Page 1
Managing operational risk by protecting valuable digital assets has become increasingly critical in today's enterprise IT environments.
In addition to achieving compliance with regulatory mandates and meeting industry standards for data confidentiality, IT organizations
must also protect against potential litigation and liability following a reported breach.
The HP Encryption SAN Switch scales non-disruptively, providing 48 Gbit/sec of encryption processing power to meet the needs of the
most demanding environments with flexible, on-demand performance. It also is tightly integrated with HP Secure Key Manager and HP
Enterprise Secure Key Manager which provide centralized enterprise-class key management systems across distributed environments.
The HP Secure Key Manager and HP Enterprise Secure Key Manager enable simple yet secure key sharing between multiple sites for a
variety of uses. The capabilities of the HP Secure Key Manager and the HP Enterprise Secure Key Manager and their integration with the
Encryption SAN Switch enable secure and automated key sharing between multiple sites ensuring transparent access to encrypted
data.
The storage fabric enables centralized management to support nearly every aspect of the data center, from server environments and
workstations to edge computing and backup environments. As a result, it is an ideal place to standardize and consolidate a holistic
data-at-rest security strategy. Organizations can also implement this type of best-practice methodology in other parts of the data
center, helping to protect data throughout the enterprise.
The Encryption SAN Switch is based on industry standards for data-at-rest encryption to provide centralized, scalable encryption
services that seamlessly integrate into existing B-Series Fabric OS® (FOS) environments.
The B-Series fabric-based approach to data encryption scales to meet performance requirements and provides a centralized point of
management for storage security and key management. Deployment of the Encryption SAN switch is non-disruptive: Organizations can
encrypt data from any switch port without reconfiguring the fabric.
HP Encryption San Switch
1.
Status Led
5.
RJ-45 GE management port
2.
Power led
6.
RJ-45 serial console port
3.
RJ-45 GE ports (for clustering and re-keying)
7.
USB port
4.
Smart Card reader
8.
Fibre Channel ports (0-31)
What's New
New RoHS compliant HP SAN switches
NOTE:
Restriction of Hazardous Substances Directive or RoHS is a directive adopted by the European Union that restricts the use of
certain hazardous materials in the manufacture of various types of electronic and electrical equipment. The RoHS compliant products
with new part numbers listed in this document are functionally equivalent to the corresponding products with old part numbers and are
fully interchangeable.
QuickSpecs
HP Encryption SAN Switch
Overview
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 1
Page 2
Key Features and Benefits
High-performance, scalable fabric-based encryption to enforce data confidentiality and privacy requirements
Encryption processing at up to 48 Gbit/sec to support heterogeneous enterprise data centers
Integration with HP Secure Key Manager or HP Enterprise Secure Key Manager enables secure and automated key sharing
between multiple sites ensuring transparent access to encrypted data
Industry-standard AES-256 encryption algorithms for disk and tape on a single security platform for SAN environments
Frame Redirection technology that enables easy, non-intrusive deployment of fabric-based security services
Plug-in encryption services available to all heterogeneous servers, including virtual machines, in data center fabrics
Scalable performance with on-demand encryption processing power to meet regulatory mandates for protecting data
NOTE:
Encryption with the HP Encryption SAN Switch and the HP Encryption FC Blade is not fully supported with Thin Provisioned LUNs
in storage arrays. HP recommends LUNs to be encrypted are fully provisioned. For LUNs that are already thin provisioned and then
encryption enabled, be aware that enabling First Time Encryption (FTE) or Re-Key will make the LUN fully provisioned. This is applicable
to any array in general.
QuickSpecs
HP Encryption SAN Switch
Features and Benefits
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 2
Page 3
HP Encryption SAN Switch
Model
HP Encryption SAN Switch
AR944B
QuickSpecs
HP Encryption SAN Switch
Models
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 3
Page 4
HP Encryption SAN Switch
High-performance, scalable fabric-based encryption to enforce data confidentiality and privacy
requirements
Simplifies enterprise SAN deployment by combining higher edge switch port density with
exceptional scalability, performance and reliability
Delivers 32-ports in a 2U enclosure
Meets enterprise level availability requirements with redundant, hot pluggable components, nosingle-points-of-failure within the switch
Provides 1 Gb, 2 Gb, 4Gb, 8Gb/s* performance
Employs optional Inter-Switch Link (ISL) Trunking to provide a high-speed data path between
switches which enables a high speed data path between 8Gb/s switches up to 64 Gbit/sec
* Full 8Gb/s end to end storage performance requires 8 Gb/s HBAs, 8Gb/s controllers, and 8Gb/s switches.
