Identifying drives
Identify an LTO tape drive for use with IBM® Security Guardium® Key Lifecycle Manager. Before you begin, create the key groups that you want to associate with tape drives that you identify.
About this task
You can use the Add Tape Drives dialog or the Device Add REST Service to add a device. Your role must have the permission to the create action and a permission to the appropriate device group.
- Only accept manually added devices for communication
- All incoming devices are not added to the data store. You must manually specify key service to each device.
- Hold new device requests pending my approval
- All incoming devices of a valid device group are added to the device store, but are not automatically served keys upon request. You must accept or reject a device in the pending devices list before the device is served keys upon request.
- Automatically accept all new device requests for communication
- All new incoming devices of a valid device group are added to the data store and are
automatically served keys upon request.Note: Do not use this setting if you intend to move the new device to another device group. Instead, select manual or pending approval mode to allow an opportunity to move the device into the appropriate device group before any keys are served.
Any setting is acceptable if there are no device groups. However, if device groups are specified:
Determine whether you want IBM Security Guardium Key Lifecycle Manager to automatically accept requests from all drives. For greater security, after all drives are discovered, you might turn off this option for a production environment.
Procedure
What to do next
Next, you can use the LTO Key and Device Management page to view all key groups and devices.