Results 1 to 6 of 6
  1. #1
    Member
    Join Date
    Apr 2012
    Posts
    13
    Thanks
    0
    Thanked 1 Time in 1 Post

    Default Encrypted backup over WAN

    Hello,

    I've currently had a customer who does TSM backup over WAN link with backup-archive client encryption enabled. They are simply sending plain TSM communication through internet, just securing the data with "include.encryption" rule.

    Is it a pure madness or a minor security risk? When I saw such configuration I couldn't believe it.

    I have never used encryption in TSM though, so maybe when it is enabled, the control information is secured too, but I wouldn't guess so...

    Thanks for any comments.

    Pavel

  2. #2
    Member
    Join Date
    Apr 2009
    Posts
    63
    Thanks
    0
    Thanked 10 Times in 10 Posts

    Default

    Sure, there is some risk. IMHO there is always a risk when dealing with WAN and machines that can be accessed from the WAN, whether you have safegaurds in place or not. You might consider using SSL communication too, which is a relatevely newer feature that should provide some more protection. Toss in some client side deduplication too and make it really fun for someone to try and make sense out of the data

  3. #3
    Moderator moon-buddy's Avatar
    Join Date
    Aug 2005
    Location
    Somewhere in the US
    Posts
    5,858
    Thanks
    4
    Thanked 228 Times in 223 Posts

    Default

    If indeed encryption has been enabled, it would take a long time to decrypt 128 bit AES. Sure, you can decrypt the data but at what expense.

    Also, sending over the WAN does not necessarily mean data is open to everyone. If they have secure WAN links - at a high cost, of course - the risk is low but the impact is high should data be breeched.
    Ed

  4. #4
    Member
    Join Date
    Apr 2012
    Posts
    13
    Thanks
    0
    Thanked 1 Time in 1 Post

    Default

    I don't administer the environmnet, the customer is supposed to do it, but apparently the system hasn't been touched for years... Now, they asked us to analyze it and suggest a plan for future.

    The data is encrypted at the client, because the sever and its storage are placed in a hosting center and they want the data to be completely secure.

    I understand that 128 bit AES is fine, but what I am not sure about is the cotrol information that flows through the same open channel. They don't have any dedicated WAN link, both machines are connected to the internet (behind firewall with ports forwarded).

    To conclude my doubts:
    1) Are the TSM ports secure enough to be exposed to the internet?
    2) Is there a potential risk with the control traffic?

    Actually, my personal answer to both doubts is almost clear - it is not secure at all. Do you agree? One could attack public ports of a software which is primarilly designed to sit on local network. Am I wrong? At the same time tha attacker could potentially falsify control packets in name of others and gain information from the server, coudn't he?

    Thanks for you opinion.

    I know a VPN is an obvious solution and that's what I probably will recommend to them, but I would like to have some arguments.

  5. #5
    Member
    Join Date
    Apr 2012
    Posts
    13
    Thanks
    0
    Thanked 1 Time in 1 Post

    Default

    I will answer the question #2 myself. I did some packet capturing and it seems to be very clear:

    If you encrypt data by "include.encryption" rule, what you actually encrypt is the file contents. The control packets and metadata travel unprotected through the network. One can capture your file names, directory structure, and potentially attack the backup process as an insider.

  6. #6
    Moderator moon-buddy's Avatar
    Join Date
    Aug 2005
    Location
    Somewhere in the US
    Posts
    5,858
    Thanks
    4
    Thanked 228 Times in 223 Posts

    Default

    Quote Originally Posted by pheidrich View Post
    I will answer the question #2 myself. I did some packet capturing and it seems to be very clear:

    If you encrypt data by "include.encryption" rule, what you actually encrypt is the file contents. The control packets and metadata travel unprotected through the network. One can capture your file names, directory structure, and potentially attack the backup process as an insider.
    Even if they capture the metadata, what good will this be? Metadata points to basically store location and data name.
    Ed

Similar Threads

  1. Backup is not encrypted - how to enable encryption
    By publiclists in forum TSM Security and Regulatory Compliance
    Replies: 4
    Last Post: 09-05-2011, 05:22 AM
  2. restore encrypted backup
    By lafox in forum TSM Security and Regulatory Compliance
    Replies: 2
    Last Post: 09-20-2007, 04:29 AM
  3. backup encrypted volumes
    By koda in forum Backup / Archive Discussion
    Replies: 1
    Last Post: 08-25-2006, 04:41 PM
  4. Backup Performance over a WAN
    By dregsplyr in forum Performance Tuning
    Replies: 3
    Last Post: 11-09-2005, 03:06 PM
  5. BACKUP OVER WAN LINK ( how to minimise )
    By pinks in forum Backup / Archive Discussion
    Replies: 6
    Last Post: 08-12-2005, 02:57 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •