02-23-2021 04:23 AM
Hi guys,
We have a set of questions particular on security of backup when using netbackup.
thank you :)
Solved! Go to Solution.
02-23-2021 05:47 AM
1: The encryption option in the policy is software based, not recommended for performance reasons. Netbackup writes data to tape in a GNU tar format. Tar is a well known container format in the UNIX/Linux world.
2: You can import tapes. See https://www.veritas.com/support/en_US/article.100017201. The import is a time consuming process so not recommended as a DR option.
3: In order to protect the confidiality of your data you should implement Netbackup KMS that will enable hardware based encryption in tape drives. See https://www.veritas.com/support/en_US/doc/21733320-127424841-0/v21634609-127424841 & https://www.veritas.com/support/en_US/article.100020249 &
Do careful planing your NBU KMS implementation, if you loose the keys for decrypting backup data, data will be gone for ever.
02-23-2021 05:47 AM
1: The encryption option in the policy is software based, not recommended for performance reasons. Netbackup writes data to tape in a GNU tar format. Tar is a well known container format in the UNIX/Linux world.
2: You can import tapes. See https://www.veritas.com/support/en_US/article.100017201. The import is a time consuming process so not recommended as a DR option.
3: In order to protect the confidiality of your data you should implement Netbackup KMS that will enable hardware based encryption in tape drives. See https://www.veritas.com/support/en_US/doc/21733320-127424841-0/v21634609-127424841 & https://www.veritas.com/support/en_US/article.100020249 &
Do careful planing your NBU KMS implementation, if you loose the keys for decrypting backup data, data will be gone for ever.
02-23-2021 03:15 PM