Enabling IBM Fibre Channel Endpoint Security

Use the Enable Endpoint Security wizard to enable IBM® Fibre Channel Endpoint Security. After Fibre Channel Endpoint Security is enabled, it is used only on Fibre Channel ports that are configured for Fibre Channel Endpoint Security.

Before you begin

Enabling Fibre Channel Endpoint Security requires a user with the storage administrator role. See Managing secure user accounts.

Ensure that at least two key servers are online and accessible. If you are using a KMIP compatible key server, the SSL certificate must be available.

Procedure

  1. Click Settings > Security. On the Security page, select Endpoint security.
  2. Click Enable Endpoint Security to open the Enable Endpoint Security wizard.
  3. On the Key Servers page of the wizard, enter the Host Name and Port for they key servers. You can specify up to four key servers.

    Click Use existing key servers from Data at Rest Encryption to use the key servers that are configured for data at rest encryption.

    Click Next. The wizard connects to the servers before opening the Key Server Certificates page.

  4. On the Key Server Certificates page, browse and select the key server certificates for each key server.

    If your storage system is configured for data at rest encryption, click Use existing certificates from Data at Rest Encryption to use the certificates from the key servers that are configured for data at rest encryption.

  5. Click Finish to enable Fibre Channel Endpoint Security.