Networker
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Networker] Encryption Questions

2009-03-18 04:47:55
Subject: Re: [Networker] Encryption Questions
From: Davina Treiber <Davina.Treiber AT PEEVRO.CO DOT UK>
To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
Date: Wed, 18 Mar 2009 08:39:01 +0000 
Stan Horwitz wrote:
>> From: David Magda <dmagda AT ee.ryerson DOT ca>
>> Date: Tue, 17 Mar 2009 21:31:08 -0400
>> To: Stan Horwitz <stan AT temple DOT edu>
>> Cc: EMC NetWorker discussion <NETWORKER AT LISTSERV.TEMPLE DOT EDU>
>> Subject: Re: [Networker] Encryption Questions
>>
>> On Mar 17, 2009, at 21:03, Stan Horwitz wrote:
>>
>>> [ David Magda wrote: ]
>>>
>>>> Personally I think this is a common use case, and am hoping that it
>>>> becomes available in the base Networker software (or a modestly
>>>> priced
>>>> option?).
>>> For your modest needs, you can do that now with the aes asm if your
>>> NetWorker environment is reasonably current.
>> Yes, this does the AES encryption on the client (?) that is being
>> backed up, and sends the cipher text to the tape drive. This would
>> kill the hardware compression on the tape drive and drive up CPU usage.
>>
>> I was wondering about using LTO-4's hardware encryption. This doesn't
>> seem to be supported by Networker at this time.
> 
> You can do it. I don't think will benefit from compression by using LTO-4's
> encryption though. Note that IBM has a utility that manages LTO-4 encryption
> keys. You might also talk with your tape library vendor to see if they have
> any key management tools for LTO-4. Also, Spectralogic has a key management
> feature in some of their LTO-4 tape libraries that might be worth looking

The major difference between using the compression built-in to LTO-4 or
TS1100 drives and software encryption (such as aesasm) is that the
hardware method still gives you very good compression. Also there is
negligible impact on throughput - when I tried it I saw about 1%
reduction in throughput, which is irrelevant when you are getting 150MB/s.

To sign off this list, send email to listserv AT listserv.temple DOT edu and 
type "signoff networker" in the body of the email. Please write to 
networker-request AT listserv.temple DOT edu if you have any problems with this 
list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Networker] Encryption Questions, Dag Nygren
Next by Date:  Re: [Networker] NME 5.1 SP2 issues backing up exchange 2007 SP1, Will Parsons
Previous by Thread:  Re: [Networker] Encryption Questions, David Magda
Next by Thread:  Re: [Networker] Encryption Questions, Fazil Saiyed
Indexes:  [Date] [Thread] [Top] [All Lists]