I would say there are 4 types of encryption. (Chapter 14 in the 5.5 Admin Guide covers alot of this)
- TSM Client level encryption (using the include.encrypt and various client options) Data is encrypted before sending to the TSM server. (software based) - TSM Server level encryption (using the devclass DRIVEEncryption option) This is done at the devclass/stgpool level (I.E. DB Backups are not encrypted) (hardware based) - AIX System level. Encryption is handled at the Atape level (hardware based) - Library managed (completely transparent to TSM) (hardware based) 1- no default encryption 2- Each method will have its own way to check. The way we proved to our auditors involved documentating an attempt to restore without the keys (which failed) 3- These have nothing to do with encryption. These are basic client files. Refer to the TSM Client manual. Regards, Shawn ________________________________________________ Shawn Drew Internet tsm-fo...@backupcentral.com Sent by: ADSM-L@VM.MARIST.EDU 08/09/2011 09:22 PM Please respond to ADSM-L@VM.MARIST.EDU To ADSM-L cc Subject [ADSM-L] Any default encryption for TSM server?? Conclude that the TSM encryption can categories by two types: 1) Software/application layer encryption 2) Hardware layer encryption (Tape drive). Question: 1) Does TSM has any data protection other than this two? Does TSM has default encryption if we never configure any setting to enable the software/application and there are no license key bought for hardware layer to do encryption? 2)If a software/application was configured or installed on the server, how can we check it? (e.g Maybe there are some files or command able to show it and please show me the way to check whether is the encryption enable or not to protect the data) 3) Can you tell me where are these files and what are their content about: - TSM.PWD - Dsm.sys - Dsm.opt And What do INCLUDE.ENCRYPT and EXCLUDE.ENCRYPT statements mean? Where are them? And last question is which file content the encryptkey and encryptiontype parameter? +---------------------------------------------------------------------- |This was sent by terrancey...@yahoo.com via Backup Central. |Forward SPAM to ab...@backupcentral.com. +---------------------------------------------------------------------- This message and any attachments (the "message") is intended solely for the addressees and is confidential. If you receive this message in error, please delete it and immediately notify the sender. Any use not in accord with its purpose, any dissemination or disclosure, either whole or partial, is prohibited except formal approval. The internet can not guarantee the integrity of this message. BNP PARIBAS (and its subsidiaries) shall (will) not therefore be liable for the message if modified. Please note that certain functions and services for BNP Paribas may be performed by BNP Paribas RCC, Inc.