On Thu, Jul 24, 2008 at 12:18:01PM -0400, Clark, Patti wrote:
> 1 - FC attached library (Quantum i500) with 3 LTO-4 drives (IBM) - at
> least 2 drives will have encryption enabled.
> Software to perform encryption key management

Well, that bullet point is where all my questions would be.  I've no
problem with doing the encryption on the drive, but exactly how the keys
are managed will usually be the important pieces.

Who has access, what are the access methods, how do you get keys where
you need them, how do avoid loss of keys, etc...

Can I ask what the important factors were in deciding against appliances
for you?  I too like the apparent convenience of encrypting at the
drive, but I'm uncertain how to do the key management at this point.  I
think that's one of the stronger areas of the appliances.

> I've kept track of the HBA discussions, IBM drive info, Networker
> upgrade threads, and anything else related.  I expect to upgrade
> Networker and then the OS prior to the HW switch.  Not much has been
> said about encryption.  Does it work as advertised?  Is it fairly
> seamless?  Networker doesn't really see any difference and it's business
> as usual?

Pretty much.  Unless your key management software is somehow able to
integrate with networker (I assume not), then it will just appear to be
a normal drive.

> How about key management?  Do I believe the sales materials?

What are you using?  Not networker...

-- 
Darren

To sign off this list, send email to listserv AT listserv.temple DOT edu and 
type "signoff networker" in the body of the email. Please write to 
networker-request AT listserv.temple DOT edu if you have any problems with this 
list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER