No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Disk Encryption User Guide

OceanStor Dorado V3 Series V300R002

This document is applicable to OceanStor Dorado3000 V3, Dorado5000 V3, Dorado6000 V3 and Dorado18000 V3. This document introduces how to install and configure key management servers connected to the storage systems that use self-encrypting disks.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
About KeySecure Key Management Servers

About KeySecure Key Management Servers

When configuring KeySecure key management servers, get some knowledge about the hardware, networking, user permission, and management interface first to prepare for the configuration.


Figure 3-1 and Figure 3-2 show the front and rear panels of a KeySecure key management server, respectively.

Figure 3-1 Front panel

Figure 3-2 Rear panel

Typical Networking

A storage system connects to two KeySecure key management servers that are configured into a cluster in active/standby mode. Figure 3-3 shows the typical networking.

Figure 3-3 Typical networking of key management servers

Figure 3-4 shows port connections between different components.

Figure 3-4 Port connections

On a KeySecure key management server, the management network port (used to access the key management server's management interface) and the service network port (used to connect to a storage array) share the eth1 port on the front panel.

To ensure that the key management servers can work properly, verify that the network communication between the following components is normal:

  • Storage system's management network port -> key management servers' eth1
  • Maintenance terminal -> key management servers' eth1
  • Key management server 1's eth1 -> key management server 2's eth1
  • Backup server's network port -> key management servers' eth1

User Roles and Permissions

By default, the key management server sets an admin user whose password needs to be set in the initialization. This user has all configuration and management permissions. This document takes the admin user as the example.

Management Interfaces

KeySecure key management servers support configuration, operation, and maintenance on two different management interfaces, as shown in Table 3-1.

Table 3-1 Management interfaces of KeySecure key management servers

Management Interface



Console interface

Logging In to the Key Management Server's Management Interface Through the Serial Port

Use CLI to input commands and parameters

Web interface

Logging In to the Key Management Server's Web Interface Through the Management Port

  • Select menus: use the mouse to select
  • Set parameters: input in the text box and choose from the drop-down menu
  • Save settings: click Save

The web interfaces for different versions of key management servers may differ slightly.

Updated: 2019-07-17

Document ID: EDOC1100049141

Views: 9521

Downloads: 63

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next