Application Level Encryption

M

melvernon

Active Newcomer
Joined
Sep 16, 2008
Messages
12
Reaction score
0
Points
0
Hello,

We are attempting to implement application level encryption in the following environment...

IBM TS3500 Tape Library, Firmware level 8750; with ALMS installed.
LTO4 Ultrium drives, Firmware level 89B2
AIX 5.3.2 server, TSM server 5.4.1

After encryption is enabled, we continually get the following pair of errors when attempting a restore (backup works fine): The errors occur with different volumes, and all 12 drives.

ANR8302E I/O error on drive DRIVE01 (/dev/rmt3) with
volume SS3145 (OP=READ, Error Number=47, CC=0, KEY=07,
ASC=74, ASCQ=01, SENSE=F0.00.07.00.00.00.50.58.00.00.00.-
00.74.01.30.00.11.88.A1.00.00.01.53.43.33.31.36.37.4C.00-
.00.00.07.CA.32.00.00.00.00.00.80.08.60.00.00.00.00.00.0-
0.00.00.00.00.00.00.00.00.00.00.00.00.00.00.00.00.00.00.-
00.00.00.00.00.00.00.00.00.00.00.00.00.00.00.00.00.00.00-
.38.39.42.32.00.00.00.00.00.00, Description=An
undetermined error has occurred). Refer to Appendix C in
the 'Messages' manual for recommended action. (SESSION:
8714)
ANR8355E I/O error reading label for volume SS3145 in
drive DRIVE01 (/dev/rmt3). (SESSION: 8714)



If you have implemented application level encryption in a similar environment, and you overcame the above errors, please let me know.



Did or did you not have to install Feature Code 1604?

Thanks
 
Have you tried to relabel a tape after enabling encryption?

-Aaron
 
You do not need the 1604 feature code to use application-based encryption with TSM.

You shouldn't need to relabel tapes either.

It also looks like you are running a version of TSM Server that supports LTO4 encryption.

Does the device class for your encrypted library/drives have the drive encryption flag set to yes?

The switch --> drivee=yes
 
Aaron, yes we did try to relabel a tape. If it had been encrypted, you cannot relable it. If it is new tape, no problem.

Thanks
 
Yes, the parameter drive encryption is set to on.
 
application level encryption fixed

We were finally able to get this up and running. Tests showed that you could read the tape thaty was encrypted, as long as the tape went to the same drive that you used when it was written to.

IBM researched this problem, and we upgraded to TSM server Version 5, Release 4, Level 5.0. After this, the encryption has worked with no problem

Thanks
 
You must log in or register to reply here.

Data Privacy Impact Assessment

Compliance Assurance in Every Byte: Discover the Impact of Our DPIA Services.

Sponsor ADSM.ORG

If you are reading this, so are your potential customer. Advertise at ADSM.ORG right now.

Navigation Menu

Forums
   IBM TSM
   EMC Backup and Recovery
   Symantec NetBackup  
   SAN  
   NAS
   Platforms / OS
Mailing List Archives
   ADSM-L
User Groups

NordVPN 3 Months FREE

Help Support ADSM.ORG and Get NordVPN with 64% Off and 3 Months FREE.

NordVPN with 64% off + 3 months FREE

Forum statistics

Threads
31,971
Messages
135,441
Members
21,949
Latest member
tsheli
Back
Top