Fibre Channel (SAN)

Reply
Visitor
Posts: 1
Registered: ‎02-14-2014

Meta-SAN Encryption Design

[ Edited ]

I have a customer with a 3-site MetaSAN (call them 1,2 and 3).  Each site has dual fabrics (call them A and B).  Each fabric contains a single DCX director and various blade blade-chassis connections into a production VF.   Site 1 and 2 will have Keystores in them.  I understand the basic encryption configuration of a switch to it's respective host and target, however the documentation is lacking when it comes to larger configurations. 

 

If I have a DEK Cluster between DCX 1A and 1B, but am replicating from Site 1 to Site 2, is there a way to "DEK Cluster" these two sites?  Otherwise my target lun at Site 2 is encrypted and not in a CTC that Site 2 is aware of.    Is the correct course to create CTCs at Site 2 with the Failover Initiators/Targets and replication destination Lun ID?

External Moderator
Posts: 4,788
Registered: ‎02-23-2004

Re: Meta-SAN Encryption Design

Hi,

 

I have made some experience with encryption, but to be honestly have a doubt that such a design is support.

I know a TWO Site Enc- Fabric is supported, the draw you post here show TREE Site Enc- Fabric.

which role have the H28 Fabric ?
who manages the Key this Fabric ?

from where you get this design approved ?

 

finaly,

 

--->>>...however the documentation is lacking when it comes to larger configurations.

 

you are right, I fight for months with Brocade Product Management to obtain more DOC about Encryption, the say is only available for OEM.

TechHelp24

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.