Data Center Fabric Manager Professional Plus User Manual - Supporting DCFM 10.3.x (53-1001356-01, October 2009)
436 DCFM Professional Plus User Manual
53-1001356-01
Viewing and editing switch encryption properties
15
• Firmware Version - the current encryption firmware on the switch.
• Primary Key Vault Link Key Status - the possible statuses are as follows:
- Not Used – the key vault type is not LKM.
- No Link Key – no access request was sent to an LKM yet, or a previous request was not
accepted.
- Waiting for LKM approval – a request was sent to LKM and is waiting for the LKM
administrator’s approval.
- Waiting for local approval – a response was received from LKM.
- Created, not validated – the interim state until first used.
- OK – a shared link key exists and has been successfully used.
• Primary Key Vault Connection Status - whether the primary key vault link is connected. Possible
values are Unknown, Key Vault Not Configured, No Response, Failed authentication, and
Connected.
• Backup Key Vault Link Key Status - the possible statuses are as follows:
- Not Used – the key vault type is not LKM.
- No Link Key – no access request was sent to an LKM yet, or a previous request was not
accepted.
- Waiting for LKM approval – a request was sent to LKM and is waiting for the LKM
administrator’s approval.
- Waiting for local approval – a response was received from LKM.
- Created, not validated – the interim state until first used.
- OK – a shared link key exists and has been successfully used.
• Backup Key Vault Connection Status - whether the backup key vault link is connected. Possible
values are Unknown, Key Vault Not Configured, No Response, Failed authentication, and
Connected.
• Public Key Certificate text box - the switch’s KAC certificate, which must be installed on the
primary and backup key vaults.
• Save As button - saves the certificate to a file in PEM format. The file may be loaded into the
key vault using the key vault’s tools.
• Encryption Engine Properties table - the properties for the encryption engine. There may be 0
to 4 slots, one for each encryption engine in the switch.
• Current Status - the status of the encryption engine. There are many possible values, but
common values are Not Available (the engine is not initialized), Disabled, Operational, need
master/link key, and Online.
• Set State To - enter a new value, enabled or disabled, and click OK to apply the change.
• Total Targets - the number of the encrypted target device.
• Routing Mode - the routing mode of the encryption engine. Only Shared is supported for this
release.
• HA Cluster Peer - the name and location of the high-availability (HA) cluster peer (another
encryption engine in the same group), if in an HA configuration.