Table Of Contents
Cisco SME Best Practices
Overview of Best Practices
General Practices
Cisco SME Configuration Practices
Cisco KMC Practices
Fabric Management Practices
Cisco SME Best Practices
This chapter describes Cisco Storage Media Encryption best practices. You can avoid problems when configuring Cisco SME if you observe the best practices described in this chapter.
Overview of Best Practices
Best practices are the recommended steps you should take to ensure the proper operation of Cisco SME. We recommend the following best practices for Cisco SME configurations:
•General Practices
•Cisco SME Configuration Practices
•Cisco KMC Practices
•Fabric Management Practices
General Practices
•Maintain a consistent Cisco SAN-OS release across all your Cisco MDS switches.
•Refer to the"Planning For Cisco SME Installation" appendix for preconfiguration information and procedures.
•Enable system message logging. For information on system messages, refer to the Cisco MDS 9000 Family Troubleshooting Guide.
•Refer to the release notes for your Cisco SAN-OS release for the latest features, limitations, and caveats.
Cisco SME Configuration Practices
•Troubleshoot any new configuration changes after implementing the change.
•Save all configuration changes on all switches in the cluster for correct cluster operation.
•When designing your backup environment, consider that Cisco NX-OS supports one cluster per switch.
•For configuration changes to Cisco SME tape groups, it is recommended that the backup application is quiesced during the configuration change.
•Refer to the Cisco Storage Media Encryption Design Guide for guidelines on sizing and placements of Cisco SME interfaces.
Cisco KMC Practices
•As your data storage grows, the number of tape keys will also grow over time. This is especially the case when you select the unique key mode. It is a good practice to store only active keys in the Cisco KMC database.
•To insure redundancy and availability, it is important to backup your Cisco KMC database regularly.
•The Cisco KMC listens for key updates and retrieves requests from switches on a TCP port. The default port is 8800; however, the port number can be modified in the smeserver.properties file.
Note For more information, refer to Storage Media Encryption Key Management White Paper.
Fabric Management Practices
•Use Fabric Manager and Device Manager to proactively manage your fabric and detect possible problems before they become critical.
Note For details on SME sizing and topology guidelines and case studies, refer to Cisco Storage Media Encryption Design Guide .