ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] Detect client-level encryption from the TSM server?

2012-02-08 18:28:44
Subject: Re: [ADSM-L] Detect client-level encryption from the TSM server?
From: Paul Zarnowski <psz1 AT CORNELL DOT EDU>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Wed, 8 Feb 2012 18:22:35 -0500 
Keith,

This is not something that the TSM admin controls, and it is not enabled by 
node.  The only way I know of to detect encrypted files is from the client-side 
DSMC CLI.  E.g., dsmc query backup .... -detail, should show you which files 
are encrypted and using what encryption algorithm.  I do not think this will 
show you how the encryption keys are managed, however.

Note that if a file is backed up unencrypted, adding an "include.encrypt" rule 
to encrypt it does not automatically cause that file to be backed up again 
using encryption.  The addition of the encryption include is not recognized by 
TSM as a reason to backup the file.  We have had more than one user surprised 
by this.

Paul Zarnowski
Cornell University

At 03:52 PM 2/8/2012, Keith Arbogast wrote:
>Can one detect from the TSM server whether client-level encryption is set on 
>or off for each backup node? Inquiring security admins want to know.
>
>With my thanks and best wishes,
>Keith Arbogast
>Indiana University


--
Paul Zarnowski                            Ph: 607-255-4757
Manager, Storage Services                 Fx: 607-255-8521
719 Rhodes Hall, Ithaca, NY 14853-3801    Em: psz1 AT cornell DOT edu
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ADSM-L] Detect client-level encryption from the TSM server?, Keith Arbogast
Next by Date:  Re: [ADSM-L] TSM 6.3 node replication, Xav Paice
Previous by Thread:  [ADSM-L] Detect client-level encryption from the TSM server?, Keith Arbogast
Next by Thread:  Re: [ADSM-L] Detect client-level encryption from the TSM server?, Grigori Solonovitch
Indexes:  [Date] [Thread] [Top] [All Lists]