Re: [ADSM-L] Any default encryption for TSM server??
2011-08-10 12:43:10
I would say there are 4 types of encryption. (Chapter 14 in the 5.5 Admin
Guide covers alot of this)
- TSM Client level encryption (using the include.encrypt and various
client options) Data is encrypted before sending to the TSM server.
(software based)
- TSM Server level encryption (using the devclass DRIVEEncryption option)
This is done at the devclass/stgpool level (I.E. DB Backups are not
encrypted) (hardware based)
- AIX System level. Encryption is handled at the Atape level (hardware
based)
- Library managed (completely transparent to TSM) (hardware based)
1- no default encryption
2- Each method will have its own way to check. The way we proved to our
auditors involved documentating an attempt to restore without the keys
(which failed)
3- These have nothing to do with encryption. These are basic client
files. Refer to the TSM Client manual.
Regards,
Shawn
________________________________________________
Shawn Drew
Internet
tsm-forum AT BACKUPCENTRAL DOT COM
Sent by: ADSM-L AT VM.MARIST DOT EDU
08/09/2011 09:22 PM
Please respond to
ADSM-L AT VM.MARIST DOT EDU
To
ADSM-L
cc
Subject
[ADSM-L] Any default encryption for TSM server??
Conclude that the TSM encryption can categories by two types: 1)
Software/application layer encryption 2) Hardware layer encryption (Tape
drive).
Question:
1) Does TSM has any data protection other than this two? Does TSM has
default encryption if we never configure any setting to enable the
software/application and there are no license key bought for hardware
layer to do encryption?
2)If a software/application was configured or installed on the server, how
can we check it? (e.g Maybe there are some files or command able to show
it and please show me the way to check whether is the encryption enable or
not to protect the data)
3) Can you tell me where are these files and what are their content about:
- TSM.PWD
- Dsm.sys
- Dsm.opt
And What do INCLUDE.ENCRYPT and EXCLUDE.ENCRYPT statements mean? Where are
them?
And last question is which file content the encryptkey and
encryptiontype parameter?
+----------------------------------------------------------------------
|This was sent by terranceyaul AT yahoo DOT com via Backup Central.
|Forward SPAM to abuse AT backupcentral DOT com.
+----------------------------------------------------------------------
This message and any attachments (the "message") is intended solely for
the addressees and is confidential. If you receive this message in error,
please delete it and immediately notify the sender. Any use not in accord
with its purpose, any dissemination or disclosure, either whole or partial,
is prohibited except formal approval. The internet can not guarantee the
integrity of this message. BNP PARIBAS (and its subsidiaries) shall (will)
not therefore be liable for the message if modified. Please note that certain
functions and services for BNP Paribas may be performed by BNP Paribas RCC, Inc.
|
|
|