- Notes, cautions, and warnings
- Overview
- Getting Started with ECS
- Storage Pools, VDCs, and Replication Groups
- Authentication Providers
- Namespaces
- Users and Roles
- Identity and Access Management (S3)
- Buckets
- Introduction to buckets
- Working with buckets in the ECS Portal
- Create a bucket using the S3 API (with s3curl)
- Bucket, object, and namespace naming conventions
- Disable unused services
- File Access
- Introduction to file access
- ECS multi-protocol access
- Working with NFS exports in the ECS Portal
- Working with user/group mappings in the ECS Portal
- ECS NFS configuration tasks
- Mount an NFS export example
- NFS access using the ECS Management REST API
- NFS WORM (Write Once, Read Many)
- S3A support
- Geo-replication status
- Maintenance
- Certificates
- ECS Settings
- ECS Outage and Recovery
- Advanced Monitoring
- Advanced Monitoring
- View Advanced Monitoring Dashboards
- View mode
- Export CSV
- Data Access Performance - Overview
- Data Access Performance - by Namespaces
- Data Access Performance - by Nodes
- Data Access Performance - by Protocols
- Disk Bandwidth - by Nodes
- Disk Bandwidth - Overview
- Node Rebalancing
- Process Health - by Nodes
- Process Health - Overview
- Process Health - Process List by Node
- Recovery Status
- SSD Read Cache
- Tech Refresh: Data Migration
- Top Buckets
- Automatic Metering Reconstruction
- Share Advanced Monitoring Dashboards
- View Advanced Monitoring Dashboards
- Flux API
- Dashboard APIs
- Advanced Monitoring
- Document feedback
ECS 3.6.1 Administration Guide
Key Management
As a part of Data at Rest Encryption (D@RE), ECS supports centralized external key managers. The centralized external key managers are compliant with the Key Management Interoperability Protocol (KMIP) which enhance the enterprise grade security in the system. Also, it enables the customers to use the centralized key servers to store top-level Key Encrypting Keys (KEKs) to provide the following benefits:
- Helps in obtaining benefits from the Hardware Security Module (HSM) based key production and the latest encryption technology that is provided by the specialized key management servers.
- Provides production against loss of the entire appliance by storing top-level key information outside of the appliance.
ECS incorporates the KMIP standard for integration with external key managers and serves as a KMIP client, and supports the following:
- Supports the Gemalto Safenet v8.9 and IBM SKLM v3.01 (Security Key Lifecycle Manager) key managers.
NOTE The key manager supported versions are determined by Dell EMC's Key-Trust-Platform (KTP) client.
- Supports the use of top-level KEK (master key) supplied by an external key manager.
- Supports rotation of top-level KEK (master key) supplied by an external key manager.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\