ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] Implementing Encryption

2013-04-04 12:02:36
Subject: Re: [ADSM-L] Implementing Encryption
From: "Billaudeau, Pierre" <P.Billaudeau AT SAQ.QC DOT CA>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Thu, 4 Apr 2013 16:00:27 +0000 
Hi Zoltan,
        We used TSM encryption (Application base on AIX TSM servers) and here 
are the steps we had to implement:

1. On  TSM server :
     Update DEVCLASS 3592CLASS2 drivee=on

2. On  AIX :
chdev  -l 'rmt6' -a wrt_encryption='on'
chdev  -l 'rmt13' -a wrt_encryption='on'
chdev  -l 'rmt14' -a wrt_encryption='on'

('on' replaces the value 'custom')

3. Change at the  hardware level  :
Enable "Application" at the drive level :

CE Drv Options
        Drive encryption
                Method config
                        Application

Pierre Billaudeau

-----Message d'origine-----
De : ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] De la part de 
Zoltan Forray
Envoyé : 4 avril 2013 09:41
À : ADSM-L AT VM.MARIST DOT EDU
Objet : [ADSM-L] Implementing Encryption

I know this sounds strange, but we need to implement encryption on our
TS1130 tapes.

Never having done this, I need some help/suggestions/war-stories/etc on how to 
basically turn encryption on.  Is there a quick-and-dirty book on the subject?

I understand the first thing would be to change the devclass for the tape 
drives to "encryption=yes" for ALL of my servers (currently, 2 of 7 are library 
managers).

Then I saw something about EKM to manage the keys.  Is this also implemented on 
all TSM servers?

--
*Zoltan Forray*
TSM Software & Hardware Administrator
Virginia Commonwealth University
UCC/Office of Technology Services
zforray AT vcu DOT edu - 804-828-4807
Don't be a phishing victim - VCU and other reputable organizations will never 
use email to request that you reply with your password, social security number 
or confidential personal information. For more details visit 
http://infosecurity.vcu.edu/phishing.html

------------------


Information confidentielle : Le présent message, ainsi que tout fichier qui y 
est joint, est envoyé à l'intention exclusive de son ou de ses destinataires; 
il est de nature confidentielle et peut constituer une information privilégiée. 
Nous avertissons toute personne autre que le destinataire prévu que tout 
examen, réacheminement, impression, copie, distribution ou autre utilisation de 
ce message et de tout fichier qui y est joint est strictement interdit. Si vous 
n'êtes pas le destinataire prévu, veuillez en aviser immédiatement l'expéditeur 
par retour de courriel et supprimer ce message et tout document joint de votre 
système. Merci.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ADSM-L] Moving from IBM ATL with 3592J1A drives/tapes to Quantum Scalar i500 with LTO-6 drives/tapes, Huebner, Andy
Next by Date:  Re: [ADSM-L] Implementing Encryption, Prather, Wanda
Previous by Thread:  [ADSM-L] Implementing Encryption, Zoltan Forray
Next by Thread:  Re: [ADSM-L] Implementing Encryption, Prather, Wanda
Indexes:  [Date] [Thread] [Top] [All Lists]