Keith,
This is not something that the TSM admin controls, and it is not enabled by
node. The only way I know of to detect encrypted files is from the client-side
DSMC CLI. E.g., dsmc query backup .... -detail, should show you which files
are encrypted and using what encryption algorithm. I do not think this will
show you how the encryption keys are managed, however.
Note that if a file is backed up unencrypted, adding an "include.encrypt" rule
to encrypt it does not automatically cause that file to be backed up again
using encryption. The addition of the encryption include is not recognized by
TSM as a reason to backup the file. We have had more than one user surprised
by this.
Paul Zarnowski
Cornell University
At 03:52 PM 2/8/2012, Keith Arbogast wrote:
>Can one detect from the TSM server whether client-level encryption is set on
>or off for each backup node? Inquiring security admins want to know.
>
>With my thanks and best wishes,
>Keith Arbogast
>Indiana University
--
Paul Zarnowski Ph: 607-255-4757
Manager, Storage Services Fx: 607-255-8521
719 Rhodes Hall, Ithaca, NY 14853-3801 Em: psz1 AT cornell DOT edu
|