DCFM Professional User Manual
349
53-1001773-01
Network connections
14
Network connections
Before you use the encryption setup wizard for the first time, you must have the following required
network connections:
•
The management ports on all encryption switches and 384-port Backbone Chassis CPs that
have encryption blades installed must have a LAN connection to the SAN management
program, and must be available for discovery.
•
A supported key management appliance must be connected on the same LAN as the
management port of the encryption switches, 384-port Backbone Chassis CPs, and the SAN
Management program.
•
In some cases, you may want to have an external host available on the LAN to facilitate
certificate exchange between encryption nodes and the key management appliance. You may
use the SAN management program host computer rather than an external host.
•
All switches in the planned encryption group must be interconnected on a private LAN. This
LAN is used to exchange security parameters and certificates, and to synchronize encryption
engine operations. Refer to
“Configuring blade processor links”
on page 349 for details.
Configuring blade processor links
Each encryption switch or blade has two GbE ports labeled Ge0 and Ge1. The Ge0 and Ge1 ports
are Ethernet ports that connect encryption switches and blades to other encryption switches and
blades. Both ports of each encryption switch or blade must be connected to the same IP network,
and the same subnet. Static IP addresses should be assigned. VLANs should not be used, and
DHCP should not be used. These two ports are bonded together as a single virtual network
interface to provide link layer redundancy.
All encryption switches or blades in an encryption group must be interconnected by these links
through a dedicated LAN before their encryption engines are enabled. Security parameters and
certificates cannot be exchanged if these links are not configured and active.
Take the following steps to configure blade processor links.
1. Select Configure > Encryption from the menu bar.
The Encryption Center dialog box displays.
2. Right click on the encryption engine, and select Blade Processor Link.
The Blade Processor Link dialog box displays.
3. Enter the link IP address and mask, and the gateway IP address.
4. Click OK.
The Blade Processor Link dialog box may also be launched from the following locations:
-
Select Group > HA Clusters and select the Configure Blade Processor Link button.
-
Select a Group, Switch or Encryption Engine, select Targets > LUN and select the Configure
Blade Processor Link button.
Summary of Contents for Brocade BladeSystem 4/12
Page 1: ...53 1001773 01 14 April 2010 DCFM Professional User Manual Supporting DCFM 10 4 X ...
Page 3: ...DCFM Professional User Manual iii 53 1001773 01 ...
Page 4: ...iv DCFM Professional User Manual 53 1001773 01 ...
Page 88: ...56 DCFM Professional User Manual 53 1001773 01 Seed switch 2 ...
Page 146: ...114 DCFM Professional User Manual 53 1001773 01 Customizing the main window 4 ...
Page 152: ...120 DCFM Professional User Manual 53 1001773 01 Launching HCM Agent 5 ...
Page 246: ...214 DCFM Professional User Manual 53 1001773 01 Syslog forwarding 8 ...
Page 262: ...230 DCFM Professional User Manual 53 1001773 01 Generating zoning reports 10 ...
Page 662: ...630 DCFM Professional User Manual 53 1001773 01 ...