Encryption - Hardware vs Software

nbs03

nbs03

ADSM.ORG Senior Member
Joined
Mar 24, 2004
Messages
263
Reaction score
3
Points
0
Location
Baltimore, Md
Website
Visit site
Does anyone have experience encrypting data using hardware encryptors or the TSM software encryption?

I am researching the pros and cons of each method and would appreciate any real user experience/opinions.



Some basic questions:

- What is the observed impact of 56 or 128 bit TSM encryption on client backup and restore speed and tape capacity utilization?



- Are there any issues using any of the Data protection modules (i.e. TDP for R/3 or Oracle)?



- If the key is stored on the client does that key change when the client pasword changes? Would this cause a problem with recovery of old data stored under the old password?



- Are there any key problems when using virtual node ?



- Any issues recovering AIX/Linux data to a Solaris host and vice versa?



- Are there any compatability issues with hardware encryptors?



- Have you found any Redbooks or other references to tape encryption that you found usefull?



Thanks in advance

neilb
 
neil,

did you get any answers? being in healthcare i am looking into data encryption hardware vs software, can find many many options but not any real world experiences

thanks,

BC
 
BC,

I will be implementing TS1120 with encryption during the next 2 months and will let you know how things are going.

It is kind of ironic that a key member of my implementation team is leaving next week for a unix job at a healthcare facility and you are also in that area - so it goes....



Cheers,

Neil
 
Neil,

I can give a few insights about my encryption experience in my TSM environment. I don't know if this would be what you are looking for.

My current system is AES 128 (software) enabled. I have tried timing the backup with and without encryption but the delay is insignificant compared to the benefits. Again, I don't know if this is what you are after.

From my limited interaction with the password environment, the key seems to be the same every time a password is changed. This would be logical since if the key is changed, then the previous backup cannot be decrypted anymore.

There seems to be no effect for TDP-enabled clients.

I don't know about virtual nodes.

I have not used hardware encryptors on TSM but my guess is that the speed of encrypting/decrypting depends on the processor speed and complexity - number of bits - of the encryption strength. I am basing this on my other experience with non-TSM environments. I would also dare to say that the data should not be affected while passing it through a hardware encryptor.

I don't know of any Red books about these topics discussed general.

By the way, need extra hands? I am looking for other opportunities.
 
Last edited:
You must log in or register to reply here.

Data Privacy Impact Assessment

Compliance Assurance in Every Byte: Discover the Impact of Our DPIA Services.

Sponsor ADSM.ORG

If you are reading this, so are your potential customer. Advertise at ADSM.ORG right now.

Navigation Menu

Forums
   IBM TSM
   EMC Backup and Recovery
   Symantec NetBackup  
   SAN  
   NAS
   Platforms / OS
Mailing List Archives
   ADSM-L
User Groups

NordVPN 3 Months FREE

Help Support ADSM.ORG and Get NordVPN with 64% Off and 3 Months FREE.

NordVPN with 64% off + 3 months FREE

Forum statistics

Threads
31,967
Messages
135,413
Members
21,945
Latest member
ari
Back
Top