Dell PowerVault ML6000 Faq
Dell encryption key manager and library managed encryption - best practices and faq
Hide thumbs
Also See for PowerVault ML6000:
- Maintenance manual (494 pages) ,
- Reference manual (156 pages) ,
- Getting started manual (134 pages)
Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Related Manuals for Dell PowerVault ML6000
Summary of Contents for Dell PowerVault ML6000
- Page 1 Dell Encryption Key Manager and Library Managed Encryption Best Practices and FAQ...
-
Page 2: Notes And Cautions
© 2009–2011 Dell Inc. All rights reserved. Reproduction of these materials in any manner whatsoever without the written permission of Dell Inc. is strictly forbidden. Trademarks used in this text: Dell™, the DELL logo, and PowerEdge™ are trademarks of Dell Inc. ® ®... -
Page 3: Table Of Contents
Contents Dell Encryption Key Manager and Library Managed Encryption ..Best Practices ..... . . - Page 4 ....The Dell Encryption Key Manager User's Guide does not contain details on how the user can edit the EKM configuration files for the server and client .
- Page 5 My PowerVault TL2000/TL4000 is configured for library-managed encryption and my RMU shows an error condition with no associated text ....When I attempt to add a drive manually using adddrive in the CLI, it asks for a 12-digit drive serial number.
- Page 6 Contents...
-
Page 7: Dell Encryption Key Manager And Library Managed Encryption
The Dell Encryption Key Manager (EKM) GUI allows for the key store to be backed up every time a configuration change is made. - Page 8 EKM. Media encrypted in one Dell PowerVault tape library can be restored through another PowerVault tape library as long as the key store associated with the original library can be accessed by the second library.
-
Page 9: Faq
Is EKM supported on a virtual machine? Support for Microsoft Windows Hyper-V and VMWare 4.0 was added in EKM version 2.1 available at support.dell.com. EKM must run on a supported guest operating system. Dell Encryption Key Manager and Library Managed Encryption... -
Page 10: How Do I Upgrade My Current Ekm To Version 2.1
Install EKM 2.1. Use the GUI to configure the EKM. The EKM 2.1 settings must be the same as the original EKM - the following items must match: group name, number of keys, key store name, and key store password. Dell Encryption Key Manager and Library Managed Encryption... -
Page 11: Can An Ekm Server Running Ekm
5 Replace the redundant EKM files at C:\ekm\gui with the files from the primary EKM (files from step 4). 6 Restart the redundant EKM and note the IP address of the redundant EKM. 7 Launch the command line interface in the redundant EKM (C:\ekm\client\startclient.bat). Dell Encryption Key Manager and Library Managed Encryption... -
Page 12: How Do I Synchronize The Redundant
How do I ensure that EKM restarts automatically if my server reboots? EKM should be configured to run as a Windows or Linux-based service to ensure that it restarts automatically if the server reboots. Dell Encryption Key Manager and Library Managed Encryption... -
Page 13: How Do I Configure Ekm To Run As A Windows Service In A 32-Bit Environment
In a primary and redundant EKM configuration, this needs to be configured for each platform. 1 Download the Dell - Application Version Dell EKM Services release for the TL2000/TL4000 or the Dell - Patch/Upgrade for the ML6000 from the Dell Support website at support.dell.com. - Page 14 Table 1-1. Table of the file options and the complete path they must point to, if using the default installation and key store names Options Complete Path config.keygroup.xml.file FILE:C:/ekm/gui/keygroups/KeyGroups.xml Admin.ssl.keystore.name C:/ekm/gui/EKMKeys.jck TransportListener.ssl.truststore. C:/ekm/gui/EKMKeys.jck name Audit.metadata.file.name C:/ekm/gui/metadata/ekm_metadata.xml Audit.handler.file.directory C:/ekm/gui/audit config.keystore.file C:/ekm/gui/EKMKeys.jck TransportListener.ssl.keystore. C:/ekm/gui/EKMKeys.jck name Dell Encryption Key Manager and Library Managed Encryption...
- Page 15 You must start the EKM Windows Service manually the first time it is used by using the control panel. 10 Once the Dell Encryption Key Manager is installed as a Windows service with the above command, it can be started and stopped from the Service Control Panel.
-
Page 16: How Do I Configure Ekm To Run As A Windows Service In A 64-Bit Environment
The variables should contain the following paths if they are correct. Pay close attention to the location of the semicolons. Semicolons should only be used between paths. 1 Click Start Settings Control Panel. 2 Double click System. Dell Encryption Key Manager and Library Managed Encryption... -
Page 17: How Do I Uninstall Ekm As A Windows Service
4 Navigate to the EKMServer directory through C:\cd ekmserver. 5 Start the EKM server by typing startServer. 6 Navigate to the ekmclient folder through C:\cd then C:\cd ekmclient. 7 Start EKM client by typing startClient. Dell Encryption Key Manager and Library Managed Encryption... -
Page 18: Ekm Server Is Configured To Start As A Windows Service But It Stops After Initially Starting
Rename the file to EKMKeys.jck and copy it back to C:\ekm\gui directory. Alternatively, uninstall and re-install the EKM service (if installed) and EKM Server. For more information, see "How do I uninstall EKM as a Windows service?" on page 17. Dell Encryption Key Manager and Library Managed Encryption... -
Page 19: How Do I Configure The Ekm Cli Client
EKM server. To turn this feature on in a Linux-based system: 1 Download Dell - Patch/Upgrade for the ML6000 or the Dell - Application Version Dell EKM Services release for the TL2000/TL4000 from the Dell Support website at support.dell.com. -
Page 20: How Do I Uninstall Ekm
4 Delete the full ekm directory (C:\ekm). How do I reinstall the EKM? Put the EKM CD in the drive and run through the installer again. The EKM Quick Start Guide can be used as a reference. Dell Encryption Key Manager and Library Managed Encryption... -
Page 21: I Am Having Issues With A New
PowerVault TL2000 or TL4000. Tapes cannot be overwritten in this manner in the PowerVault ML6000. Tapes can be migrated from an ML6000 to a TL2000 or TL4000 for this purpose. The TL2000 or TL4000 then needs to be pointed to the appropriate EKM. -
Page 22: How Do I Recover From A Forgotten Ekm Gui Login Password
Stop the EKM service or stop the server through the EKM Server GUI. Copy the backup files to their respective file directory without the date and time stamp prefix. Table 1-2 details the respective file names and directory paths for restoration: Dell Encryption Key Manager and Library Managed Encryption... -
Page 23: My Redundant Ekm Server Does Not Start And The Login Fails
EKM configuration files for the server and client The Dell Encryption Key Manager User's Guide tells the user that the KeyManagerConfig.Properties file and the KeyManagerConfig_Client.properties file must be modified on some occasions. -
Page 24: My Powervault Tl2000/Tl4000 Posts An Lme Failure When I Change The Configuration From Library-Managed Encryption To Application-Managed Encryption
The tape backup application does not show encryption as enabled if library-managed encryption is used. The tape backup application only shows encryption as enabled if the application is providing the keys to the drive (application-managed encryption). Dell Encryption Key Manager and Library Managed Encryption... -
Page 25: How Does Ekm Handle The Addition Of New Drives Or The Replacement Of Bad Drive
Therefore compression has no effect on encryption and vice versa. Is there a performance impact with encryption? There can be a slight performance impact with encryption but it should not cause an increase in the backup window. Dell Encryption Key Manager and Library Managed Encryption... - Page 26 EC number: M10948A IBM Part number: 46X4059...