• Please help support our sponsors by considering their products and services.
    Our sponsors enable us to serve you with this high-speed Internet connection and fast webservers you are currently using at ADSM.ORG.
    They support this free flow of information and knowledge exchange service at no cost to you.

    Please welcome our latest sponsor Tectrade . We can show our appreciation by learning more about Tectrade Solutions
  • Community Tip: Please Give Thanks to Those Sharing Their Knowledge.

    If you receive helpful answer on this forum, please show thanks to the poster by clicking "LIKE" link for the answer that you found helpful.

  • Community Tip: Forum Rules (PLEASE CLICK HERE TO READ BEFORE POSTING)

    Click the link above to access ADSM.ORG Acceptable Use Policy and forum rules which should be observed when using this website. Violators may be banned from this website. This notice will disappear after you have made at least 3 posts.

The best solution for data encryption ??

cjhood

ADSM.ORG Moderator
#2
Chris,

I've only done encryption via LTO4 drives with TSM managing the keys, and from my experience it works ok. The major issue is that the TSM database holds the keys, and thus you can't encrypt the DB backup tape. Performance is good, as the encryption is done in hardware it's almost as fast as regular LTO4.

I can't speak for LME, or for client-side encryption, perhaps someone else here could share their opinions...
 

chris_magic

ADSM.ORG Member
#4
I ask this because I want to encrypt only the data who are in my LTO storage pool who is going in vault.

My TSM server is on Windows 2003 server and the version is 5.5.4.1

Is it possible to encrypt only a specific storage pool (LTO) ?
 

cjhood

ADSM.ORG Moderator
#5
I ask this because I want to encrypt only the data who are in my LTO storage pool who is going in vault.

My TSM server is on Windows 2003 server and the version is 5.5.4.1

Is it possible to encrypt only a specific storage pool (LTO) ?

You setup encryption on the DEVCLASS. So for your offsite pool, you'd create a new device class (LTO_ENCRYPT or something like that), and make sure DRIVEE=on. Then create a new storage pool for your offsite tapes using that devclass.

You can update an existing devclass to encryption on, however it will be turned on for all storage pools using that devclass.
 

Advertise at ADSM.ORG

If you are reading this, so are your potential customer. Advertise at ADSM.ORG right now.

UpCloud high performance VPS at $5/month

Get started with $25 in credits on Cloud Servers. You must use link below to receive the credit. Use the promo to get upto 5 month of FREE Linux VPS.

The Spectrum Protect TLA (Three-Letter Acronym): ISP or something else?

  • Every product needs a TLA, Let's call it ISP (IBM Spectrum Protect).

    Votes: 17 19.5%
  • Keep using TSM for Spectrum Protect.

    Votes: 53 60.9%
  • Let's be formal and just say Spectrum Protect

    Votes: 10 11.5%
  • Other (please comement)

    Votes: 7 8.0%

Forum statistics

Threads
31,468
Messages
134,115
Members
21,565
Latest member
Chrescht
Top