跳转到主内容

如何从板载密钥管理器过渡到外部密钥管理器?

Views:
1
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
CORE
Last Updated:

适用场景

  • ONTAP 9
  • NetApp 卷加密 (NetApp Volume Encryption, NVE)
  • NetApp 聚合加密( NAE )
  • NetApp 存储加密( NSE )

问题解答

  1. 对相应的加密类型执行以下步骤之一:
    1. NetApp存储加密(NSE):
      • 将身份验证密钥重置为默认的制造商安全ID (MSID) 0x0。
    2. NetApp卷加密(NVE): 
      • 取消对所有卷的加密
    3. NetApp聚合加密(NAE):
      • 将所有NAE或NVE卷作为非加密卷移动到非NAE聚合。
  2. 如果您来自OKM、请删除OKM配置并创建外部密钥管理器配置。
  3. 如果您来自外部密钥管理器、请删除外部密钥管理器配置并创建OKM配置。
  4. 最后、为NSE驱动器设置身份验证密钥、并使用NVE对所需卷进行加密。

 

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.