TravisJ
16 years agoLevel 2
LTO 4 Encryption question
Hi all,
I am at a client site (NetBackup implementation guy here) and they brought up a question of the encryption of LTO 4 drives. Here is the situation:
They currently backup their data via SDLT and they have a partner company they back up as well using DLT7000. They are both in the same library and all is working ok. I am here to give suggestions of hardware upgrades. I would like to put in LTO 4 drives and use the built in hardware encryption and NetBackup KMS. These will be split in the new library virtually so they are each their own environements and completely seperate.
The question they have is if they setup encryption on the partners backup and then they seperate ways, will the need to transfer the encryption over to the other client. Will that risk their data, will they be able to set the keys to something new?
I have only installed this solution in envrionments where it was all or nothing.
Thanks in advance, let me know what other data is needed to answer this question.
Travis
I am at a client site (NetBackup implementation guy here) and they brought up a question of the encryption of LTO 4 drives. Here is the situation:
They currently backup their data via SDLT and they have a partner company they back up as well using DLT7000. They are both in the same library and all is working ok. I am here to give suggestions of hardware upgrades. I would like to put in LTO 4 drives and use the built in hardware encryption and NetBackup KMS. These will be split in the new library virtually so they are each their own environements and completely seperate.
The question they have is if they setup encryption on the partners backup and then they seperate ways, will the need to transfer the encryption over to the other client. Will that risk their data, will they be able to set the keys to something new?
I have only installed this solution in envrionments where it was all or nothing.
Thanks in advance, let me know what other data is needed to answer this question.
Travis
- Just separate main/partner company backups to different volume pools
you have to associate key group with each volume pool.
this will prevent mixture of encryption keys/backups from different sources
have a look to Veritas NetBackup 6.5.2 Documentation Updates
ftp://exftpp.symantec.com/pub/support/products/NetBackup_Enterprise_Server/302438.pdf
refer to chapter 5, pages 143 through 186,