Tchater maintenant avec le support
Tchattez avec un ingénieur du support

NetVault Plug-in for Advanced Encryption 11.4 - User Guide

Defining a backup strategy

Encryption strategy overview

When defining an encryption strategy, you must determine the following:

Selecting which backups to encrypt

NetVault Backup performs software-based encryption. The backup stream is encrypted using the selected algorithm by the NetVault Backup Server or Client where the plug-in is installed. The encrypted data stream is transferred over the network to the backup device where it remains encrypted. During restore, the encrypted backup is transferred from the backup device to the targeted NetVault Backup Client, where the plug-in installed on the client completes the decryption.

The backup encryption and decryption processes are performed by the plug-in installed on the NetVault Backup Server or Client. These processes use resources on the machine. The encryption process lengthens the time it takes to perform backups, while the decryption process lengthens the time it takes to perform restores. The impact to the performance of the client, backup window, and restore time should be considered when deciding which backups must be encrypted. In summary, backups should only be encrypted when security requirements outweigh the impact to performance, backup windows, and restore times.

Selecting the encryption algorithm

NetVault Backup provides multiple algorithms that can be used to encrypt and decrypt backups. While each NetVault Backup Client can use a different encryption algorithm, all backups from a particular client must use the same algorithm.

The same encryption algorithm that was used during backup must be used during restores. It is possible to use a different algorithm from this point forward than was previously used. However, when restoring backups that used the previous algorithm, the NetVault Backup Server or Client must be configured to specify the algorithm used by the backup to restore data successfully. For example, if previous backups used the CAST-128 algorithm while current backups are using the AES-256 algorithm, the plug-in must be configured on the server or client to use the CAST-128 algorithm when restoring a backup that was taken using that algorithm; otherwise, restore fails.

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.

Sélectionner une évaluation