The RMAN encryption works well and encrypts data before it is sent to the
Networker Server. If you need to encrypt data on the tape to send offsite you
can also use "Datazone pass phrase"
Datazone pass phrase - This attribute is used to generate the datazone
encryption key for backup and recover operations. If empty, the default pass
phrase will be used.
HTH
--- On Wed, 8/27/08, Bruce Breidall <bruce.breidall AT CONCUR DOT COM> wrote:
From: Bruce Breidall <bruce.breidall AT CONCUR DOT COM>
Subject: [Networker] Oracle RMAN Encryption with NW
To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
Date: Wednesday, August 27, 2008, 11:19 PM
Greetings everyone.
I am wondering if anyone can comment on encryption solutions they have
implemented with NW and manual RMAN backups. For PCI compliance, we have
to enable some form of encryption on the tapes we send offsite. We
currently use the aes directive for all the server file systems, and I
have suggested to the oracle team to incorporate the
NSR_ABS_ENCRYPTION=TRUE switch in the RMAN allocate channel.
There really is no key management with NW, I understand that.
Does anyone care to offer some feedback on implementing a similar
strategy? Have you found that this direction works, is supportable, and
satisfies the PCI auditors?
Any comment, whether negative or positive, is greatly appreciated.
To sign off this list, send email to listserv AT listserv.temple DOT edu and
type
"signoff networker" in the body of the email. Please write to
networker-request AT listserv.temple DOT edu if you have any problems with this
list.
You can access the archives at
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
To sign off this list, send email to listserv AT listserv.temple DOT edu and
type "signoff networker" in the body of the email. Please write to
networker-request AT listserv.temple DOT edu if you have any problems with this
list. You can access the archives at
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
|