cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

5220 appliance data security of a failed disk

Go to solution
DPO
Level 6

‎09-02-2016 12:14 AM

5220 appliance use RAID 6 for MSDP pool and lets assume if one of the disk failed and need replacement by Vendor. In that case how secure is my data as it is going out of our Data Center .

 

Do we have any TechNote that proves if a RAID 6 drive is lost of stolen , the data is still secure and can't be restored ?

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
DPO
Level 6
In response to ejporter

‎11-14-2016 11:27 PM

The low level programs can easily read if the data is not encrypted . So in a RAID 5 or 6 size of the strip really matters. Default strip size is 64KB in NetBackup appliance. Some sensitive data can easily fit in 64KB chunk.So there are chances of data stealing from a failed RAID disk.

But after doing some research , NB appliance by default stores data on DEDUP pool using blow-fish 128bit algirthm. So even the disk goes out of premises, no need to worry :)

 

View solution in original post

0 Kudos
4 REPLIES 4

Go to solution
RiaanBadenhorst
Moderator
Moderator
Partner    VIP    Accredited Certified

‎09-04-2016 12:00 PM

I dont think you need a technote for that. a single disk in a RAID 5/6 group is useless without the others. 

 

If you want though, you can buy the appliance storage with an option where failed disks don't need to be returned, you keep them after replacement.

Go to solution
ejporter
Level 4

‎09-06-2016 08:18 AM

If you are concerned, you might want to look at  enabling encryption on the msdp pool.

0 Kudos

Go to solution
DPO
Level 6
In response to ejporter

‎11-14-2016 11:27 PM

The low level programs can easily read if the data is not encrypted . So in a RAID 5 or 6 size of the strip really matters. Default strip size is 64KB in NetBackup appliance. Some sensitive data can easily fit in 64KB chunk.So there are chances of data stealing from a failed RAID disk.

But after doing some research , NB appliance by default stores data on DEDUP pool using blow-fish 128bit algirthm. So even the disk goes out of premises, no need to worry :)

 

0 Kudos

Go to solution
sdo
Moderator
Moderator
Partner    VIP    Certified
In response to DPO

‎11-15-2016 12:49 PM - edited ‎11-15-2016 12:49 PM

I'm with EJPorter.  Implement encryption underneath MSDP and you then never need worry about failed disks being returned to a vendor.

However, some sites negotiate with the vendor to implement a site wide "customer retain" disk replacement policy, whereby disks are never returned to a vendor - so there would a cost uplift - but this is pretty standard offering these days - and so you retain all failed disks in a secure safe, for periodic bulk crushing.

0 Kudos