Instruction/ maintenance manual of the product HP LTO4 Sun Microsystems
Go to page of 38
Sun StorageTek TM Crypto Key Management System HP LTO4 Encryption-Capable Tape Drives Technical Brief Part Number: 316196601 Revision: A.
.
Sun Microsystems, Inc. www .sun.com Cr ypto K e y Management System V ersion 2.0 HP L T O4 T ape Driv e T echnical Br ief P art Number : 316196601 June 2008 Revision: A.
Copyright © 2008 Su n Microsyste ms, Inc., 4150 Network Cir cle, Santa Clara , California 95 054, U.S.A. All ri ghts rese rved. Sun Microsyste ms, Inc. has intellectual pr operty rights relating to technology embodied in th e product that is described in thi s document.
316196601 • Revision: A iii Contents Preface v Organization v Related Information v Additional Information vi 1. Introduction 1 Drive Tray 2 Specifications 3 Compatibility 5 Order Numbers 6 2.
iv KMS: LTO4 Technical Brief • June 20 08 Revision: A • 316196601 Using VOP 19 Start VOP 20 Diagnose Drive Tab 23 Run LED Diagno stic T est 23 Run Loopback T est 24 Get Log 25 Load Firmware 25.
316196601 • Revision: A v Pr eface This technical brief is intended for Sun StorageT ek TM r epresentatives, customers, and anyone r esponsible for planning the installation of the Cr ypto Key Management System (KMS ) encryption solution.
Preface vi KMS: LTO4 Technical Brief • June 2008 Revision: A • 316196601 Additional Information Sun Microsystems, Inc. (Sun) of fers se veral methods to obtain additional information. Sun’s External W eb Site Sun’s external W eb site pr ovides marketing, product, event, cor porate, and service information.
316196601 • Revision: A 1 CHAPTER 1 Intr oduction Overview The Hewlett Packard (HP) L TO4 is the fourth-generatio n of Ultrium, Linear T ape-Open tape drives. This ge neration offe rs more capac ity and incr eased performance than e arlier versions of L TO tape drives.
Drive Tray 2 KMS: LTO4 Technical Brief • June 2 008 Revision: A • 316196601 Installing this tape drive in one of Sun St orageT ek ’s automated tape configurations offe rs customers wi th an even wider ch oice of tape-based storage solutions.
316196601 • Revision: A Chapter 1 Introduction 3 Specific ations Specifications T A BLE 1- 1 provides a comparison of tape drive specifications. T ABLE 1-1 T ape Drive Specifications LT O 2 LT O 3 LT O 4 Physical Specifications Height 8.25 cm (3.25 in.
Specifications 4 KMS: LTO4 Technical Brief • June 2 008 Revision: A • 316196601 TA B L E 1-2 provides a comparison of media specifications. T A BLE 1-3 lists the reliabilit y specifications.
316196601 • Revision: A Chapter 1 Introduction 5 Specific ations Compatibility HP L TO Ultrium 4 drives are specified to inter change with un-encrypted data c a r t r i d g es f r o m o t h er t a p.
Order Numbers 6 KMS: LTO4 Technical Brief • June 2 008 Revision: A • 316196601 Or der Numbers License Keys Configured E nd Items X-Options (Conversion Bills) Dione Card FIGURE 1-2 License Ke ys L T O 4 Encryp tion Key Marketing Number Description Bundled X-HP-L TO4-EKEY - B One r equir ed per encrypti on enabled dri ve.
316196601 • Revision: A 7 CHAPTER 2 Dione Car d The Dione card—pr onounced (D - O - nee)—i s a custom d esign that provides an Ethernet interface fo r the HP L TO4 tape dr ive. W ith this inte rface, the HP L TO4 tape drive can: ■ Encrypt and decrypt data using the Su n StorageT ek Crypto Key Management System (KMS), V ersion 2.
Dione Card Components 8 KMS: LTO4 Technical Brief • June 2 008 Revision: A • 316196601 Dione Car d Components The Dione card installs in the open ar ea of the drive trays behind the tape drives.
316196601 • Revision: A Chapter 2 Dione Card 9 Dione Card Components Connecting to the Dione Car d FIGURE 2-2 shows two ways to conn ect to the Dione card: ■ Point-to-point usin g a crossover cable ■ Network using a switch or hub and standa rd (straight-through) Ethernet cables Note – The default I P addre ss of the Dione car d is 10.
KMS Operations 10 KMS: LTO4 Technical Brief • June 2008 Revision: A • 316196601 KMS Operations When the tape drive is powered-on, th e Dione card co mmunicates to the dr ive o v e r t h e s er i a l p o r t t o t a k e c o n t r o l of drive encryption and decryption.
316196601 • Revision: A Chapter 2 Dione Card 11 KMS Operations A potential issue: Th a t L TO 4 dr i v e fi r m w are w i l l n o t re qu e s t a write key in the following scenario: Read, Space, W rite-Filemark, W rite. The drive will use the same key obtained for the Read command to encrypt the data pr ovided for the W rite command.
KMS Operations 12 KMS: LTO4 Technical Brief • June 2008 Revision: A • 316196601 At release, the functionality to set a ke y in a compr omised state is not present. This is a low impact issu e due to the syst em assi gning unique encryption keys for e a c h t a p e c a r t r i d g e .
