Hello,

        To support a disaster recovery initiative it is intended that all
corporate servers are backed up to TSM.  The administrator of our firewall
resists this mainly for the fact that the client data is sent in clear text
over the network.

        As the TSM administrator it has fallen to me to find common ground
between the firewall administrator and the people driving the disaster
recovery initiative.  Reading the archives I found the following opinions
and would like to hear what anyone else might have to add or what recent
opinion are.

1.  Set client compression  and then the data is transferred in a compressed
format. Is this a proprietary/undocumented compressed format?

2.  Implement 'ssh' for secure connectivity between the server and client.
Can anyone recommend a source for more information on doing this?

3.  Using PRESCHED and POSTSCHED encrypt sensitive data to a temp directory
on the client and then backup that data.  Any recommendations on available
products?

4.  The data on a TSM cartridge can only be read with the database for that
TSM Server.  It would be extremely difficult and costly to retrieve this
data from the tape alone.  That seemed to be the consensus in the archives.
Does it still hold true?

5.  With the exception of an attack from within the company, if an intruder
is in the position to capture internal network traffic would not that not
mean that the firewall and other security measures have already been
compromised?

Thank You,
Jon Martin