1. Library Guide
  2. Configure the Library
  3. Run the Configuration Wizard
  4. Configure Library Managed Encryption (LME)

Configure Library Managed Encryption (LME)

Configure LME to have the library manage the encryption enrollment and key delivery of all IBM LTO-6 or higher drives.

Related Topics

Obtain Information from OKM

Configure the SL150 as an agent within OKM and record the information.

Have the OKM administrator use the OKM GUI to create an SL150 library agent and then record the following information to use in the SL150 configuration:

  • OKM Cluster IP address
  • Agent Name
  • Passphrase

Configure the SL150 to Manage Encryption

With code version 3.50 and above, the library can manage encryption.

Note:

You cannot configure the network settings and library encryption in the same instance of the Configuration Wizard. Configure the network settings, allow the library to restart, and then configure library encryption.
  1. Library encryption must be configured separately and after all other library configuration options. Ensure you have completed the network configuration and rebooted the library before configuring encryption. If not, see Configure the Network Interfaces.
  2. Run the Configuration Wizard. Select Configure Library Encryption.
  3. From the "Library Encryption Status:" drop-down, select Encrypting.

    This globally enables library managed encryption for all IBM LTO-6+ drives within the library regardless of the partitioning configuration.

  4. Enter the following information:
    • OKM Cluster IP address
    • Agent ID
    • Agent Passphrase
  5. Note the port that will be used for OKM communication in the "Connect to OKM using:" field.

    If you altered the Port 2 configuration, all LME traffic will go through Port 2. If you left the Port 2 configuration set to the default values, LME traffic will go through Port 1.

  6. Leave the OKM tuning parameters at their default setting unless instructed to change them by your OKM administrator.
  7. Click Next. Review and apply the changes.

Verify the SL150 Agent is Enrolled

Confirm the library is enrolled as an agent in OKM.

After confirming the changes within the Configuration Wizard, have the OKM administrator go to the OKM GUI and verify that the SL150 agent now shows "Enrolled: True".

See the OKM documentation for more information.