8Gb/s ISL performance can be obtained between two 8Gb/s switches.
NOTE:
1Gb/s performance can be achieved only when a 4Gb SFP is configured with the Encryption SAN
switch
Configuration Support
http://h18000.www1.hp.com/products/storageworks/san/documentation.html
Smart Cards
Smart Cards are optional credit card-sized cards that contain a CPU and persistent memory. Smart cards
can be used as security devices. With the Encryption SAN Switch, smart cards can be used to do the
following:
Control user access to the Management application security administrator roles.
Control activation of encryption engines.
Securely store backup copies of master keys.
The use of smart cards provides the highest level of security. When smart cards are used, the master key is
split and written on up to five cards, and the cards may be kept and stored by up to five individuals, and all
are needed to restore the master key.
High-availability features
Integrated redundant, hot swappable cooling fans and power supplies
Enhanced Fault Detection Logic
Parity protection on all data paths and system memory
Advanced Fabric Services
Data-at-rest encryption
Hardware and Software Enforced Zoning
Frame Filtering
Built-in Web browser management tools
Cabinet Support
22U, 36U, and 42U; 5000, 9,000 and 10,000 and 10,000 G2 series Cabinets and Intelligent Series
racks are supported
NOTE:
To order factory integration, add 0D1 after the part number on your sales order.
QuickSpecs
HP Encryption SAN Switch
Product Highlights
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 4
Page 5
Software Components, Standard, Base Models
Encryption
Provides 48 Gbit/sec of data at rest encryption processing power to meet the needs of the most
demanding environments with flexible, on-demand performance.
Frame Filtering
An ASIC based capability that enables new applications and features. The switch has the ability to "view"
the first 64 bytes of the Fibre Channel frame. At this time, Frame Filtering enables advanced capabilities
such as Advanced Zoning and Advanced Performance Monitoring.
Advanced Zoning
WWN Zoning and Access Control are enforced by hardware that provides the same simple administration
previously enforced only with software. Administrators can organize a physical fabric into logical groups
and prevent unauthorized access by devices outside the Zone.
Web Tools
Web Tools is an intuitive and easy-to-use graphical interface that enables organizations to monitor and
manage SAN fabrics. Tasks can be performed through a Java-capable Web browser from a standard laptop,
desktop PC or workstation from any location within the enterprise.
EGM
Enhanced Group Management (EGM) is a FOS license that is included with all B-Series switches and enables
multi-switch operations. It helps automate operations across multiple switches to save time and
streamline repetitive operations, which are typically prone to error. EGM drives consistency across fabrics,
while minimizing the risk associated with potential downtime due to configuration mismatches. EGM
provides streamlined troubleshooting for more effective fabric monitoring and diagnosis. SAN Network
Advisor Enterprise enables EGM functionality.
Adaptive Networking
Adaptive Networking (AN) is an optional family of technologies which allow flexible control of traffic
movement within the fabric which deliver application aware management of fabric resources. Applications
may be used with multiple protocols and multiple classes of service. It includes the following features:
Ingress Rate Limiting:
Allows the ingress bandwidth of a port to be throttled to a rate lower than negotiated with the SAN node.
This could be very useful for enterprises offering stepped levels of service and enforcing SLAs.
Quality of Service (QoS):
Enables zones with high, medium, and low priorities within a fabric on a zone by zone basis. This can be
very useful for prioritizing array replication over MANs and WANs over less critical traffic.
Traffic Isolation Zones:
Defines paths through a fabric for some or all nodes. Failover allows a non-preferred path to be used if the
preferred fails. TIZs use failover by default but it can be disabled if traffic should stop if a preferred path
fails. TIZ can be used to manually map out traffic flows within a fabric based on application, priority, and
topology.
QuickSpecs
HP Encryption SAN Switch
Product Highlights
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 5
Page 6
Server Application
Optimization
Server Application Optimization (SAO) improves overall application performance for physical servers and
virtual machines. SAO, when deployed with Brocade Fibre Channel HBAs, extends Brocade Adaptive
Networking from the Brocade SAN fabric to the server infrastructure. This delivers application-level, finegrain Quality of Service (QoS) management to the HBAs and related server applications.
NOTE:
Server Application Optimization (SAO) is included by default in the switch firmware and does not
require a separate license
NOTE:
SAO requires Brocade HBA installed in the server
Software Components, Optional
Encryption SAN Switch
Power Pack+ Software
Bundle
The Power Pack+ Software Bundle is an optional software bundle for the Encryption SAN Switch. It includes
the following:
Fabric Vision
Fabric Watch
Advanced Performance Monitor
Extended Fabric
ISL Trunking
Fabric Vision
Fabric Vision offers innovative diagnostic, monitoring and management capabilities to help accelerate new
application deployments, address SAN problems before they impact operations and reduce operational
costs. It Includes
Monitoring and Alerting Policy Suite: A policy-based monitoring tool with pre-built rules and
automation that simplifies fabric-wide threshold configuration and monitoring.
Flow Vision: A comprehensive tool that enables administrators to identify, monitor, and analyze
specific application data flows without using taps to ensure optimized performance
Health and performance dashboard: A single customizable screen displayed in HP SAN Network
Advisor that contains all critical SAN information for convenient review and analysis
Fabric Vision will be included by default in all HP StoreFabric B-series Fibre Channel switches and Directors
bundled with Power Pack+ (with FOS 7.2.0a and later). In all other cases, Fabric Vision can be enabled on
HP StoreFabric B-series Fibre Channel switches and Directors in any one of the following ways
Application of the Fabric Vision LTU (FOS 7.2.0a and later)
Application of the Power Pack+ LTU (FOS 7.2.0a and later)
Upgrading existing Switch/Director loaded with Power Pack+ to FOS 7.2.0a or later
Upgrading existing Switch/Director loaded with both Advanced Performance Monitor (APM) and
Fabric Watch (FW) licenses to FOS 7.2.0a or later
Fabric Watch
Fabric Watch is an optional license which enables each switch to monitor the SAN for potential faults and
automatically alert network managers to problems before they become failures. Fabric Watch tracks a
variety of SAN fabric elements, events, and counters. Monitoring fabric-wide events, ports, SFPs, and
environmental parameters permits early fault detection and isolation as well as performance
measurement. Each switch in the SAN needs its own Fabric Watch license.
QuickSpecs
HP Encryption SAN Switch
Product Highlights
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 6
Page 7
Advanced Performance
Monitor
This optional enabling technology helps administrators monitor and watch specific fabric metrics -- from a
SID (Source ID) to a DID (Destination ID) -- so they can fine-tune and scale the fabric more efficiently. Plus,
Advanced Performance Monitoring includes the ability for early warning detection of hot spots within the
fabric, a powerful tool for maintaining overall balanced performance.
Top Talkers is a component of Advanced Performance Monitoring and tracks the top traffic flows for hosts
and targets for a switch port or a switch. Top Talkers can help identify the ports that need certain Quality
of Service (QoS) attributes or it can help determine portions of the physical topology that need
reconfiguration.
Extended Fabric
Optional license which extends all of the scalability, reliability, and performance benefits of Fibre Channel
Storage Area Networks (SANs) beyond the native 10 km distance specified by the Fibre Channel standard.
ISL Trunking
For high performance enhanced Trunking, this optional license logically groups up to eight E-ports to
provide a high bandwidth trunk between two switches. Each 8Gb switch needs its own license. The switch
operating system views the trunk as a single, high bandwidth resource (up to 64Gb) when routing
connections between 8G switches. Connections are load-balanced across the individual links, which
comprise the logical trunk group.
Integrated Routing
Integrated Routing is an optional license which provides native Fibre Channel Routing (FRC) on a per-port
basis, rather than limiting routing ports to those on a dedicated routing blade. Just like traditional FCR,
Integrated Routing uses EX_Ports to import/export devices between fabrics, enabling selective device
sharing while maintaining remote fabric isolation. Integrated Routing provides architecture flexibility to
route on a port-by-port basis, enabling increased scalability and fault isolation.
