Is there any technical problem with hardware encrypted and non-encrypted backups going to the same tape? Thanks.
There isnt. However, there is less than 2% hit to performance for LTO4+ encryption, so it's a moot point and you should just use it all the time as needed per business requirements.
There isnt. However, there is less than 2% hit to performance for LTO4+ encryption, so it's a moot point and you should just use it all the time as needed per business requirements.
OK, thanks. We have a server that we might need to use software encryption for because we would want the encryption to happen before it is transmitted. Are there any gotchas with the software encryption on the remote server?
Yes! Data is encrypted prior to being sent over the wire. This means that compression on the tape drive will be rendered useless.
I understand the *want* of having data encrypted prior to sending over the LAN, but at the same token, with today's switched networks, VLAN's, and L3 routing w/ ACL's, it may not be necessary.. Prior to LTO4 being so wildly popular, it was the only choice. Now, networking technology has some a long way since client-side encryption was introduced, and tape technology is cheaper/faster/easier to use.
I guess if you *Had* to do it, I would limit to the specific hosts that need it. Just keep in mind your backup throughput could drop upwards of 50% due to encryption overhead.
Yup, I would only do it on specific hosts. Fortunately, the data on these isn't that large now, so speed and space on the tape aren't a big deal. Thanks.
