Backup Exec 2010 R3 - Encryption advice/query's/questions
Hi, I have some questions/queries around using encryption & how it ties in with the data backed up to tape by a particular server.
Our backup server is a Windows 2008R2 Server running BE 2010 R3, tape hardware is a Dell LTO4 autoloader.
We backup VMWare VM’s, also data held on Windows servers using RAWS & ADBO, ALL data is pre staged to disk prior to being backed up to tape.
All ‘jobs’ are based on a policy from which the actual backup job takes its settings from.
Q: Am I able to encrypt only selected backup jobs by way of a tick box, or will I need to create a new policy & use this to ‘select’ encrypted B2T jobs? Or is it that if encryption is enabled it’s an all or nothing, i.e. you use it or you don’t?
Q: Some of our jobs use hardware compression (when backing up to tape), is it advisable to use this at all?
Q: Has anyone had any experiences with either hardware encryption or software encryption? I’m aware that hardware uses the tape drive (being that we have LTO4, I believe this is ok!?) & software uses the ‘server’ or client, but has anyone had specific problems, or used either option over the other?
Q: How much overhead does encryption put onto a backup? Is it possible to quantity this in a rough %’age?
Q: If I were to restore data from a tape backup that was encrypted, would I need to put in my password each time, or is that the server in question ‘knows’ the tapes and allows the restore to take place?
Q: If I were to restore from another server (Same OS/BE version) am I able to restore by inputting a password, or do I need to install the encryption key on the server? Is it possible to export / import keys to other servers of the same software?
If this is all covered by a KB or a guide, please accept my apologies & point me in the right direction if you could. Or if anyone has any good information about using encryption, I’d be very grateful if you could share it.
Thanks in advance.