cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

DIFFERENCE AFTER ENCRYPTION

Go to solution
Nayab_Rasool
Level 6

‎10-19-2012 04:09 AM

 

Hi All,

 

Can i have a note of differences i can see after configuring CLIENT ENCRYPTION on any server as we are going to test it first on one server and the proceed with rest of all if i can have a list of things to trace out after applying ENCRYPTION please help me with those.

 

O.S (MASTER,MEDIA,CLIENTS) --> WINDOWS 2008 R2 

Netbackup Version :- 7.1

 

Thanks

Nayab

1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
sksujeet
Level 6
Partner Accredited Certified

‎10-22-2012 02:39 AM

In the same environment it won't ask you for the key for any thing(backup/restore) unless you have deleted the encryption key. If you are restoring to another site and using the different NBU database(not the same from where you have taken the backup) then definately you have to import the tape and it will ask you for encryption key.

See in this way, if you have the same database it won't ask you for the key. Also if your NBUdatabase crashes and you restore the catalog then it would be the same database and it won't ask you for the key.

And also please tell if i can have a client added in to a DUMMY policy later on again ill do it in the PRODUCTION POLICY for the same client ??

Yes you can do that.

 

View solution in original post

0 Kudos
10 REPLIES 10

Go to solution
Yasuhisa_Ishika
Level 6
Partner Accredited Certified

‎10-19-2012 06:22 AM

Sorry, I could not make sence what you want. Do you want to verify if the client is configured for client encryption? So check if 'key file.dat' exists in /usr/openv/var(UNIX) or install_path¥NetBackup¥var(Windows). Displaying information by 'bpkeyutil -display' is also well.
0 Kudos

Go to solution
Nayab_Rasool
Level 6

‎10-21-2012 11:15 PM

Hi Yasuhisa,

 

Could you tell me hw to perform restore with encryption do i need to enter any keys for performing restore please advise.

 

Thanks,

Nayab

0 Kudos

Go to solution
Nayab_Rasool
Level 6

‎10-22-2012 12:03 AM

And also please confirm if i test creating a dummy policy and adding client in to the policy and performing the ENCRYPTION TEST and after tat wen i do the ENCRYPTION LIVE will there be any impact on that CLIENT (SERVER) as i will b deleting the Dummy policy n re-doing the  encryption on the same client which is already in and production POLICY 

0 Kudos

Go to solution
Nayab_Rasool
Level 6

‎10-22-2012 12:21 AM

Actual Plan is Client wants to control the restoration i mean he has to enter the passphrase for restoration , how this can be done ??

0 Kudos

Go to solution
sksujeet
Level 6
Partner Accredited Certified

‎10-22-2012 02:09 AM

If you are performing the restore in the same environment then no need to put the encrpytion key as it is in the KMS database. If you are performing the restore in the new enviornment or if you have deleted the KMS database then only it will ask for the encryption key.

As it seems that your environment is same client would be able to restore the data without entering the key.

0 Kudos

Go to solution
Nayab_Rasool
Level 6

‎10-22-2012 02:22 AM

Same env in the sense if i am restoring to same CLIENT or wat if i restore to diff client wil it ask for KEY else i need to RESTORE to another site as we have two site which have dedicated 1 MEDIA & 1 MASTER servers per site 

0 Kudos

Go to solution
Nayab_Rasool
Level 6

‎10-22-2012 02:25 AM

And also please tell if i can have a client added in to a DUMMY policy later on again ill do it in the PRODUCTION POLICY for the same client ??

0 Kudos

Go to solution
sksujeet
Level 6
Partner Accredited Certified

‎10-22-2012 02:39 AM

In the same environment it won't ask you for the key for any thing(backup/restore) unless you have deleted the encryption key. If you are restoring to another site and using the different NBU database(not the same from where you have taken the backup) then definately you have to import the tape and it will ask you for encryption key.

See in this way, if you have the same database it won't ask you for the key. Also if your NBUdatabase crashes and you restore the catalog then it would be the same database and it won't ask you for the key.

And also please tell if i can have a client added in to a DUMMY policy later on again ill do it in the PRODUCTION POLICY for the same client ??

Yes you can do that.

 

0 Kudos

Go to solution
Nayab_Rasool
Level 6

‎10-22-2012 02:55 AM

Thanks a lot Sazz, one last question , do i need to delete the KEY DATABASE wat i have created for TESTING purpose for tat particular client else i can continue with the same while doing LIVE ENCRYPTION as well.

0 Kudos

Go to solution
sksujeet
Level 6
Partner Accredited Certified

‎10-22-2012 03:35 AM

No need to delete, you can use the same one

0 Kudos