Question on NetBackup and Hardware Tape Encryption
- 4 years ago
HI zmlat
You are using hardware encryption directly in the tape drives. Most modern tape drives (since LTO4) support native hardware encryption. To utilise this, when writing to the tape something has to tell the drive to use this and supply an encryption key.
The Quantum tape library can do this independantly (an invisibly) to NetBackup - but typically you would not want to do that and as you have indicated this has been disabled on the library. Disabling the library controlled encryption does not prevent the tape drives from using their native encryption capabity.
NetBackup when writing to tapes in an ENCR_* pool does the necessary setup and key management (interacting with the KMS system) directly to the tape drive to enable the native hardware encryption (remember NetBackup is writing directly to the tape drive, the library is only being used to position media in drives).
Hope that clears things up further.
Cheers
David