Different between Netbackup KMS and MSEO KMS
Created: 03 Oct 2012 | Updated: 22 Oct 2012 | 2 comments
This issue has been solved. See solution.
I have read through the Security admin guide that the Netbackup KMS is bundle with the netbackup installer and encrypted with support list of Library model.
What is required on the supported library model inorder to work with Netbackup KMS?
Is there any restriction for volume pool per keygroup ?
Discussion Filed Under:
Comments 2 Comments • Jump to latest comment
As I recall NBU KMS doesn't really care about the library - it just requires encryption-capable tape drives. When I set this up I didn't have to do anything to the drives/library - when NBU sees a request for a tape in a pool starting with ENCR_, it sets a scsi bit that tells the drive to encrypt/decrypt, and supplies the key for that pool.
There is a one to one relationship between keygroups and volume pools, and they have to have the same name.
Bill
MSEO is a basically third-party (Voltare) driver that has a kludge in NBU "comment" field that it is intercepting and forcing software-based encryption that works with any tape drive. For this purpose, MSEO maintains its own database with keys
NBU KMS works with encryption-enabled LTO4/5 drives that can accept keys via SCSI from NBU that holds the key database (it is not part of EMM, though).
Hope this helps
Would you like to reply?
Login or Register to post your comment.