TKLM encryption questions

R

rvillano

ADSM.ORG Member
Joined
Nov 10, 2004
Messages
129
Reaction score
1
Points
0
Location
michigan
Website
Visit site
Hello to everyone here in the Forum,

I have a new customer who is currently using server side encryption with a TS3500 single partition library.

They have purchased TKLM, ALMS, and the transparent LTO encryption feature codes. At this time there are lto2 and lto4 drives in the partition. the majority of the lto2 drives are to be replaced with new lto4 drives but they intend to keep 2 lto2 drives for use to read those tapes and to encrypt them to lto4 in the future.

This is the 1st customer of mine to choose the TKLM software or any encryption in general and I don't have any experience with it. I have read the TKLM admin and install guides but still not sure about all of this.

My questions are:

1. How does the TKLM software know what drives to encrypt, does it need to be installed on a server with SAN mapping to the drives or does it communicate via the node card on the ts3500?

2. What is transparent encryption? Is it required for TKLM or is it used just to encrypt at the drive level using the meta data being written?

3. Is ALMS required for TKLM?

4. Do I need to create a new partition for use by TKLM so that the existing tapes encrypted by the server side encryption can been read and then written by TKLM on the 2nd partition?

5. What has been your experience with TKLM? is a pain in the you know what to administer?

I'm sure I will have many more questions to follow regarding this encryption stuff and I would really appreciate any assistance I can get from the forum.

Thanks in advance
 
1. How does the TKLM software know what drives to encrypt, does it need to be installed on a server with SAN mapping to the drives or does it communicate via the node card on the ts3500?
You need to assign the drives (dedicated ones) tol a library. The TKLM will read of the serial numbers from the ts3500 over tcp/ip and issue encryption keys based on a volume label.

2. What is transparent encryption? Is it required for TKLM or is it used just to encrypt at the drive level using the meta data being written?
That is when data is encrypted by the LTO drive. This is a feature that needs to be enabled on your TS3500.

3. Is ALMS required for TKLM?
Not sure. I have it, and the encryption. Works like a charm

4. Do I need to create a new partition for use by TKLM so that the existing tapes encrypted by the server side encryption can been read and then written by TKLM on the 2nd partition?
Start from scratch. Create a new virtual library, and put the dedicated drives there. Then assign new tapes to that library

5. What has been your experience with TKLM? is a pain in the you know what to administer?
Pain to configure, works fine.

I'm sure I will have many more questions to follow regarding this encryption stuff and I would really appreciate any assistance I can get from the forum.

Thanks in advance
 
You must log in or register to reply here.

Data Privacy Impact Assessment

Compliance Assurance in Every Byte: Discover the Impact of Our DPIA Services.

Sponsor ADSM.ORG

If you are reading this, so are your potential customer. Advertise at ADSM.ORG right now.

Navigation Menu

Forums
   IBM TSM
   EMC Backup and Recovery
   Symantec NetBackup  
   SAN  
   NAS
   Platforms / OS
Mailing List Archives
   ADSM-L
User Groups

NordVPN 3 Months FREE

Help Support ADSM.ORG and Get NordVPN with 64% Off and 3 Months FREE.

NordVPN with 64% off + 3 months FREE

Forum statistics

Threads
31,974
Messages
135,447
Members
21,952
Latest member
gatherpc
Back
Top