SAN Network Advisor
Professional
HP SAN Network Advisor Professional is a management application available at no-charge and comes with
B-series SAN Switches and:
Allows management of a single Fabric OS (FOS) fabric (up to a 1,000 switch ports) at a time
Performs group switch management beyond the scope of Web Tools
Does not offer management of the SN8000B 8-Slot or DC SAN Backbone Directors
It is targeted for SMB customers that use FOS based SAN fabrics and require a management solution for
smaller SANs based on a single fabric.
SMB customers that initially start off with SAN Network Advisor Professional and have a small SAN
environment may over time feel the need for an enterprise-class product (SAN Network Advisor Enterprise)
as their environments start to grow in size and complexity, and as they start to uptake more enterpriseclass functionality (such as Fibre Channel Routing, FCIP, etc.). A non-disruptive upgrade path is available
from SAN Network Advisor Professional to SAN Network Advisor Enterprise.
SAN Network Advisor
Enterprise and
Professional+
HP SAN Network Advisor Enterprise and Professional+ are the enterprise-class products that support FOS
products as well as FOS and M-EOS products together. SAN Network Advisor Enterprise provides complete
SN8000B 8-Slot Director and DC SAN Backbone Director management including enterprise-class
features/environments such as FICON, Fibre Channel Routing, FCIP, adaptive networking, etc while HP SAN
Network Advisor Professional+ provides the same feature set except for support for the SN8000B 8-Slot
Director, DC SAN Backbone Director, and FICON.
HP SAN Network Advisor Enterprise delivers unprecedented scalability, up to 24 fabrics and 9,000 switch
QuickSpecs
HP Encryption SAN Switch
Product Highlights
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 7
Page 8
ports, while HP SAN Network Advisor Professional+ scales to 4 SAN Fabrics and 2560 switch ports. To
accommodate growth, there is an upgrade available to SAN Network Advisor Enterprise from SAN Network
Advisor Professional Plus.
Both offerings provide brand-new features including Adaptive Networking features for quality of service,
ingress rate limiting and traffic isolation zones.
QuickSpecs
HP Encryption SAN Switch
Product Highlights
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 8
Page 9
Warranty
(2-2-2) Hardware Warranty - Two-year on-site warranty, 24x7, 4-hour remote response, installation not
included.
NOTE:
The hardware warranty covers firmware and embedded non-saleable software.
Saleable software carries its own warranty, see below.
Software Warranty - HP warrants only that the software media will be free of physical defects for a period
of ninety (90) days from delivery.
EXCLUSIVE REMEDY:
The entire liability of HP and its suppliers and your exclusive remedy for software
that does not conform to this Limited Warranty shall be the repair or replacement of the defective media.
This warranty and remedy are subject to your returning the defective media during the warranty period to
HP in the country in which you obtained the software.
HP Care Pack Services. Scalable, Flexible, Dependable. Like your storage.
Your storage is evolving. Get scalable support that evolves with it. HP Care Pack Services is an easy-to-buy, easy-to-use portfolio of
packaged services covering your lifecycle needs. You can rely on our highly skilled, HP certified professionals to offer a breadth of
expertise across leading storage technologies, and work side by side with you for optimal results. Push services beyond expectations
and choose support that meets the changing needs of your business with the same reliability, scalability and flexibility you demand of
your storage.
Protect your business beyond the warranty
Standard warranty protects against product defects and some causes of downtime. HP Care Pack Services helps you proactively guard
against unplanned downtime which can reduce your productivity and profitability. By using a standard approach to warranty uplifts,
such as HP Care Pack Services, customers can be more sure of consistency of operations for both mission-critical and standard
business computing.
Extending warranties with HP Care Pack Services
The key to normalizing the warranty of combined solutions-is making service uplift simple: HP Care Pack Services. This portfolio of
predefined packages, extending across the entire IT lifecycle, offering consulting, education, technical support, optimization, risk
assessment, and more. It's entirely flexible allowing customers to extend the cover to the precise level of support required. Customer's
standard hardware warranty, for example, can be upgraded to next-business-day response, to same-day coverage.
Provide consistent, predictable levels of support across your entire department or business
Give you direct access to proven technical and problem-solving expertise
Offer a choice of response-time and repair-time commitments
Are available whenever and wherever you do business
For many products, post-warranty HP Care Pack Services are available when your original warranty has expired. Choose the support
levels that meet your business requirements, from basic to mission-critical.
http://www.hp.com/services/storage
NOTE:
Care Pack Services availability may vary by product and country.
