Solved

Tape Encryption

Posted on 2011-02-16
7
2,292 Views
Last Modified: 2012-05-11
Hi all, Just a gerneral question,

We have 3 tape libraries,
1 Dell ML6000
1 Quantum I500
1 IBM Ts3000 (I think)

We have  a project to look at encrypting the data we send off site, We would like to avoid software based encryption, but does anyone know of a product that is compatible with all 3 of the above libraries.

The independant solutions is the Dell DEKM, and for quantum QEKM and there is another one for IBM. But ideally we would be looking at one solution accross the board.

Does anyone know if this product exists? I know the encryption is getting better with the introduction of KMIP but Quantum are not adopting this on the I500.

Thanks

0
Comment
Question by:grangersi
  • 3
  • 3
7 Comments
 
LVL 25

Expert Comment

by:RobMobility
ID: 34908134
Hi,

I believe LTO4 and LTO5 support native encryption which should be enabled via your backup software.

LTO3 does not support native encryption, from what I believe.

Regards,


RobMobility.
0
 

Author Comment

by:grangersi
ID: 34908150
Hi, EMC Networker have decided not to include Key Management in their product at the moment.

All drives are LTO4 so we were looking at a possible other solution.

Thanks
0
 
LVL 25

Expert Comment

by:RobMobility
ID: 34908220
Hi,

Looks like the TS3000 (TS3500 or TS3494?) supports hardware encryption depending on the drives installed.

The Quantum i500 looks as if it uses LTO5 and the Dell ML6000 can use LTO 4 or 5.

Therefore, they may already support hardware encryption and you just need to enable via your backup solution(s)?

Try and determine which drives are installed to determine whether they support hardware encryption.

Regards,


RobMobility.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 25

Expert Comment

by:RobMobility
ID: 34908406
Hi,

How about CA - they have an encryption key management solution?

What platforms are you using?

Regards,


RobMobility.
0
 
LVL 20

Expert Comment

by:SelfGovern
ID: 34916250
If you've got LTO-4 and LTO-5 drives, you *should* have support for hardware
encryption in the tape drives, although I have heard that some (non-Fibre Channel?)
IBM drives do not have HW encryption enabled.

If you have drives that support HW encryption, then you just need a backup application
that can give an encryption key to the drive.   If Networker doesn't do this and you're
stuck on Networker, then... you're out of luck.   Most other backup applications have
had support for the LTO encryption for quite a while now.   BTW -- this is NOT software
encryption; it's using the HW encryption of the tape drive.

The second choice, if your libraries are Fibre Channel attached, is to get a switch that
can encrypt the data in flight.  But this is not likely to be a cheap solution.

You're correct that key management and interoperability is a problem today.  I'm not
aware of any solution -- other than an encrypting FC switch -- that works today to
provide encryption to heterogenous libraries.

That said -- HP has a really elegant and inexpensive encryption solution for its MSL libraries
in the MSL Encryption Kit... but it won't work with other vendors' libraries.

0
 

Accepted Solution

by:
grangersi earned 0 total points
ID: 34951585
From the comments/research, it does not look there is 1 solution, so it looks like I will have to go with 3 different solutions.
0
 

Author Closing Comment

by:grangersi
ID: 34990711
No solution given
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The Delta outage: 650 cancelled flights, more than 1200 delayed flights, thousands of frustrated customers, tens of millions of dollars in damages – plus untold reputational damage to one of the world’s most trusted airlines. All due to a catastroph…
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question