Cisco MDS 9000 Family Storage Media Encryption Configuration Guide - Release 4.x (OL-18091-01, February 2009)

Send documentation comments to mdsfeedback-doc@cisco.com
6-16
Cisco MDS 9000 Family Storage Media Encryption Configuration Guide
OL-18091-01, Cisco MDS NX-OS Release 4.x
Chapter 6 Cisco SME Key Management
Key Management Operations
A replication relationship is set between the volume groups in the different clusters and the replication
context for the destination clusters need to be acquired. Once the relationship is set up between the
clusters, whenever a key is generated in the source cluster, the key is automatically translated to the
destination cluster.
The translation of the keys is a scheduled process and based on the preset frequency all the key pairs
generated in that time period are translated to the destination cluster. Every key that is generated and
scheduled for replication, since last job start time, are translated using the replication context, which is
the public key of the destination cluster.
The key replication across data centers requires the translation of key hierarchy. The key from the source
cluster is translated using the public key of the destination cluster and then sent to the destination cluster.
In the destination cluster, the key is unwrapped with the private key of the destination cluster and then
wrapped with the key hierarchy of the destination cluster.
Auto Replicating Keys in Fabric Manager Web Client
This section describes how to auto replicate the media keys in the Fabric Manager Web Client. The
following topics are covered:
Creating Remote Replication Relationships, page 6-16
Removing Remote Replication Relationships, page 6-18
Creating Remote Replication Relationships
To auto replicate the media keys, follow these steps:
Step 1 In the Fabric Manager Web Client, click the SME tab.
Step 2 Select Clusters in the navigation pane to display the clusters.
Step 3 Select a cluster and select Remote Replication. The Remote Replication Relationships pane appears.