QuickSpecs
HP Encryption SAN Switch
Service and Support, HP Care Pack, and Warranty Information
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 9
Page 10
Recommended Services
HP Care Pack Services recommended for optimal satisfaction of all deployments of your product.
3-Year HP Support Plus 24
24x7x365 hardware and software services - plus cost-saving software
updates and more
HP Support Plus 24 helps you increase performance and availability with
comprehensive, consistent hardware and software services. Working with your
IT team, HP Services engineers deliver onsite hardware support and over-thephone software support around-the-clock 365 days per year. Service coverage
encompasses HP products and selected multivendor hardware and software.
In addition, this convenient HP Care Pack packaged service makes software
updates available to you at substantial savings.
Choose Support Plus 24 when you need to:
Improve uptime with responsive hardware and software services available
anytime
Cost-effectively obtain expert 24x7 multivendor hardware and software
support
Enjoy consistent service coverage across geographically dispersed sites
Update HP and selected third-party software at a predictable cost
Take advantage of subscription savings on software updates
HP SAN Solution Service
Get your SAN implementation right - right from the start.
Storage has become essential to the growth and agility of your business.
That's why choosing an HP SAN as your data management solution is a smart
business decision. But your SAN can deliver the results you need only if it is
implemented correctly and integrated with your business.
SAN installation, startup, and integration call for specialized expertise in
planning and design, hardware configuration, network software installation,
and operability verification. Your SAN needs to be configured for high
performance and availability. And it needs to be integrated with your
applications, management environment, and business processes.
Product Number
Product Name
Service Name
Care Pack Services
Product # and
Band
Alternate Care
Pack Services
Product #
AR944B
Encryption SAN
Switch
3-Year HP Support
Plus 24
HA110A3#4SB
Contact your HP
sales rep or
Channel Partner
for assistance
AR944B
Encryption SAN
Switch
HP SAN Solution
Service
Contact your HP
sales rep or
Channel Partner
for assistance
Contact your HP
sales rep or
Channel Partner
for assistance
QuickSpecs
HP Encryption SAN Switch
Service and Support, HP Care Pack, and Warranty Information
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 10
Page 11
Related Services
HP Assessment Service for
SANs
The HP Assessment Service for SANs offers customized technical and
operational guidance to customers employing HP storage subsystems and the
interconnecting storage area network (SAN) infrastructure. In a typical
engagement, HP or one of our authorized business partners will perform a
detailed discovery using HP's proprietary toolset to gain an understanding of
the configuration of your storage devices and SAN topology.
The findings from this process will be compared to HP best practices and
industry standards as defined by IT Service Management (ITSM) disciplines.
The results of the evaluation will be quickly and efficiently processed into
information you can leverage. This information, in the form of a
comprehensive HP SAN Assessment report, will be summarized by HP or one
of our authorized business partners with recommendations that are intended
to improve availability levels and ongoing management of your storage and
SAN environment.
eSupport
HP eSupport is a portfolio of technology-based services that assist you with managing your business
environment - from the desktop to the data center.
Support Portal
The HP support portal provides one-stop access to the information, tools and services you need to manage
the daily operations of your IT environment.
Features include:
Access to self-solve tools (including search technical knowledge base)
Efficient logging and tracking of support cases
Collaboration with other business and IT professionals
Download of patches and drivers
Access to diagnostic tools
Proactive notification of relevant information
Access to certain features of the support portal requires an HP service agreement. To access the support
portal, visit:
http://www.hp.com/support
Remote Support Technology (RST)-HP Remote Support Pack
Taking a more proactive approach to IT support, the HP Remote Support pack plug-in module easily
integrates with HP Systems Insight Manager to provide a powerful, unified "single pane of glass" solution
for onsite and remote management.
HP Remote Support Pack enhances HP Systems Insight Manager with intelligent event diagnosis plus the
automatic submission of hardware event notifications securely to HP support, including acknowledgment
and status returns. It adds remote configuration collections to allow the delivery of assessment and
proactive services for your SAN storage and HP-UX environments.
QuickSpecs
HP Encryption SAN Switch
Service and Support, HP Care Pack, and Warranty Information
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 11
Page 12
Customer Technical
Training
Consider education as an integral part of your strategy to get the best return on investment for your HP
storage solution. HP offers a variety of training courses on storage software, networking, archiving and
disk storage systems. Our classes are available in many delivery modalities from traditional instructor-led
courses at one of our 80 training centers worldwide to on-site training customized to your needs or online.
www.hp.com/learn/storage
HP Services Awards
HP Services continues to be recognized for service and support excellence by customers, partners, industry
organizations and publications around the world. Recent honors and award reflect our services team's
dedications, technical expertise, professionalism and uncompromising commitment to customer
satisfaction. For a list of all our awards, please visit:
http://h20129.ww2.hp.com/services/cache/
77318-0-0-225-121.html
.
Additional Services
For more information about HP Care Pack Services for Storage, please visit:
http://www.hp.com/services/storage
If you have specific questions, contact your local HP representative. Contact information for a
representative in your area can be found at "Contact HP"
http://www.hp.com
QuickSpecs
HP Encryption SAN Switch
Service and Support, HP Care Pack, and Warranty Information
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 12
Page 13
Step 1 - Base Configuration
Select one:
Part Number
HP Encryption SAN Switch
AR944B
HP Encryption SAN Switch
NOTE:
Requires optical transceivers listed below
Step 2 - Options
Model Description
Part Number
8 Gb Transceivers
HP 8Gb Shortwave B-series Fibre Channel 1 Pack SFP+ Transceiver
AJ716B
HP 8Gb Long Wave B-series 10km Fibre Channel 1 Pack SFP+ Transceiver
AJ717A
Distance
OM2 Cable OM3 Cable
PremierFlex Cable
8Gb performance:
50 meters
150 meters 150 meters
4Gb performance:
150 meters 270 meters 380 meters
2Gb performance:
300 meters 500 meters 500 meters
4 Gb Transceivers
HP 4Gb Short Wave B-series Fibre Channel 1 Pack SFP Transceiver
AJ715A
Distance
OM2 Cable OM3 Cable
PremierFlex Cable
4Gb performance:
150 meters 270 meters 380 meters
2Gb performance:
300 meters 500 meters 500 meters
1Gb performance:
500 meters 860 meters 860 meters
HP 4Gb Long Wave B-series 30km Fibre Channel SFP Transceiver 1 Pack
AN211A
Smart Cards
HP DC Backbone Switch Encryption Key Manager 10-pack Smart Card
AR950A
USB
HP B-series 2G USB Drive
AK864B
Optical Cables
HP PremierFlex OM4+ Fiber Optic Cables
HP Premier Flex LC/LC Multi-mode OM4 2 fiber 1m Cable
QK732A
HP Premier Flex LC/LC Multi-mode OM4 2 fiber 2m Cable
QK733A
HP Premier Flex LC/LC Multi-mode OM4 2 fiber 5m Cable
QK734A
HP Premier Flex LC/LC Multi-mode OM4 2 fiber 15m Cable
QK735A
HP Premier Flex LC/LC Multi-mode OM4 2 fiber 30m Cable
QK736A
HP Premier Flex LC/LC Multi-mode OM4 2 fiber 50m Cable
QK737A
OM3 LC-LC type cables
HP LC to LC Multi-mode OM3 2-Fiber 0.5m 1-Pack Fiber Optic Cable
AJ833A
HP LC to LC Multi-mode OM3 2-Fiber 1.0m 1-Pack Fiber Optic Cable
AJ834A
HP LC to LC Multi-mode OM3 2-Fiber 2.0m 1-Pack Fiber Optic Cable
AJ835A
HP LC to LC Multi-mode OM3 2-Fiber 5.0m 1-Pack Fiber Optic Cable
AJ836A
HP LC to LC Multi-mode OM3 2-Fiber 15.0m 1-Pack Fiber Optic Cable
AJ837A
HP LC to LC Multi-mode OM3 2-Fiber 30.0m 1-Pack Fiber Optic Cable
AJ838A
QuickSpecs
HP Encryption SAN Switch
Configuration Information
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 13
Page 14
HP LC to LC Multi-mode OM3 2-Fiber 50.0m 1-Pack Fiber Optic Cable
AJ839A
Step 3 - Optional Software
Software for Encryption
SAN Switch
HP B-series SAN Network Advisor Enterprise LTU
TC352A
HP B-series SAN Network Advisor Professional Plus LTU
TC353A
HP B-series SAN Network Advisor Professional Plus Upgrade LTU
TC354A
NOTE:
HP SAN Network Advisor Enterprise and Professional+ are single-point SAN
management platforms that provide the essential functions for efficiently configuring,
monitoring, dynamically provisioning, and managing multiple SAN fabrics on a daily
basis.
NOTE:
Due to the complexity of Encryption Switch or Blade installation, the purchase of
HP SAN Network Advisor, either the Enterprise version or Professional+ version, is
highly recommended. The use of the Graphical User Interface (GUI) provided by SAN
Network Advisor will greatly simplify the installation of the B-series Encryption Switch
or Encryption Blade, as well as provide for easier management of multiple fabrics
containing these encryption products.
HP B-series 48-80 Port SAN Switch Power Pack+ Upgrade LTU
NOTE:
The Power Pack+ Software Bundle kit includes Fabric Vision, Fabric Watch, ISL
Trunking, Extended Fabric and Advanced Performance Monitor.
NOTE:
Adaptive Networking and Server Application Optimization features are included
by default in the switch firmware (FOS 7.2.0a or later) and do not require a separate
license
T5523A
HP StoreFabric B-series 8Gb and 16Gb High End Switch Fabric Vision LTU
TC511A
Extended Fabric SAN Switch 2/32
313458-B21
Fabric Watch SAN Switch 2/32
313454-B21
Advanced Performance Monitor SAN Switch 2/32
313450-B21
ISL Trunking SAN Switch 2/32
313452-B21
HP B-series 48-80-port SAN Switch Integrated Routing LTU
T5529A
Step 4 - Key Management
Add Key Management for creating, distributing, authenticating, and storing encryption keys to ensure proper use
See the HP Secure Key Manager QuickSpecs at:
http://h17007.www1.hp.com/us/en/products/network-
security/HP_Enterprise_Secure_Key_Manager/index.aspx
QuickSpecs
HP Encryption SAN Switch
Configuration Information
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 14
Page 15
System Architecture
Fibre Channel ports
32 ports, universal (E, F, and FL)
Scalability
Full fabric architecture:
http://h18006.www1.hp.com/products/storageworks/san/documentation.html
Certified maximum
Refer to SAN Design Guide for current configuration information:
http://h18006.www1.hp.com/products/storageworks/san/documentation.html
Ethernet Ports
Two redundant 1000Base Ethernet ports for clustering and I/O synchronization
during rekeying
Smart Cards
Master key recovery cards
Interoperability
Core Switch 2/64, SAN Switch 2/32, SAN Director 2/128; 4/256 SAN Director;
4/64 SAN Switch; 4/32 SAN Switch; 4/8 SAN Switch; 4/16 SAN Switch; 8/8 SAN
Switch, 8/24 SAN Switch, 8/8 40 SAN Switch; 8/80 SAN Switch, DC04 SAN
Director, DC SAN Backbone Director, Brocade 4Gb SAN Switch for HP p-Class
BladeSystem; Brocade 4Gb SAN Switch for HP c-Class BladeSystem; HP 400 MPRouter; and HP MP-Router
Encryption
AES256-XTS block cipher for disk encryption (IEEE 1619- compliant)
Data rekeying
Online or offline conversion of data from cleartext to ciphertext; manual or
automated rekeying sessions
Crypto scalability
Up to 256 target devices; 1024 host ports per encryption
Crypto engine
Maximum 48 Gbit/sec hardware processing for disk
*
Fibre Channel
performance
1.063 Gbit/sec line speed, full duplex; 2.125 Gbit/sec line speed, full duplex;
4.25 Gbit/sec line speed, full duplex; 8.5 Gbit/sec line speed, full duplex. Autosensing of 1 Gbit/sec, 2 Gbit/sec, 4 Gbit/sec, and 8 Gbit/sec port speeds;
optionally programmable to fixed port speed. Speed-matching between 1, 2, 4,
and 8 Gbit/sec ports.
ISL Trunking
Frame-based trunking with up to eight 8Gb ports per ISL trunk; up to 64 Gbit/sec
throughput per ISL trunk
Aggregate bandwidth
512 Gbit/sec full duplex (32 ports x 8.5 Gbit/sec x 2)
Maximum frame size
2112-byte payload
Classes of service
Class 2 (unencrypted traffic), Class 3, (encrypted and unencrypted), and Class F
(inter-switch frames)
Port types
FL_Port, F_Port, E_Port, EX_Port, M_Port (Mirror Port).
