Automated OKM key destruction

We are upgrading to LTO5 drives, with keys managed by Oracle Key Manager (OKM)

Since each tape will get its own key certificates, destroying those key certificates effectively scratches the tape.

 

I would like to implement a process that when I run my vault and it generates a list of scratch tapes to return from iron mountain, it takes that list of tapes and uses them as input to destroy the keys - effectively prohibiting me from ever importing the tapes. It would be like formatting every tape as it comes back, but with out the drive time.

 

Does anyone either already have such ascript, or see the need for one? Should this be something Oracle and NetBackup team up to provide?

 

NB 7.0.1 on Solaris 10

SL8500 moving to LTO5!

NetBackup 8.1.2 on Solaris 11, writing to DataDomain 9800
duplicating via SLP to LTO5 in SL8500 via ACSLS
1 Reply
Highlighted

Re: Automated OKM key destruction

Any new info on integrating Oracle OKM with NetBackup?

Specifically deleting expired keys as tapes return to scratch

 

NetBackup 8.1.2 on Solaris 11, writing to DataDomain 9800
duplicating via SLP to LTO5 in SL8500 via ACSLS
Tags (2)