Currently running Netbackup 7.7 on RHEL6. I have configured KMS and the keys required. Created the ENCR_ with the keygroup name and the volume pool name the same. However, when this volume pool is chosen, the Encrypt option on the right is still greyed out.
How can I encrypt the data being written to the media?
I have tried to look through some of the docs here that others have posted in replies but majority of the relevant ones are all dead links or 404's.
If someone could help me with this, I would really appreciate it.
The Encryption option in Policy attributes is for NBU CLIENT encryption.
The client encrypts the data before sending to the media server.
This option is not available for all policy types.
Client Encryption is explained in NBU Admin Guide I.
It should NOT be combined with KMS encryption.
KMS encryption is explained in NBU Security and Encryption Guide. https://vox.veritas.com/t5/NetBackup/Netbackup-KMS-on-new-master/m-p/660266#M172439
Links to NBU manuals in 'Handy NBU Links' in my signature.
Please also read this excellent post by @mph999 :
Thank you so much for this thread. This has helped me so much.
I found that what I had setup was working ok, I was confused about the grey box which said Encrypt. I confirmed that my tape/data was being encrypted by looking under the:
Tape Reports, Images on Tape and searching for my media ID.
This showed the key that it was using to encrypt my data! :)
Thanks once again. Now I know where to come for all things NetBackup! Hooray!!