DCFM Professional Plus User Manual (53-1001774-01, June 2010)

DCFM Professional Plus User Manual 467
53-1001774-01
18
Steps for connecting to an LKM appliance
The NetApp Lifetime Key Manager (LKM) resides on an FIPS 140-2 Level 3-compliant network
appliance. The encryption engine and LKM appliance communicate over a trusted link. A trusted
link is a secure connection established between the Encryption switch or blade and the NetApp
LKM appliance, using a shared secret called a link key.
The following configuration steps are performed from the NetApp DataFort Management Console
and from the Management application:
Install and launch the NetApp DataFort Management Console.
Establish the trusted link.
Obtain and import the LKM certificate.
Export and register encryption node certificates on LKM.
If required, create an LKM cluster for high availability.
These steps are described in more detail in the following sections.
The NetApp DataFort Management Console
The NetApp DataFort Management Console (DMC) must be installed on your PC or workstation to
complete certain procedures described in this appendix. Refer to the appropriate DMC product
documentation for DMC installation instructions. After you install DMC, do the following.
1. Launch the DMC.
2. Click the Appliance tab on the top panel.
3. Add the NetApp LKM appliance IP address or hostname.
4. Right-click the added IP address and log into the NetApp LKM key vault.