11-02-2013 06:32 AM
We enabled client-side deduplication and encryption (not policy base encryption) by adding 'agent_crypt' to the ServerOptions of contentrouter.cfg file on the media server (NB appliance media server).
The backup job was completed successful, from job details, I can see it was using client-side dedup, but I can't confirm if client-side encyption is used as I can't find any keyword of 'encyption' nor 'encrpted' in the job details.
How to tell if client-side encyption over dedup has happend?
Solved! Go to Solution.
11-06-2013 03:35 PM
Compression in bpimagelist means this image is encrypted by client encryption - not means deduptication encryption.
To comfirm deduplication encryption works, run tedt backup, capture packets, and look into packets.
11-02-2013 06:59 AM
I have no idea other than looking packets between client and storage server using sniffer like WireShark. contentrouter.cfg is configuration file of PureDisk, and is independent from NetBackup application.
11-02-2013 01:17 PM
Please verify in bpbkar log and let us know the results
****
Capture the verbose logs of the bpbkar and the bpfilter process on the Client during backup
The log file should have entries specific to encryption
The bpbkar log will have these entries for each file that is backed up….
<4> PackerTAR::startObject(): INF - Data Encryption is turned ON.
<4> PackerTAR::writeEncryptionInfo(): INF - Encryption Type ID = (0)
11-02-2013 01:36 PM
Use bpimagelist -L to check some backups.
One of the fields in the output is 'Encrypted':
...
Compressed: no
Encrypted: no
Kilobytes: 2652800
Number of Files: 4507
.....
Your output should obviously say 'yes'.
11-03-2013 03:53 AM
thanks for all the replies.
bpbkar log from the client machine doesn't contain keyword 'Encryption', I need to find the way to enable its verbose logging.
bpimagelist -L show Encrypted is no, does this output reflects to both policy base encryption and client-side encryption over deduplication for puredisk?
11-03-2013 10:14 PM
That is my understanding, but we need to test to know for sure... Unfortunately I don't have access to MSDP at the moment.
Try to force encryption on one client with pd.conf entry (http://www.symantec.com/docs/HOWTO70637) and see what bpimagelist result is.
11-06-2013 06:07 AM
I tried setting Local_Setting, Compression and Encryption to "1" in the pd.conf of one of the Windows client, the backup job completed but bpimagelist output still shows both compression and encryption are No.
Has anyone tested this client-side deduplication encryption and prove it is really working?
11-06-2013 03:35 PM
Compression in bpimagelist means this image is encrypted by client encryption - not means deduptication encryption.
To comfirm deduplication encryption works, run tedt backup, capture packets, and look into packets.