encrypting a primary storage pool

yodawoya

ADSM.ORG Member
Joined
Apr 1, 2010
Messages
48
Reaction score
0
Points
0
PREDATAR Control23

I am interested in finding out the pro/cons/how to of encrypting a primary storage pool. Attached is more the device and the pool. If you could point me to materail to read, it would be greatlyn appreciated. Thanks

Device Class Name: DISKPOOL_FILE
Device Access Strategy: Sequential
Storage Pool Count: 1
Device Type: FILE
Format: DRIVE
Est/Max Capacity (MB): 25,600
Mount Limit: 50
Mount Wait (min):
Mount Retention (min):
Label Prefix:
Drive Letter:
Library:
Directory: H:\CLSTSMDATA,I:\CLSTSMDATA
Server Name:
Retry Period:
Retry Interval:
Twosided:
Shared: No
High-level Address:
Minimum Capacity:
WORM: No
Drive Encryption:
Scaled Capacity:
Primary Allocation (MB):
Secondary Allocation (MB):
Compression:
Retention:
Protection:
Expiration Date:
Unit:
Logical Block Protection:
Last Update Date/Time: 2015-03-06, 15:18:00

Storage Pool Name: DISKPOOL
Storage Pool Type: Primary
Device Class Name: DISKPOOL_FILE
Estimated Capacity: 69,844.67 G
Space Trigger Util: 89.092
Pct Util: 55.417
Pct Migr: 55.417
Pct Logical: 98.204
High Mig Pct: 90
Low Mig Pct: 80
Migration Delay: 0
Migration Continue: Yes
Migration Processes: 1
Reclamation Processes: 1
Next Storage Pool: LOCALTAPE
Reclaim Storage Pool:
Maximum Size Threshold: No Limit
Access: Read/Write
Description:
Overflow Location:
Cache Migrated Files?:
Collocate?: Group
Reclamation Threshold: 60
Offsite Reclamation Limit:
Maximum Scratch Volumes Allowed: 2,800
Number of Scratch Volumes Used: 1,744
Delay Period for Volume Reuse: 0 Day(s)
Migration in Progress?: No
Amount Migrated (MB): 0
Elapsed Migration Time (seconds): 0
Reclamation in Progress?: No
Last Update Date/Time: 2015-03-06, 15:21:48
Storage Pool Data Format: Native
Copy Storage Pool(s):
Active Data Pool(s):
Continue Copy on Error?: Yes
CRC Data: No
Reclamation Type: Threshold
Overwrite Data when Deleted:
Deduplicate Data?: No
Processes For Identifying Duplicates:
Duplicate Data Not Stored:
Auto-copy Mode: Client
Contains Data Deduplicated by Client?: No
 
PREDATAR Control23

As far as I remember, you cannot define an encrypted devclass=file or a disk pool. What you can do is encrypt the data coming over to these devclass.

This means turning ON node encryption (data in flight) or server-side encryption (new on TSM 7.1 and later (need to verify this)) and let TSM manage the keys for you.
 
Last edited:
Top