Dell PowerVault TL4000 User Manual [ko]

Dell™ PowerVault™ Encryption Key Manager

Dell™ PowerVault™ Encryption Key Manager

© 2007, 2010 Dell Inc. All rights reserved.

.

Dell Inc. . Dell, DELL PowerVault Dell Inc. .

. Dell Inc. .

. . . . . . . . . . . . . . . .		. v
. . . . . . . . . . . . . . . .	.	vii	|
. . . . . . . . . . . . . . . .	. ix
. . . . . . . . . . .	. ix
. . . . . . . . . . . .	. ix
. . . . . .	. ix		|
. . . . . . . . . . . . . . .		. x
. . . . . . . . . . . . . . . x
Linux . . . . . . . . . . . . . . x
Microsoft Windows . . . . . . . .		. x
. . . . . . . . . . . . .		. x
. . . . . . . . . .	.	xiii
Dell . . . . . . . . . . . . .	.	xiii
1 . . . . . . .	. 1-1
. . . . . . . . . . . . . .	. 1-2
. . . . . . . . . . . . .	. 1-3
. . . 1-5
. . . . .	. 1-6
. . . . . . . . . . . . . 1-6
2 Encryption Key Manager		2-1
. . . . . . . . . . 2-1
Encryption Key Manager . . .	.	2-1
2-2
. . . . . .	. 2-2
Linux . . . . . . . .	.	2-3
Windows . . . . . . . . 2-3
. . . . . . . . . .	. 2-4
JCEKS . . . . . . . . . .	.	2-4
| LTO 4 LTO 5
. . . . . . . . . . . . . . .	. 2-4
. . . . . . . . . 2-6
Key Manager . .	. 2-8
Encryption Key Manager . . .	.	2-9
. . . . . . . . 2-11
. . . . . . . . . . . . . . . 2-11
FIPS(Federal Information Processing Standard)
140-2 . . . . . . . . . . . .	2-12

3 Encryption Key Manager

. . . . . . . . . . . . . . .	. 3-1
Key Manager ISO .	. 3-1
Linux Encryption Key Manager . . .	. 3-1
Windows Encryption Key Manager . .	. 3-3
GUI ,
. . . . . . . . . . . . . . .	. 3-6
LTO 4 LTO 5
. . . . . . . . . . . . . . .	. 3-11

. . . . . . . . . . 3-16

4 Encryption Key Manager . . . 4-1

GUI Encryption Key Manager	4-1
. . . . . . . . . . . . . .	. 4-1
. . . . 4-1
Key Manager
. . . . . . . . . . . . . .	. 4-2

. . . . . . . . . . . . . 4-4

5 Encryption Key Manager . . . 5-1 Key Manager , . . . 5-1

. . . . . . . . 5-6 CLI . . . . . . . . . . . . . . . 5-9

6 . . . . . . . . . . . 6-1

Encryption Key Manager

. . . . . . . . . . . . 6-1 CLI EKM

. . . . . . . . . . . . . .		.	. 6-2
Key Manager . . . .		.	.	6-3
Encryption Key Manager		.	.	6-6
. . . . . . . . . . . . .	.		. 6-10
. . . . . .		. 6-10

. . . . . . . . . . 6-10

. . . . . . . 6-10

. . . . . . . . . . . 6-11

. . . . . . . . 6-11

. . . . . . . . . . . . 6-11

. . . . . . . . . . . 6-12

(null) . . . . . . 6-12

. . . . . 6-12

. . . . . . . . . 6-13

. . . . . . . . . . 6-13

iii

SSL	6-14
TCP	6-14
SSL	6-14
TCP	6-15
. . . . . . . . . .	. 6-15
. . . . . . . . . . .	. 6-15
. . . . 6-16

. . . . . 6-16

. . . . . . . 6-17

. . . . . 6-17

. . . . . . . . . . 6-18

7 . . . . . . . .	. .	. 7-1
. . . . . . . . . . . .	. .	. 7-1
. . . . . . . .	. .	. 7-1
Audit.event.types . . . . . . . . . . . 7-1
Audit.event.outcome . . . . . . . . . . 7-2
Audit.eventQueue.max . . . . . . . . . 7-2
Audit.handler.file.directory . . . . . . . . 7-3
Audit.handler.file.size . . . . . .	. .	.	7-3
Audit.handler.file.name . . . . . .	. .	.	7-4
Audit.handler.file.multithreads . . .	. .	.	7-4
Audit.handler.file.threadlifespan . . .	. .	.	7-4
. . . . . . . . .	. .	. 7-5

