Book description
In this IBM® Redbooks® publication, we describe how
these products can be combined to provide an encryption and
virtualization solution:
IBM System Storage® SAN32B-E4 Encryption Switch
IBM Storwize® V7000
IBM Tivoli® Key Lifecycle Manager
We describe the terminology that is used in an encrypted and
virtualized environment, and we show how to implement these
products to take advantage of their strengths.
This book is intended for anyone who needs to understand and implement the IBM System Storage SAN32B-E4 Encryption Switch, IBM Storwize V7000, IBM Tivoli Key Lifecycle Manager, and encryption.
Table of contents
- Notices
- Preface
- Chapter 1: Introduction to SAN encryption using the Storwize V7000 and the SAN32B-E4 Encryption Switch
- Chapter 2: Terminology and technology
-
Chapter 3: Initial setup for the IBM Tivoli Key Lifecycle Manager and the SAN32B-E4 Encryption Switch
- The need for a key management tool
- Tivoli Key Lifecycle Manager components and resources
-
Initial setup of Tivoli Key Lifecycle Manager and the Encryption Switch
- Basic installation of Tivoli Key Lifecycle Manager
- Multiple Tivoli Key Lifecycle Managers for redundancy
- Installation of the Encryption Switch
- Master key management
- Considerations before the first TKLM and SAN32B-E4 Encryption Switch setup
- Setting up the SAN32B-E4 Encryption Switch and TKLM using the switch CLI (1/5)
- Setting up the SAN32B-E4 Encryption Switch and TKLM using the switch CLI (2/5)
- Setting up the SAN32B-E4 Encryption Switch and TKLM using the switch CLI (3/5)
- Setting up the SAN32B-E4 Encryption Switch and TKLM using the switch CLI (4/5)
- Setting up the SAN32B-E4 Encryption Switch and TKLM using the switch CLI (5/5)
- Setting up the SAN32B-E4 Encryption Switch and TKLM using the DCFM GUI (1/4)
- Setting up the SAN32B-E4 Encryption Switch and TKLM using the DCFM GUI (2/4)
- Setting up the SAN32B-E4 Encryption Switch and TKLM using the DCFM GUI (3/4)
- Setting up the SAN32B-E4 Encryption Switch and TKLM using the DCFM GUI (4/4)
-
Chapter 4: Implementation scenarios and recommendations for managing the SAN32B-E4 Encryption Switch
- Configuring encryption on a single fabric
- General prerequisites for encryption
- Defining the encryption configuration
-
Data encryption key cluster config: Multiple path/dual fabric
- Starting the configuration
- Target configuration for a data encryption key cluster environment
- Steps to extend a single fabric setup to a DEK cluster environment
- Preparing the multipath/dual-fabric configuration
- Verifying the current encryption group members
- Adding a new host server Fibre Channel port to the existing LUNs
- Adding and defining the new CTCs for the second fabric via DCFM (1/2)
- Adding and defining the new CTCs for the second fabric via DCFM (2/2)
- Adding the existing LUNs for the second fabric CTCs via DCFM
- Activating the DEK cluster CTC definitions
- Final activation/confirmation of the new paths (via a second fabric)
- Adding a second Encryption Switch for high availability (1/2)
- Adding a second Encryption Switch for high availability (2/2)
-
Creating and adding a new LUN to an existing EG
- Creating and adding a new LUN in a single-fabric environment
- Creating a new LUN in the IBM Storwize V7000
- Adding a newly created LUN into an existing encryption group (1/2)
- Adding a newly created LUN into an existing encryption group (2/2)
- Creating and adding a new LUN in a dual-fabric environment
- Creating a new LUN in the IBM Storwize V7000 (dual fabric)
- Adding a new LUN into an existing encryption group (dual fabric)
- Adding and removing a path to an initiator from a CTC
- Changing a host HBA (1/2)
- Changing a host HBA (2/2)
- Chapter 5: Advanced techniques and functionality
- Chapter 6: Maintenance and troubleshooting
- Related publications
- Index (1/2)
- Index (2/2)
- Back cover
Product information
- Title: Implementing the Storwize V7000 and the IBM System Storage SAN32B-E4 Encryption Switch
- Author(s):
- Release date: February 2012
- Publisher(s): IBM Redbooks
- ISBN: None
You might also like
book
IBM Wave for z/VM Installation, Implementation, and Exploitation
IBM® Wave for z/VM® is a virtualization management solution for IBM z/VM and Linux on System …
book
IBM DS8900F Architecture and Implementation Release 9.1
This IBM Redbooks publication describes the concepts, architecture, and implementation of the IBM DS8900F family. The …
book
IBM DS8900F Performance Best Practices and Monitoring
This IBM® Redbooks® publication is intended for individuals who want to maximize the performance of their …
book
IBM FlashSystem 7200 Product Guide
This IBM® Redbooks® Product Guide publication describes the IBM FlashSystem® 7200 solution, which is a comprehensive, …