Abstract: Authentication is performed on a plurality of links of a computing environment. One node requests generation of a shared key by a key server coupled to the one node. The one node obtains the shared key and an identifier of the shared key and sends the identifier from the one node to another node. A message encrypted with the shared key is sent from the one node to the other node via one link of the plurality of links. The one node receives via the one link an indication that the other node decrypted the encrypted message using the shared key obtained by the other node. The sending the encrypted message and the receiving the indication that the other node decrypted the encrypted message are repeated on one or more other links of the plurality of links using the shared key previously obtained.

Abstract: Access between a plurality of nodes of the computing environment is controlled by a key server. The key server receives from one node of the plurality of nodes, a request for a shared key, in which the shared key is created for a selected node pair. A determination is made by the key server as to whether the one node is a node of the selected node pair. In one example, the determining checks an alternate name of the one node to determine whether it matches an alternate name associated with the shared key. Based on determining the one node is a node of the selected node pair, the key server provides the shared key to the one node.

Abstract: Examples of techniques for encrypted fibre channel over internet protocol (FCIP) data replication are described herein. An aspect includes receiving replication data from a primary site host system, the replication data comprising header information. Another aspect includes encrypting the replication data. Another aspect includes writing the header information to a local memory, wherein the header information in the local memory is unencrypted. Yet another aspect includes encapsulating the encrypted replication data, wherein the unencrypted header information is accessed in the local memory during the encapsulation of the encrypted replication data.

Abstract: An aspect includes memory access optimization for an I/O adapter in a processor complex. A memory block distance is determined between the I/O adapter and a memory block location in the processor complex and determining one or more memory movement type criteria between the I/O adapter and the memory block location based on the memory block distance. A memory movement operation type is selected based on a memory movement process parameter and the one or more memory movement type criteria. A memory movement process is initiated between the I/O adapter and the memory block location using the memory movement operation type.

Abstract: A shared key, used by one node and another node of a computing environment in authentication of one or more links coupling the one node and the other node, is determined to be within an expiration range. Based on determining the shared key is within the expiration range, re-authentication of at least one link is automatically initiated. The automatically initiating re-authentication includes obtaining, by the one node, a new shared key from a key server, sending a message encrypted with the new shared key from the one node to the other node via one link of the one or more links, and receiving by the one node via the one link an indication that the other node decrypted the message using the new shared key.

Abstract: Access between a plurality of nodes of the computing environment is controlled by a key server. The key server receives from one node of the plurality of nodes, a request for a shared key, in which the shared key is created for a selected node pair. A determination is made by the key server as to whether the one node is a node of the selected node pair. In one example, the determining checks an alternate name of the one node to determine whether it matches an alternate name associated with the shared key. Based on determining the one node is a node of the selected node pair, the key server provides the shared key to the one node.

Abstract: Authentication is performed on a plurality of links to be used to couple one node of the computing environment and another node of the computing environment. The performing authentication includes obtaining, by the other node from the one node via one link of the plurality of links, an identifier of a shared key maintained by a key server. The other node uses the identifier to obtain the shared key from the key server. An indication that the other node decrypted a message received from the one node using the shared key is sent from the other node via the one link. The sending the indication on one or more other links of the plurality of links is repeated for subsequent messages decrypted by the other node using the shared key previously obtained.

Abstract: A path is secured from one node to another node of the computing environment. The one node obtains a first encryption key and one or more first parameters for transmission of data, and a second encryption key and one or more second parameters for reception of data. A shared key is obtained by the one node from a key server, and the shared key is used to encrypt a message. The encrypted message includes the first encryption key, the one or more first parameters, the second encryption key and the one or more second parameters. The encrypted message and an identifier of the shared key is sent from the one node to the other node, and a response message is received by the one node. The response message at least provides an indication that the other node received the encrypted message and obtained the shared key.

Abstract: Authentication is performed on a plurality of links of a computing environment. One node requests generation of a shared key by a key server coupled to the one node. The one node obtains the shared key and an identifier of the shared key and sends the identifier from the one node to another node. A message encrypted with the shared key is sent from the one node to the other node via one link of the plurality of links. The one node receives via the one link an indication that the other node decrypted the encrypted message using the shared key obtained by the other node. The sending the encrypted message and the receiving the indication that the other node decrypted the encrypted message are repeated on one or more other links of the plurality of links using the shared key previously obtained.

Abstract: A path for a slave node of a computing environment is secured. The securing includes obtaining, by the slave node, a message that includes an identifier of a shared key and an encrypted message, the encrypted message including a first encryption key, a second encryption key, one or more first parameters and one or more second parameters. The slave node obtains the shared key from a key server and uses it to decrypt the encrypted message to obtain the first encryption key, the second encryption key, the one or more first parameters and the one or more second parameters. A second security parameters index, to be associated with the second encryption key and the one or more second parameters, is obtained. The slave node sends a response message to a master node, the response message including the second security parameters index.

