We have some people at our university who are hesitant to use ADSM because of
security reasons.  I believe that they are concerned of the possiblity that
ethically-challenged people may sniff networks, intercept the backup data,
and recreate files containing sensitive data.

My response to this concern is the following.

1) I presume that file data and ADSM specific data is packed into an ADSM
non-public domain protocol.  So, anybody sniffing would have to understand
and/or re-engineer this protocol.

2) We force the client to compress the data, so no clear text is transferred
on the network.  So, anyone trying to intercept that data would have to
collect complete data transmissions, understand the protocol, and uncompress
the files, in order to gain access to any sensitive data.

o Is there an official response addressing security of ADSM data on the
network?
o Are there any stronger arguments showing that security is not a concern?
o What are valid concerns for security exposure of ADSM data?

Responses anyone?

Kent

--
Kent Johnson                        Internet: johnsk6 AT rpi DOT edu
Kent Johnson                        Internet: johnsk6 AT rpi DOT edu
Unix Systems Programmer (VCC 323)      Phone: (518) 276-8175
Rensselaer Polytechnic Institute         Fax: (518) 276-2809