Data traffic types
Fabric switches supporting unicast, multicast (255 groups), and broadcast
Media types
Hot-pluggable, B-Series Branded Small Form Factor Pluggable (SFP), LC
connector; Short-Wave Laser (SWL), Long-Wave Laser (LWL); Extended LongWave Laser (ELWL); distance depends on fiber-optic cable and port speed.
Supports SFP (4/2/1 Gbit/sec) and/or SFP+ (8/4/2 Gbit/sec) optical transceivers.
USB
One USB port for system log file downloads or firmware upgrades
Fabric services
Simple Name Server (SNS), Registered State Change Notification (RSCN), NTP
v3, Reliable Commit Service (RCS), Dynamic Path Selection (DPS), Advanced
Zoning (default zoning, port/WWN zoning, broadcast zoning), N_Port ID
Virtualization (NPIV), FDMI, Management Server, FSPF, Enhanced Group
Management, IPFC, Frame Redirection, Port Fencing, BB credit recovery
Optional fabric services: Fabric Watch, Extended Fabrics, ISL Trunking, Advanced
Performance Monitoring, Adaptive Networking (per-data flow QoS, Ingress Rate
Limiting, Traffic Isolation, Fabric Dynamics Profiling, and Integrated Routing)
FIPS certification
FIPS 140-2 Level 3-compliant package
QuickSpecs
HP Encryption SAN Switch
Technical Specifications
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 15
Page 16
Options
SFP media, USB Device
Management
Management software
supported
Telnet, HTTP, LDAP, Syslog, SCP, auditing, IP filtering; SNMP v1/v3 (FE MIB, Fibre
Channel Management MIB); Advanced Web Tools; HP SAN Network Advisor; SMIS compliant, SMI-S scripting toolkit, Administrative Domains
Management protocols
and access controls
SSL, SSH v2, HTTPS, RADIUS, Role-Based Access Control (RBAC)
SAN security
DH-CHAP (between switches and end devices), port binding, switch binding,
secure RPC, trusted switch, change tracking
Management access
10/100/1000 Ethernet (RJ-45); in-band over Fibre Channel; serial port (RJ-45);
USB; call-home integration enabled through SAN Network Advisor
Diagnostics
POST and embedded online/offline diagnostics, including RAStrace logging,
environmental monitoring, non-disruptive daemon restart, FCping and Pathinfo
(FC traceroute), Port Mirroring (SPAN port)
Key management
HP Secure Key Manager, HP Enterprise Secure Key Manager
Mechanicals
Enclosure
Non-port to port side airflow; 2U, 19-inch EIA-compliant, power from non-port
side
Size
Width: 42.9 cm (16.9 in)
Height: 8.7 cm (3.4 in)
Depth: 64.8 cm (25.5 in)
System Weight
22.4 kg (49.4 lbs) with two power supply FRUs, without SFP/SFP+ transceivers
Environment
Temperature
Operating: 0° to 40° C (32° to 104° F)
Non-operating: -25° to 70° C (-13° to 158° F)
Altitude
Operating: Up to 3000 meters (9842 feet)
Storage: Up to 12 kilometers (39,370 feet)
Shock
Operating: 20 g, 6 ms half-sine
Non-operating: Half sine, 33G 11ms. 3/eg Axis
Airflow
Maximum
76 CFM (cu. ft./min)
Nominal
53 CFM
Power
Maximum output
347 Watts with 32 8Gb ports
Nominal input voltage
85- 264 VAC, Universal
Input line frequency
47 - 63 Hz
Minimum input voltage
85 VAC
Maximum input voltage
264 VAC
Configurations
Base crypto model
Encryption SAN Switch, 32 Fibre Channel ports, 48 Gbit/sec* maximum hardware
encryption processing
*Actual encryption performance levels vary based upon user environment and configuration
© Copyright 2013 Hewlett-Packard Development Company, L.P.
The information contained herein is subject to change without notice.
The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and
services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial
errors or omissions contained herein.
QuickSpecs
HP Encryption SAN Switch
Technical Specifications
DA - 13219 Worldwide — Version 21 — December 9, 2013
Page 16
Loading...