Encryption Key Manager . . 7-5

. . . . . . . . . . . 7-6

. . . . . . . . . . . . . 7-8

8 . . . .	.	. . .	. 8-1
A. . . . . . .	.	. . .	. A-1
. . . . . . . . . A-1
Linux . . . . . . .	.	. . .	. A-1
. . . . . . . .	.	. . .	. A-1

B. Encryption Key Manager

. . . . . . . . . . . . . . . B-1 Encryption Key Manager

. . . . . . . . . . . . . . . . . B-1 CLI . . . . . B-11

C. (FAQ) . . . . .	.	. C-1
. . . . . . . . . . . . .	.	. D-1
. . . . . . . . . . . . . .	.	. D-1
. . . . . . . . . . . . . .	.	. E-1
. . . . . . . . . . . . . .	.	. X-1

iv Dell Encryption Key Manager

	1-1. Encryption Key Manager			3-2.	JVM . . .	.	. 3-4
		. . . . . . . . . . .	. 1-3	3-3.	. . . . . . .	.	. 3-4
	1-2.			3-4.	EKM (EKM Server
		. . . . . . . . . . .	. 1-5		Configuration) . . . . . . . . 3-7
|	1-3.		1-8	3-5.	EKM (EKM Server
|	2-1.	LTO 4 LTO 5			Certificate Configuration) . .	.	. 3-8
		. . . . . . .	. 2-5	3-6.	. . . . . . .	.	. 3-9
|	2-2.	LTO 4 LTO 5		3-7.	. . . . . . . . . . . 3-18
		. . . . . . . . 2-6		3-8.	. . . . . . . 3-19
	2-3.	. . . . . . . . . 2-8		3-9.	. . . . . . . . 3-20
|	2-4.	. . . . . . . . . . 2-9		3-10.	. . . . . . . . . . 3-21
|	2-5.	. . . . . 2-10		5-1.	. . . . . . . . . . . . 5-2
|	2-6.			5-2.	. . . . . . . . . . . . 5-2
|		. . . . . . . . . .	. 2-10
	3-1. (Choose Destination
		Location) . . . . . . . . . .	. 3-3

v

vi Dell Encryption Key Manager

1.	. . . . . .	. ix	7-1.	Encryption Key Manager
1-1.	. . . . . . . . .	. 1-8		. . . . . . .	. 7-6
2-1.	Linux	2-3	7-2.		7-8
2-2.	Windows	2-3	8-1.	. . . . .	. 8-3
6-1.	Encryption Key Manager	6-6

vii

viii Dell Encryption Key Manager

Dell™ Encryption Key Manager

. .

vLTO 4 LTO 5

Encryption Key Manager

.

.

.

1.

	, ,
	,
	.
	,
	.
	.
[ ]	.
{ }
	.
|	.
< >	.

ix

, , .

.

.

:

.

.

vDell™ PowerVault™ TL2000 TL4000

.

vDell™ PowerVault™ TL2000 Tape Library and TL4000 Tape Library SCSI Reference SCSI SCSI

.

Linux

Red Hat

Red Hat Linux® URL .

v http://www.redhat.com

SuSE

SuSE Linux URL .

v http://www.suse.com

Microsoft Windows

Microsoft® Windows® URL .

v http://www.microsoft.com

http://support.dell.com .

Dell Encryption Key Manager

.

http://www.dell.com .

x Dell Encryption Key Manager

Library Managed Encryption for Tape LTO

.

xi

xii Dell Encryption Key Manager

Dell

800-WWW-DELL(800-999-3355) .

: , ,

Dell .

Dell , .

,

. , Dell .

1.http://supportapj.dell.com/support/index.aspx .

2.Choose A Country/Region

.

3.Contact Us .

4..

5.Dell .

xiii

xiv Dell Encryption Key Manager

1

	.
	. .
	Dell Encryption Key Manager( Encryption Key Manager ))
	.
|	LTO 4 LTO 5 LTO 4 LTO 5
	.
	.
	.
|	LTO 4 LTO 5
	.
	2-2
	.
	.
	, ,
	. .
	, Dell Encryption Key Manager
	. 1-3
	.
	.
	.
	. 1-3
	.

1-1

Encryption Key Manager Java Java Security . Java Security

. Encryption Key Manager

. .

Java Security

Java Security JCE(Java Cryptography Extension)

. Java Security Java Runtime Environment

. Encryption Key Manager

.

Java . 2-4

.

.

.

.

Encryption Key Manager

.

. 2-1 2 Encryption Key Manager

, 4-1 4 Encryption Key Manager

B .

Encryption Key Manager

. 2

.

.

KeyGroups.xml

.

1-2 Dell Encryption Key Manager

1-1. Encryption Key Manager

Dell Encryption Key Manager ( )

,

, Java™

. Encryption Key Manager Linux(SLES RHEL) Windows ,

.

Encryption Key Manager

. Dell Encryption Key Manager GUI(Graphical User Interface)

. Encryption Key Manager

. 2-4

.

1 1-3

Encryption Key Manager : Dell Encryption Key Manager

ECC

. Encryption Key Manager

| LTO 4 LTO 5 . () Encryption Key Manager .

( )

.

,

. ( , .)

. Encryption Key Manager

ECC(Error Correction Code) ,

. ( : Encryption Key Manager) ECC .

Encryption Key Manager TCP/IP

.

Encryption Key Manager

. Encryption Key Manager .

Encryption Key Manager AES

.

|	LTO 4 LTO 5 Encryption Key
	Manager ID
	.
	.
	, Encryption
	Key Manager .
	. .

1-4 Dell Encryption Key Manager

1-2.

Key Manager

.

.

( : Dell PowerVault TL2000/TL4000 ML6000

.

.

.

.

.

.

.

Encryption Key Manager

.

1 1-5

	.
	v	CommVault Galaxy 7.0 SP1
	v	Symantec Backup Exec 12
|	LTO 4 LTO 5
	.
	v	Dell™ PowerVault™ TL2000
	v	Dell™ PowerVault™ TL4000
	v	Dell™ PowerVault™ ML6000
	.

	Dell™ PowerVault™ TL2000 , Dell™ PowerVault™ TL4000
|	Dell™ PowerVault™ ML6000 LTO 4 LTO
|	5 .
	Java Encryption Key Manager .
	.

( )

.

.

. IBM T10

256 AES . 256 AES

. 256

AES .

Encryption Key Manager

.

.

. 256 AES .

/ .

/ .

, .

1-6 Dell Encryption Key Manager

Encryption Key Manager .

,

( ) .

keytool Encryption Key Manager

. AES

. Encryption Key Manager

.

	Dell Encryption Key Manager
|	LTO 4
|	LTO 5 Encryption Key Manager
	(DK)
	. Encryption Key Manager
	DK . DK
	DK . DK Encryption Key Manager
|	LTO 4 LTO 5 . LTO 4 LTO
|	5 DK
|	. LTO 4 LTO 5
	. DK
	Encryption Key Manager
	. 1-8 1-3 .
	Dell Encryption Key Manager LTO
	. ,
	. 3-16
	.
|	LTO 4
|	LTO 5 DK
	. DK
	. DK
	,
	.
|	LTO 4 LTO 5
	Yosemite(Dell PowerVault TL2000 TL4000 ), CommVault
	Symantec Backup Exec .

1 1-7

|	T10 LTO 4
|	LTO 5 . T10
	256 AES . T10 DK
	.
	DK .
	.
	DK
	.
	1-3 .

1-3. . LTO 4 LTO 5

,

| . LTO 4 LTO 5

( , Encryption Key Manager ) DK

Encryption Key Manager

.

	1-1.
|
				IBM		T10
				DK/		N/A
				DK/		DK/
	DK	= AES 256 DK

1-8 Dell Encryption Key Manager

2 Encryption Key Manager

Encryption Key Manager

.

.

.

.

Encryption Key Manager

Encryption Key Manager .

Encryption Key Manager

.

vEncryption Key Manager .

v. 2-2

.

vJava UR(Unrestricted) . 2-2

.

vEncryption Key Manager JAR . 3-1 Key

|	Manager ISO .

v , .

3-6 GUI ,

3-16

v3-6 GUI ,

.

–. 3-14 Keytool -importseckey

.

–. 4-1 4 Encryption Key Manager .

