Chapter 7: Encryption Key Management
Configuring Scalar Key Manager (SKM) on the Library
Quantum Scalar i40 and Scalar i80 User’s Guide 179
Step 5: Install TLS
Communication
Certificates on the
Library
Depending on when your library was manufactured, TLS certificates may
already be installed. If they are not installed, you must install them. See
Installing TLS Certificates on the Library on page 186 for instructions on
how to verify whether they are installed, and how to install them.
Step 6: Run EKM Path
Diagnostics
Run the Manual EKM Path Diagnostics to be sure the library is
connected properly to both SKM servers. See
Running Manual EKM Path
Diagnostics on page 183 for instructions.
Step 7: Configure SKM
Partitions and Generate
Data Encryption Keys
Encryption on the library is enabled by partition only. You cannot select
individual tape drives for encryption; you must select an entire partition
to be encrypted.
Data written to encryption-supported and encryption-capable media in
EKM-supported tape drives will be encrypted
unless
data was previously
written to the media in a non-encrypted format. For data to be
encrypted, the media must be blank or have been written to using
library managed encryption at the first write operation at the beginning
of tape (BOT).
Configure the partition(s) as follows:
1 From the Web client, select Setup > Encryption > Partition
Configuration.
A list of all your partitions displays, along with a drop-down list
displaying the Encryption Method for each partition (see
Figure 32).
Note: The default Encryption Method for a partition containing
encryption-capable tape drives is Allow Application
Managed. To enable SKM encryption on a partition, you
must set the Encryption Method to Enable Library
Managed. This is explained in the following steps.
To Next Page
Loading...
Need help?
General
Weight and Dimensions
