ADSM-L

Re: Encryption of data written to tape

2005-04-13 14:44:36
Subject: Re: Encryption of data written to tape
From: Orville Lantto <Orville.Lantto AT DATATREND DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Wed, 13 Apr 2005 13:44:06 -0500
The processor load for encryption is very high.  If you need to do this
for more than a little data, investigate an encryption appliance to put
between the TSM server and the tape drives.

Orville L. Lantto
Datatrend Technologies, Inc.  (http://www.datatrend.com)
IBM Premier Business Partner
121 Cheshire Lane, Suite 700
Minnetonka, MN 55305
Email: Orville.Lantto AT datatrend DOT com

CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is
for the sole use of the intended recipient(s) and may contain confidential
and privileged information. Any  unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of the original
message.



"Stapleton, Mark" <mark.stapleton AT BERBEE DOT COM>
Sent by: "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
04/13/2005 09:51 AM
Please respond to
"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>


To
ADSM-L AT VM.MARIST DOT EDU
cc

Subject
Re: Encryption of data written to tape






From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On
Behalf Of Dearman, Richard
>So the data is not decrypted at the tsm server before being written to
>tape?

It is encrypted from the moment the data leaves the client, and it not
deencrypted until it is restored to the client.

>Therefore if I set this for all my windows 5.3 clients all data that is
>backed up to disk then migrated to tape will be encrypted?

Yes.

>And if I need to rebuild (meaning reinstall windows) that
>client for any
>reason or restore files from that client to any other client I assume
>the client doesn't need the decryption keys?

This is incorrect. If you rebuild a TSM client, the first time you
perform a restore to it the TSM client will ask for the encryption key.
If you don't know what it is, the data will not be available. Ever.

--
Mark Stapleton (stapleton AT berbee DOT com)
IBM Certified Advanced Deployment Professional
Tivoli Storage Management Solutions 2005
Office 262.521.5627

<Prev in Thread] Current Thread [Next in Thread>