Before You Begin
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
Table 2-1
for each role.
Table 2-1
Cisco SME Role
Cisco SME
Administrator
Cisco SME KMC
Administrator
Cisco Storage
Administrator
Cisco SME
Recovery Officer
Cisco MDS 9000 Family Storage Media Encryption Configuration Guide
2-10
shows a description of the Cisco SME roles and the number of users that should be considered
Cisco SME Roles and Responsibilities
Master Key
Security Mode
Basic mode
Standard mode
Basic mode
Standard mode
Basic mode
Standard mode
Advanced mode
Required # of Users for This
Role
One user should hold the
Cisco SME Administrator
and the Cisco SME
Recovery officer roles.
One per VSAN is the
minimum for day to day
operations; must have
access to all VSANs (if
there are many VSANs and
multiple VSAN
administrators are
assigned, then Cisco SME
administrators, then there
may be one Cisco SME
Administrator per VSAN
for key recovery
operations.
The number of users is the
same as for the Cisco SME
Administrator role.
The number of users is the
same as for the Cisco SME
Administrator role.
Five users (one for each
smart card).
Each smart card holder
must be present during the
cluster creation to provide
the user login and
password information and
smart card pin.
Chapter 2
Getting Started
What Operations is This Role
Responsible For?
•
Cisco SME management
Tape management
•
Export/Import tape volume
•
groups
Key Management operations
•
Archive/purge volumes
•
Add/remove volume groups
•
Import/export volume
•
groups
Rekey/replace smart cards
•
•
Cisco SME provisioning
operations
•
Create/update/delete cluster
•
Create/update/delete tape
backup groups
•
Add/remove tape devices
•
Create volume groups
•
View smart cards
Master key recovery
•
Replace smart card
•
OL-18091-01, Cisco MDS NX-OS Release 4.x