so.
For a list of tests performed, see Using EKM Path Diagnostics
on
page 187.
To enable Automatic EKM Path Diagnostics:
1 From the Web client, select Setup > Encryption > System
Configuration.
2 Select the Automatic EKM Path Diagnostics check box.
3 Select a test interval from the Interval drop-down list.
4 Q-EKM Only: From the Test Warning Threshold drop-down list,
select the number of consecutive, missed test intervals required
before the library generates a RAS ticket informing you that the test
could not be performed within the specified number of test intervals.
You can select “Off” or any value from 1 to 24. If you select “Off,” the
library will never generate a RAS ticket, no matter how many tests
are missed. The default threshold is 3.
Viewing and Changing
the Active Key Server 7
The Key Manager Status screen shows you which encryption key server
is currently active, and allows you to change the active server. When you
change the active server, it means that the next key server operation and
all subsequent key server operations will be performed using the new
active server until that server fails or the key server settings are changed.
Caution: Q-EKM Only: Running Automatic EKM Path
Diagnostics may cause an increase in RAS tickets
if tests are skipped due to tape drives being
unavailable for a configurable number of
consecutive test intervals. To reduce the
occurrences of RAS tickets, you can specify the
number of consecutive test intervals required to
generate a RAS ticket to a higher number, or you
can set the library to never generate a RAS ticket
for missed test intervals.
To Next Page
Loading...
Need help?
General