cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Testing Encrypted Tapes

Go to solution
BFM
Level 2

‎09-18-2012 11:36 AM

I encrypt our tapes using the Best Practices guide for this product. 

Our IT Auditors want to test this by restoring from thes tapes back to disk.

I have done a restore and all went as planned.  However, IT Auditors are concearned this process of restore never asked me for the Encryption password.

How do I respond to this?  How can I get a good test to document?

Jim

 

1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
CraigV
Moderator
Moderator
Partner    VIP    Accredited

‎09-18-2012 01:27 PM

Hi Jim,

 

Couldn't really find anything around this, but here are a couple of TNs to read through...see if they point you in the right direction:

http://www.symantec.com/business/support/index?page=content&id=HOWTO11721

http://www.symantec.com/business/support/index?page=content&id=HOWTO11722

http://www.symantec.com/business/support/index?page=content&id=HOWTO11718

...and encryption is selected for the job, correct?

Thanks!

View solution in original post

0 Kudos
3 REPLIES 3

Go to solution
CraigV
Moderator
Moderator
Partner    VIP    Accredited

‎09-18-2012 01:27 PM

Hi Jim,

 

Couldn't really find anything around this, but here are a couple of TNs to read through...see if they point you in the right direction:

http://www.symantec.com/business/support/index?page=content&id=HOWTO11721

http://www.symantec.com/business/support/index?page=content&id=HOWTO11722

http://www.symantec.com/business/support/index?page=content&id=HOWTO11718

...and encryption is selected for the job, correct?

Thanks!

0 Kudos

Go to solution
pkh
Moderator
Moderator
   VIP    Certified

‎09-19-2012 01:07 AM

 IT Auditors are concearned this process of restore never asked me for the Encryption password.

This is by design.  If the pass phrase is present in the media server, then you would not be prompted for pass phrase.  This is even true when the pass phrase is restricted and the id who is doing the restore is the owner of the pass phrase.

If you want to be prompted for the pass phrase, then either delete the encryption key which is used to encrypt the tape, or use a restricted pass phrase and a user who is not the owner of the restricted pass phrase.  The latter option works like this

1) use UserA to create a restricted encryption key.

2) do a backup using this restricted encryption key

3) use UserB to do the restore.

 

 

0 Kudos

Go to solution
Colin_Weaver
Moderator
Moderator
Employee Accredited Certified

‎09-19-2012 12:50 PM

Your other option is to install Backup Exec on a test server with the same tape technology attached and then try and do a Inventory, Catalog and Restore without entering the passphrase (You could even temporarily move your existing drive to the test server to prove this and then move it back.)

0 Kudos