Cisco MDS 9000 Family Storage Media Encryption Configuration Guide - Cisco SME Best Practices [Cisco MDS 9000 NX-OS and SAN-OS Software]

Table Of Contents

Cisco SME Best Practices

Overview of Best Practices

General Practices

Cisco SME Configuration Practices

Cisco KMC Practices

Fabric Management Practices

Cisco SME Best Practices

This chapter describes Cisco Storage Media Encryption best practices. You can avoid problems when configuring Cisco SME if you observe the best practices described in this chapter.

Overview of Best Practices

Best practices are the recommended steps you should take to ensure the proper operation of Cisco SME. We recommend the following best practices for Cisco SME configurations:

•General Practices

•Cisco SME Configuration Practices

•Cisco KMC Practices

•Fabric Management Practices

General Practices

•Maintain a consistent Cisco SAN-OS release across all your Cisco MDS switches.

•Refer to the"Planning For Cisco SME Installation" appendix for preconfiguration information and procedures.

•Enable system message logging. For information on system messages, refer to the Cisco MDS 9000 Family Troubleshooting Guide.

•Refer to the release notes for your Cisco SAN-OS release for the latest features, limitations, and caveats.

Cisco SME Configuration Practices

•Troubleshoot any new configuration changes after implementing the change.

•Save all configuration changes on all switches in the cluster for correct cluster operation.

•When designing your backup environment, consider that Cisco NX-OS supports one cluster per switch.

•For configuration changes to Cisco SME tape groups, it is recommended that the backup application is quiesced during the configuration change.

•Refer to the Cisco Storage Media Encryption Design Guide for guidelines on sizing and placements of Cisco SME interfaces.

Cisco KMC Practices

•As your data storage grows, the number of tape keys will also grow over time. This is especially the case when you select the unique key mode. It is a good practice to store only active keys in the Cisco KMC database.

•To insure redundancy and availability, it is important to backup your Cisco KMC database regularly.

•The Cisco KMC listens for key updates and retrieves requests from switches on a TCP port. The default port is 8800; however, the port number can be modified in the smeserver.properties file.

Note For more information, refer to Storage Media Encryption Key Management White Paper.

Fabric Management Practices

•Use Fabric Manager and Device Manager to proactively manage your fabric and detect possible problems before they become critical.

Note For details on SME sizing and topology guidelines and case studies, refer to Cisco Storage Media Encryption Design Guide .

	Cisco MDS 9000 Family Storage Media Encryption Configuration Guide
	Cisco SME Best Practices
Cisco MDS 9000 Family Storage Media Encryption Configuration Guide Index New and Changed Information Preface Cisco SME Overview Cisco SME Getting Started Cisco SME Cluster Management Cisco SME Interface Configuration Cisco SME Tape Management Cisco SME Key Management Using the CLI to Configure Cisco SME Cisco SME Best Practices Cisco SME Troubleshooting Cisco SME CLI Commands Offline Data Restore Tool Creating Self-sign certificates Database Backup and Restore Planning for Cisco SME Installation	Download this chapter Cisco SME Best Practices Download the complete book Complete Book PDF (PDF - 7 MB) Feedback Table Of Contents Cisco SME Best Practices Overview of Best Practices General Practices Cisco SME Configuration Practices Cisco KMC Practices Fabric Management Practices Cisco SME Best Practices This chapter describes Cisco Storage Media Encryption best practices. You can avoid problems when configuring Cisco SME if you observe the best practices described in this chapter. Overview of Best Practices Best practices are the recommended steps you should take to ensure the proper operation of Cisco SME. We recommend the following best practices for Cisco SME configurations: •General Practices •Cisco SME Configuration Practices •Cisco KMC Practices •Fabric Management Practices General Practices •Maintain a consistent Cisco SAN-OS release across all your Cisco MDS switches. •Refer to the"Planning For Cisco SME Installation" appendix for preconfiguration information and procedures. •Enable system message logging. For information on system messages, refer to the Cisco MDS 9000 Family Troubleshooting Guide. •Refer to the release notes for your Cisco SAN-OS release for the latest features, limitations, and caveats. Cisco SME Configuration Practices •Troubleshoot any new configuration changes after implementing the change. •Save all configuration changes on all switches in the cluster for correct cluster operation. •When designing your backup environment, consider that Cisco NX-OS supports one cluster per switch. •For configuration changes to Cisco SME tape groups, it is recommended that the backup application is quiesced during the configuration change. •Refer to the Cisco Storage Media Encryption Design Guide for guidelines on sizing and placements of Cisco SME interfaces. Cisco KMC Practices •As your data storage grows, the number of tape keys will also grow over time. This is especially the case when you select the unique key mode. It is a good practice to store only active keys in the Cisco KMC database. •To insure redundancy and availability, it is important to backup your Cisco KMC database regularly. •The Cisco KMC listens for key updates and retrieves requests from switches on a TCP port. The default port is 8800; however, the port number can be modified in the smeserver.properties file. Note For more information, refer to Storage Media Encryption Key Management White Paper. Fabric Management Practices •Use Fabric Manager and Device Manager to proactively manage your fabric and detect possible problems before they become critical. Note For details on SME sizing and topology guidelines and case studies, refer to Cisco Storage Media Encryption Design Guide .
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks