Spectra T50e - Spectra Sklm Key Management

To Next Page

To Previous Page

Chapter 10—Encryption and Key Management Spectra SKLM Key Management

August 2017 User Guide—Spectra T50e Library

288

SPECTRA SKLM KEY MANAGEMENT

SpectraTivoliKeyLifecycleManager(SpectraSKLM)isacentralizedkey

managementsystemthatallowsyoutomanagethelifecycleofthe

encryptionkeysandsecuritycertificatesforyourlibrary.SpectraSKLM

providesrole‐basedaccesscontrol,basedonuserprivileges,fortasksthat

rangefromcreatingandassigningencryptionkeystothebackupand

restorationofdata.

SpectraSKLMisinstalledonanexternalserver,whichisconnectedtothe

librarybyEthernet.Alladministrativeactivitiesareperformedonthe

server,includingconfiguration;administrationofgroups,users,androles;

andmanagementofkeys,keygroups,anddevices.Encryptionis

performedatthedriveleve l,throughencryption‐enabledLTO‐5andlater

generationtapedrives.

AfterSpectraSKLMkeymanagementisenabled,thedrivesinan

encryption‐enabledpartitionrequestakeyfromtheSpectraSKLMserver.

Theserversendstheencryptionkeytothedrive,andthedriveusesthekey

toautomaticallyencryptdataasitisbackedup.

BeforeyouconfigureyourlibrarytoimplementSpectraSKLMkey

management,therearethreerequiredcomponents:

 SpectraSKLMEncryption‐capableDrivesSpectraSKLMkey

managementisonlycompatiblewithLTO‐5andlatergenerationtape

drives.

 SpectraSKLMOptionKeyPurchaseandinstalltheSpectraSKLM

optionkeytoactivateSpectraSKLMkeymanagement.Formore

informationonhowtoinstalltheoptionkeyonyourlibrary,seeEnter

ActivationKeysonpage113.

SpectraSKLMServerInstallandconfigureSpectraSKLMonyourserv er.

SpectraSKLMisavailableforeitherLinuxorWindows.Foradditional

informationthatcanassistyouduringtheinstallationandconfigurationof

yourserv er,seethefollowingwebsites:

 IBMTivoliKeyLifecycleManagerInformationCenter

 TivoliKeyLifecycleManagerInstallationandConfigurationGuide

 SpectraSKLMkeymanagementisnotcompatiblewithBlu eScale

Encryptionkeymanagement,becausetheycannotshareencryptionkeys.

DataencryptedusingSpectraSKLMkeymanagementcannotbe

decryptedusingBlueScaleEncryptionkeymanagement,andviceversa.

Other manuals for Spectra T50e