ONTAP Discussions
ONTAP Discussions
Hi all,
Would an NVE encrypted volume continue serving data while the key management server is unreachable? Documentation is talking about this issue during the boot process, but not during normal operations. Therefore I assume keys are cached while the storage system is up and the server would not be needed, but I am not sure. Is this correct? Thank you.
Regards
Federico
Solved! See The Solution
Hi there, I haven't been able to find any information one way or the other on this. I did find the document you are referring to, and I must assume you're a partner - if so, your technical partner manager, or our partner solutions center for your region would be able to connect you with the appropriate people in product management/technical marketing to directly ask this question.
That said - our best practice revolves around a highly available KMIP solution with multiple KMIPs and HA inside the KMIPs, so this shouldn't come up
Hi there, I haven't been able to find any information one way or the other on this. I did find the document you are referring to, and I must assume you're a partner - if so, your technical partner manager, or our partner solutions center for your region would be able to connect you with the appropriate people in product management/technical marketing to directly ask this question.
That said - our best practice revolves around a highly available KMIP solution with multiple KMIPs and HA inside the KMIPs, so this shouldn't come up
Hi,
Thank you very much for your reply. I understand the KMIP server will have to be highly available, so the scenario I asked about is highly unlikely and possibly not important to think about. However, following your advice, I will liase with our NetApp support contacts to get further information. Thanks.
Regards
Federico
My understanding is that once the system has booted and protocols are up, data will continue to be served if the KMIP access is interrupted. I wouldn't say for a long period of time (like days), though.