–Encryption Key Manager

drive.acceptUnknownDrives .

2-1

5-10 adddrive 4-1

.

– Encryption Key Manager . 5-1 Key Manager

		, .
		– . 5-6
		.
	.
|	v	LTO 4 LTO 5
	v
	v	Dell Encryption Key Manager

|	1.	LTO 4 LTO 5 .
		v ( TL2000, TL4000, ML6000)
		. http://supportapj.dell.com/support/index.aspx .
		–	Dell™ PowerVault™ TL2000 5.xx
			.
		–	Dell™ PowerVault™ TL4000 5.xx
			.
		–	Dell™ PowerVault™ ML6000
			415G.xxx .
		v .
		77B5 .
|	2.	LTO 4 LTO 5
		( Dell
		).
		v Encryption Key Manager IP .
	3.	Encryption Key Manager
		( Dell ).

: JRE(Java Runtime Environment) IBM

Encryption Key Manager .

2-2 Dell Encryption Key Manager

Linux

vRHEL 4

vRHEL 5

vSLES 9

vSLES 10

| v SLES 11

Encryption Key Manager(Linux )

		2-1.	Linux
				I B M S o f t w a r e
				Developer Kit
	|	64 AMD/Opteron/EM64T		Java 6.0 SR5	http://support.dell.com
		32 Intel®

|		Dell PowerVault TL2000 , TL4000 ML6000
|		.
|		http://support.dell.com .
|		LTO 4 LTO 5 .
|		http://support.dell.com .
	Windows
|		Windows Server 2003, 2008 2008 R2
		Dell Encryption Key Manager
		Encryption Key Manager 2007 9 14 (20070914)
	2.1 , IBM Runtime Environment .
		2-2. Windows
			IBM Runtime Environment
		Windows 2003	v	®
				AMD64/EM64T Windows IBM 64 Runtime Environment,
				Java 2 Technology Edition, 5.0 SR5
			v	Windows IBM 32 Runtime Environment, Java 2 Technology
				Edition, 5.0 SR5

2 Encryption Key Manager 2-3

	2-2. Windows ( )
			IBM Runtime Environment
|
	Windows 2008		AMD64/EM64T Windows IBM 64 Runtime Environment,
|	2008 R2		Java 2 Technology Edition, 6.0 SR5

|	Dell™ PowerVault™ TL2000 , Dell™ PowerVault™ TL4000
|	Dell™ PowerVault™ ML6000
|	. http://support.dell.com
|	.
|	LTO 4 LTO 5 .
|	http://support.dell.com .

.

.

.

JCEKS

	EKM JCEKS .
	JCEKS(Unix System Services ) EKM
	.
	EKM .
	JCEKS
	. FTP .
|	LTO 4 LTO 5
	Dell Encryption Key Manager
	256 AES .
	.
|	LTO LTO 4 LTO 5
	Encryption Key Manager 256 AES
	.

2-4 Dell Encryption Key Manager

|

LTO 4 LTO 5 Encryption Key Manager

.

symmetricKeySet ,

.

.

(DK) . Encryption

Key Manager

|

DK LTO 4 LTO 5

. DK TCP/IP .

ID(DKi)

. Encryption Key Manager DKi

|

LTO 4 LTO 5

DK .

5-9 CLI adddrive moddrive

. symmetricKeySet

|

, 3-11 LTO 4 LTO

|

5 . 3-16

.

2-1 .

6

5

DK, DKi

7

Key Manager

3

alias

DK

1

Config

File

4

2

Key

Drive

store

Table

| 2-1. LTO 4 LTO 5

1..

2.Encryption Key Manager .

2 Encryption Key Manager 2-5

3.Encryption Key Manager keyAliasList

.

4.Encryption Key Manager DK .

5.Encryption Key Manager DKi

DK .

6.Encryption Key Manager DK DKi .

7.DK DKi

.

2-2 .

4	DK		5
	Key Manager		6
3	DKi	Alias	1
		Config
		File
		2
	Key	Drive
	store	Table

| 2-2. LTO 4 LTO 5

1.Encryption Key Manager DKi

.

2.Encryption Key Manager .

3.Encryption Key Manager DKi DK

.

4.Encryption Key Manager DK

.

5.Encryption Key Manager DK .

6.DK .

:

.

2-6 Dell Encryption Key Manager