316196601 • Revision: A Chapter 2 Dione Card 13 KMS Operations FIGURE 2-4 prov ides an example of a KMS Manager display sc reen using the elements from and HP L TO4 drive. FIGURE 2-4 K M S M a n a g e r D a t a U n i t L i s t 1. Data Unit ID (data cartridge) 2.
Removal and Replacemen t 14 KMS: LTO4 Technical Brief • June 2008 Revision: A • 316196601 Removal and Replacement Encryption-capable HP L TO 4 tape drives contain an Ethernet card, which i s a field repla ceable unit (FRU).
316196601 • Revision: A Chapter 2 Dione Card 15 Removal and Replacement 3. Place the drive and drive tray on a suitable work s urface. 4. Remove the two T9 screws from the top cover and r emove the cover . 5. Remove the connecto rs fr om the HBD card.
Removal and Replacemen t 16 KMS: LTO4 Technical Brief • June 2008 Revision: A • 316196601.
316196601 • Revision: A 17 CHAPTER 3 V irtual Operator Panel The Sun StorageT ek V irtual Operator Pane l (VOP) is a computer-based application that provides a graphical user interface (GUI) to these tape drives: ■ T10000A ■ T10000B ■ T9840D W ith the VOP at V ersion 1.
18 KMS: LTO4 Technical Brief • June 2008 Revision: A • 316196601 The VOP application uses an Ethernet connec tion to communicate with the tape drives, either: ■ Point-to-point, using a cross-ove.
316196601 • Revision: A Chapter 3 Virtual Operator Pan el 19 Using VOP Using VOP Ther e are two v e rsions of VOP: 1) Customer an d 2) Se rvice. Refer to the VOP documentation for in formation about how to download and install these applications. TA B L E 3-1 is an example of these versions .
Using VOP 20 KMS: LTO4 Technical Brief • June 2008 Revision: A • 316196601 Start VOP Importa nt: ■ Remember , the Service Delivery Platform (SDP) does not support th e L TO4 drives. Y ou may need to make adjustments to the netw ork addresses if mixing t a p e d r i v e s o n t h e s a m e K M A a n d / o r S D P n e t w o r k ( L A N 2 ) .
316196601 • Revision: A Chapter 3 Virtual Operator Pan el 21 Using VOP 5. Sel ect the Configure Drive tab and enter the r equired information. Y ou will need customer input for the KMA ID, IP Address, and Passphrase. 6. Click Commit and respond “Y es” to the set drive offline pop-up (if still online).
Using VOP 22 KMS: LTO4 Technical Brief • June 2008 Revision: A • 316196601 During the com mit proces s, the tape d rive goes of fline then IPLs to save th e new settings to the Dione card. Impor tant: When the drive comes back online, it is now using the new IP addr ess.
316196601 • Revision: A Chapter 3 Virtual Operator Pan el 23 Diagnose Drive Tab Diagnose Drive T ab The Dione car d and the VOP Diagnose Driv e tab allow you to perform limit tests, get logs for engine ering review , and to load Dione card firmware.
Diagnose Drive Tab 24 KMS: LTO4 Technical Brief • June 2008 Revision: A • 316196601 Run Loopback T est T o run the Loopback diagnostic test: 1. Click on Run Loopb ack T est.
316196601 • Revision: A Chapter 3 Virtual Operator Pan el 25 Diagnose Drive Tab Get Log I f a D i o n e c a r d o r c o n n e c t i o n i s c o n s i s tently having problems, engineer ing may request you retrieve a log of events from the Dione card.
Diagnose Drive Tab 26 KMS: LTO4 Technical Brief • June 2008 Revision: A • 316196601.
316196601 • Revision: A 27 Index B batch file ,1 9 C cartridge memory ,1 2 comparisons LT O t a p e d r i v e s ,3 media ,4 compatibility , media ,5 compliance regulations ,2 Configure Drive tab ,2 .
28 KMS: L T O4 T echnical Br ief • June 2008 Revision: A • 31 6196601 overview ,1 specifications ,3 LT O 4 i n t e r f a c e s ,1 M manual organization ,v manuals ,v media encryption-capability ,5.
.
SU N™ THE NETWORK IS THE COMPUTER ©2006 Sun Microsystems , Inc. All rights reserved. Sun, Sun Microsystems, and the Sun logo ar e trademarks or registered trademarks of Sun Microsystems , Inc. in the United States and other countries. Sun Microsys tems, Inc.
An important point after buying a device Sun Microsystems HP LTO4 (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought Sun Microsystems HP LTO4 yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data Sun Microsystems HP LTO4 - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, Sun Microsystems HP LTO4 you will learn all the available features of the product, as well as information on its operation. The information that you get Sun Microsystems HP LTO4 will certainly help you make a decision on the purchase.
If you already are a holder of Sun Microsystems HP LTO4, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime Sun Microsystems HP LTO4.
However, one of the most important roles played by the user manual is to help in solving problems with Sun Microsystems HP LTO4. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device Sun Microsystems HP LTO4 along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center