Cisco Sme Terminology - Cisco AJ732A - MDS 9134 Fabric Switch Configuration Manual

Chapter 1 Product Overview
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
•

Cisco SME Terminology

The following Cisco SME-related terms are used in this book:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
OL-18091-01, Cisco MDS NX-OS Release 4.x
The affinity-based load balancing feature reduces the FC redirect interactions, which reduces the
overhead in the existing operation.
Cisco SME interface—The security engine in the MSM-18/4 module or fixed slot of a Cisco MDS
9222i fabric switch. Each MSM-18/4 module and MDS 9222i switch has one security engine.
Cisco SME cluster—A network of MDS switches that are configured to provide the Cisco SME
functionality; each switch includes one or more MSM-18/4 modules and each module includes a
security engine.
Fabric—A physical fabric topology in the SAN as seen by Fabric Manager. There can be multiple
VSANs (logical fabrics) within the physical fabric.
Tape group—A backup environment in the SAN. This consists of all the tape backup servers and the
tape libraries that they access.
Tape device—A tape drive that is configured for encryption.
Tape volumes—A physical tape cartridge identified by a barcode for a given use.
Tape volume group—A logical set of tape volumes that are configured for a specific use, for
example, a group of tape volumes used to backup a database.
Key Management Center—A component of the Fabric Manager that stores the encryption keys.
Master Key—An encryption key generated when an Cisco SME cluster is created. The master key
encrypts the tape volume keys and tape keys and it is required to decrypt those keys in order to
retrieve encrypted data.
Media Key—A key that is used for encrypting and authenticating the data on specific tapes.
SmartCard—A card (approximately the size of a credit card) with a built-in microprocessor and
memory used for authentication.
Cisco SME Administrator—An administrator who configures Cisco SME. This role includes the
Cisco Storage Administrator role where the administrator manages the storage media encryption
operations and the Cisco SME KMC Administrator role where the administrator is responsible for
the Cisco SME key management operations.
Cisco Storage Administrator —An administrator who manages the storage media encryption
operations.
Cisco SME KMC Administrator—An administrator who is responsible for the Cisco SME key
management operations.
Cisco SME Recovery Officer—A data security officer entrusted with smart cards and the associated
PINs. Each smart card stores a share of the cluster master key. Recovery officers must present their
cards and PINs to recover the key database of a deactivated cluster. A quorum of recovery officers
are required to execute this operation.
Cisco MDS 9000 Family Storage Media Encryption Configuration Guide
About Cisco Storage Media Encryption
1-7