my understanding of using your tape drives to perform the encryption, you must use the same type of drive to perform the decryption.
i'm looking at crossroads as a encryption appliance, similar to decru. dave.. ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, November 11, 2008 10:08 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] Encrypting offsite tapes If you have a library you may be able to do tape drive encryption with what you have. You just need to get it turned on (which most likely will take a license from your library manufacture - which means money- but no new equipment) Just remember that if you do this you must put HIGH priority on keeping track of you keys - so you can decrypt... you should use the same keys as your DR site so it can decrypt as well. ________________________________ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Wilts Sent: Tuesday, November 11, 2008 11:52 AM To: Rongsheng Fang Cc: VERITAS-BU@mailman.eng.auburn.edu Subject: Re: [Veritas-bu] Encrypting offsite tapes You have 3 separate options: 1. Client-based encryption. Free with 6.5 (and you may be able to get free licenses for 6.0 if you're under maintenance). Adds a load to each and every client. From what I've heard, it's not pretty. 2. Media-server based encryption. Puts the load on the media servers instead. 3. Encryption appliance. Not cheap, but they encrypt at wire speed while writing to the tape drives. Decru, now owned by NetApp, is the current market leader. Brocade is also now partnering with NetApp to build the next generation - basically a Decru encryption appliance built into a 32-port Brocade switch. Not even close to cheap :-) We chose option 3 and have Decru appliances in front of all our tape drives. Everything that's written to tape is automatically encrypted - we don't need to think about it. NetBackup doesn't even know the data is encrypted and doesn't care. http://www.netapp.com/us/products/storage-security-systems/ On Tue, Nov 11, 2008 at 11:32 AM, Rongsheng Fang <[EMAIL PROTECTED]> wrote: We duplicate backup images from disks/tapes to tapes weekly using NetBackup vault and send the tapes offsite. We have a new requirement for encrypting all the tapes going offsite. I understand that NetBackup can do the encryption while the backup is being done. My question is: is it possible to encrypt the images during the vault process (or the duplication process of the vault)? How do you implement the encryption in your backup environments? Our environment: NetBackup Enterprise 6.0MP4 on Solaris 10 Thanks, Rongsheng .../Ed Ed Wilts, RHCE, BCFP, BCSD, SCSP, SCSE [EMAIL PROTECTED]
_______________________________________________ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu