[Veritas-bu] NetBackup KMS best practices for passphrases
2011-04-05 17:12:08
If I were to have my Information Security team provide only one of the
passphrases when setting up the KMS database, which one would it be?
In other words, which one would be required to rebuilt the entire databsae, and
without it I would not be able to re-create any of the keys used by the tape
drives?
We don't want any one person to be able to re-create the database using the
passphrases.
I'm leaning towards the Key Protection key as it seems to tie into all the
other keys, were the Host Master key is only there to protect the Key
Protection key and nothing else.
Am I on the right path here?
+----------------------------------------------------------------------
|This was sent by spaldam AT spaldam DOT com via Backup Central.
|Forward SPAM to abuse AT backupcentral DOT com.
+----------------------------------------------------------------------
_______________________________________________
Veritas-bu maillist - Veritas-bu AT mailman.eng.auburn DOT edu
http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Veritas-bu] NetBackup KMS best practices for passphrases,
spaldam <=
|
|
|