The Setup - Partition Encryption screen allows you to change the tape cartridge encryption method for each partition in the library.
The following encryption methods are available on the library:
Enable Library Managed — Enables library managed encryption support via a connected key manager server— either Scalar Key Manager (SKM) or Quantum Encryption Key Manager (Q-EKM) — for all tape drives and encryption-capable media assigned to the partition.
Allow Application Managed — Allows your host application to provide encryption support on all encryption-capable tape drives and media within the partition.This is the default setting if the partition contains encryption-capable tape drives. If you select this option, the library will NOT communicate with the key server on this partition. If you want an application to manage encryption, you must specifically configure the application to do so. The library will not participate in performing encryption. See your host documentation for further details.
Unsupported — If Unsupported is shown, it means that no tape drives in that partition support encryption, and you will not be able to change the setting.
![]() |
NOTE: This operation should not be performed concurrently by multiple administrators logged in from different locations. You can access the appropriate screens, but you cannot apply changes while another administrator is performing the same operation. |
You need administrator privileges to configure partition encryption settings.
![]() |
NOTE: If a partition uses Library Managed Encryption, this screen also displays whether it is using SKM or Q-EKM (automatically assigned by the library based on whether the tape drives in the partition are HP or IBM); the IP addresses of the key servers; and whether SSL is enabled. This information is view-only on this screen. It is configurable from the Setup - Encryption Key Server Access Configuration screen (Setup > Encryption > System Configuration). See Configuring Encryption Key Server Access for details. |
![]() |
NOTE: When you change a partition from Enable Library Managed to Allow Application Managed, the data that was written to the tapes while the partition was configured for library managed encryption can no longer be read, until you change the partition back to Enable Library Managed. |
![]() |
NOTE: If a partition uses Library Managed Encryption, this screen also displays whether it is using SKM or Q-EKM (automatically assigned by the library based on whether the tape drives in the partition are HP or IBM); the IP addresses of the key servers; and whether SSL is enabled. This information is view-only on this screen. It is configurable from the Setup - Encryption Key Server Access Configuration screen (Setup > Encryption > System Configuration). See Configuring Encryption Key Server Access for details. |
Do one of the following:
![]() |
NOTE: When you change the encryption method on a partition, the partition is taken offline. When the change completes, the partition comes back online automatically. |
For instructions on how to save the library configuration, see Saving the Configuration.
You may also access the EKM Path Diagnostics from this screen. For more information, see Encryption Key Manager Path Diagnostics.
See also: