For more details, please see ourCookie Policy.

Fibre Channel (SAN)

Posts: 1
Registered: ‎02-14-2014

Meta-SAN Encryption Design

[ Edited ]

I have a customer with a 3-site MetaSAN (call them 1,2 and 3).  Each site has dual fabrics (call them A and B).  Each fabric contains a single DCX director and various blade blade-chassis connections into a production VF.   Site 1 and 2 will have Keystores in them.  I understand the basic encryption configuration of a switch to it's respective host and target, however the documentation is lacking when it comes to larger configurations. 


If I have a DEK Cluster between DCX 1A and 1B, but am replicating from Site 1 to Site 2, is there a way to "DEK Cluster" these two sites?  Otherwise my target lun at Site 2 is encrypted and not in a CTC that Site 2 is aware of.    Is the correct course to create CTCs at Site 2 with the Failover Initiators/Targets and replication destination Lun ID?

External Moderator
Posts: 5,619
Registered: ‎02-23-2004

Re: Meta-SAN Encryption Design



I have made some experience with encryption, but to be honestly have a doubt that such a design is support.

I know a TWO Site Enc- Fabric is supported, the draw you post here show TREE Site Enc- Fabric.

which role have the H28 Fabric ?
who manages the Key this Fabric ?

from where you get this design approved ?




--->>>...however the documentation is lacking when it comes to larger configurations.


you are right, I fight for months with Brocade Product Management to obtain more DOC about Encryption, the say is only available for OEM.


Join the Broadcom Support Community

Get quick and easy access to valuable resources across the Broadcom Community Network.