ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Ask a Question

NVE with unreachable KMIP server

fede_melaccio
‎2018-02-14 06:08 AM
2,912 Views

Hi all,

 

Would an NVE encrypted volume continue serving data while the key management server is unreachable? Documentation is talking about this issue during the boot process, but not during normal operations. Therefore I assume keys are cached while the storage system is up and the server would not be needed, but I am not sure. Is this correct? Thank you.

 

Regards

Federico

0 Kudos
View By:
Tags (3)
1 ACCEPTED SOLUTION

AlexDawson
A-Team Tech Advisor A-Team Tech Advisor
‎2018-02-27 09:33 PM
2,819 Views

Hi there, I haven't been able to find any information one way or the other on this. I did find the document you are referring to, and I must assume you're a partner - if so, your technical partner manager, or our partner solutions center for your region would be able to connect you with the appropriate people in product management/technical marketing to directly ask this question.

 

That said - our best practice revolves around a highly available KMIP solution with multiple KMIPs and HA inside the KMIPs, so this shouldn't come up

 

View solution in original post

3 REPLIES 3

AlexDawson
A-Team Tech Advisor A-Team Tech Advisor
‎2018-02-27 09:33 PM
2,820 Views

Hi there, I haven't been able to find any information one way or the other on this. I did find the document you are referring to, and I must assume you're a partner - if so, your technical partner manager, or our partner solutions center for your region would be able to connect you with the appropriate people in product management/technical marketing to directly ask this question.

 

That said - our best practice revolves around a highly available KMIP solution with multiple KMIPs and HA inside the KMIPs, so this shouldn't come up

 

fede_melaccio
‎2018-02-28 04:34 AM
In response to AlexDawson
2,798 Views

Hi,

 

Thank you very much for your reply. I understand the KMIP server will have to be highly available, so the scenario I asked about is highly unlikely and possibly not important to think about. However, following your advice, I will liase with our NetApp  support contacts to get further information. Thanks.

 

Regards

Federico

0 Kudos

JFM
‎2022-01-19 12:36 PM
1,037 Views

My understanding is that once the system has booted and protocols are up, data will continue to be served if the KMIP access is interrupted.  I wouldn't say for a long period of time (like days), though. 

Presales SE at ESI Technologies
0 Kudos
All Community Forums
Public