Abstract: Authentication is performed on a plurality of links coupling one node of the computing environment and another node of the computing environment. The performing authentication includes obtaining by the one node a shared key from a key server coupled to the one node and another node of the computing environment. A message encrypted with the shared key is sent from the one node to the other node via one link of the plurality of links. An indication that the other node decrypted the message using the shared key obtained by the other node is received from the other node via the one link. The sending and the receiving are repeated on one or more other links of the plurality of links using the shared key previously obtained.

Abstract: An aspect includes memory access optimization in a processor complex. A non-limiting example includes determining one or more offload criteria for offloading memory movement in the processor complex. A memory movement process parameter corresponding to the one or more offload criteria is identified. Movement of a block of memory from a first block location at a first host to a second block location at a second host is scheduled as the memory movement process performed by an offload engine based on determining that the memory movement process parameter exceeds at least one of the offload criteria. The block of memory is moved from the first block location at the first host to the second block location at the second host as the memory movement process performed by the first host based on determining that the memory movement process parameter does not exceed at least one of the offload criteria.

Abstract: An aspect includes memory access optimization for an I/O adapter in a processor complex. A memory block distance is determined between the I/O adapter and a memory block location in the processor complex and determining one or more memory movement type criteria between the I/O adapter and the memory block location based on the memory block distance. A memory movement operation type is selected based on a memory movement process parameter and the one or more memory movement type criteria. A memory movement process is initiated between the I/O adapter and the memory block location using the memory movement operation type.

Abstract: An aspect includes memory access optimization in a processor complex. A non-limiting example includes determining one or more offload criteria for offloading memory movement in the processor complex. A memory movement process parameter corresponding to the one or more offload criteria is identified. Movement of a block of memory from a first block location at a first host to a second block location at a second host is scheduled as the memory movement process performed by an offload engine based on determining that the memory movement process parameter exceeds at least one of the offload criteria. The block of memory is moved from the first block location at the first host to the second block location at the second host as the memory movement process performed by the first host based on determining that the memory movement process parameter does not exceed at least one of the offload criteria.

Abstract: An aspect includes memory access optimization in a processor complex. A non-limiting example includes determining one or more offload criteria for offloading memory movement in the processor complex. A memory movement process parameter corresponding to the one or more offload criteria is identified. Movement of a block of memory from a first block location at a first host to a second block location at a second host is scheduled as the memory movement process performed by an offload engine based on determining that the memory movement process parameter exceeds at least one of the offload criteria. The block of memory is moved from the first block location at the first host to the second block location at the second host as the memory movement process performed by the first host based on determining that the memory movement process parameter does not exceed at least one of the offload criteria.

Abstract: An aspect includes memory access optimization for an I/O adapter in a processor complex. A memory block distance is determined between the I/O adapter and a memory block location in the processor complex and determining one or more memory movement type criteria between the I/O adapter and the memory block location based on the memory block distance. A memory movement operation type is selected based on a memory movement process parameter and the one or more memory movement type criteria. A memory movement process is initiated between the I/O adapter and the memory block location using the memory movement operation type.

Abstract: A first device transmits a first Fiber Channel frame with a first priority to a second device. The first device receives a second Fiber Channel frame from the second device, where the second Fiber Channel frame has a second priority indicated by the second device. The first device determines whether to adopt the second priority indicated by the second device or whether to continue to use the first priority for transmitting subsequent Fiber Channel frames to the second device.

Abstract: A first device transmits a first Fibre Channel frame with a first priority to a second device. The first device receives a second Fibre Channel frame from the second device, where the second Fibre Channel frame has a second priority indicated by the second device. The first device determines whether to adopt the second priority indicated by the second device or whether to continue to use the first priority for transmitting subsequent Fibre Channel frames to the second device.

Abstract: Provided are a method, a system, and a computer program product in which a plurality of switches are maintained in a cascaded configuration. A switch relays a switch fabric internal link services (SW-ILS) to generate a pair of exchanges comprising a first exchange and a second exchange at the switch. In response to a termination of the first exchange of the pair of exchanges, the second exchange of the pair of exchanges is terminated.

Abstract: The disclosed network resource management system employs a hardware configuration management (HCM) information handling system (IHS) that may couple to a single administered IHS or to multiple administered IHSs via an administrative network. An HCM tool in the HCM IHS may generate, modify and store hardware configuration information, including physical network identifications (PNet IDs), in an HCM database and share the HCM database with the administered IHSs. The administered IHS may be a privileged network access (PNA) IHS. The PNA IHS may receive a privileged network access management (PNAM) database from a PNAM IHS via the administrative network. The PNA tool may extract hardware configuration information, including PNet IDs, from the HCM database and privileged network access information, including PNet IDs, from the PNAM database. The PNA tool may utilize the information, including PNet IDs, to enable the PNA IHS to limit access to privileged networks.