David Magda wrote:
> On Jan 10, 2008, at 16:35, lemons_terry AT emc DOT com wrote:
> 
>> All of these require a supporting environment to provide key
>> management, drive configuration, etc.  For the TS1120 and T10000A at
>> least, this adds tens of thousands of dollars to the cost of the drive
>> itself, in my experience.
> 
> I'm probably missing something, but why can't Networker do the key
> management?

The simple answer is, "because it can't". This functionality hasn't been
written into NetWorker. It's possible for the application to do this,
for example TSM can do key management for TS1120 or LTO-4 drives in an
IBM tape library, so if EMC wanted to put this in NetWorker it would be
possible, but I'm not even sure if it's a good thing.

I was involved with setting up LTO-4 encryption on an IBM TS3500, with
the library firmware controlling the encryption. The keystore software
(EKM) ran on a couple of Unix boxes. We had the help of an IBM
consultant but still had a few issues getting it right, however when we
cracked it, it worked a treat, with no discernible impact on throughput
(hardware compression).

To sign off this list, send email to listserv AT listserv.temple DOT edu and 
type "signoff networker" in the body of the email. Please write to 
networker-request AT listserv.temple DOT edu if you have any problems with this 
list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER