The Cisco KMC is the centralized key management system that stores the key database for active and archived keys required for the encryption and decryption in the SME disk.
Each SME disk can have zero or one active key and zero or more archived keys.
Each key entry consists of the following:
• Cluster name, disk group name and disk name needed to identify the configured disk in sme configuration
• Vendor ID, Product ID, and Device Identifier needed to identify the corresponding physical disk in SAN
• Creation and archived timestamp
SME cluster will contact and verify and update the CKMC during configuration changes.
CKMC provides the following features:
• Centralized key management to archive, purge, recover, and distribute disk keys.
• Integration into the DCNM-SAN Server depending on the deployment requirements.
• Integrated access controls using AAA mechanisms.
For more information on the security modes and key management settings, see the “Configuring Key Management Operations”
Cisco KMC supports SME disk-related operations. KMC operations include the following topics:
• Purging Disks or Disk Groups
• Rekeying