Chat now with support
Chat with Support

DR Series Software 3.2.6 - Administrator Guide

Introduction to the DR Series System Documentation Understanding the DR Series System Setting Up the DR Series System Hardware Configuring the DR Series System Settings Managing DR Series Storage Operations Monitoring the DR Series System Using Global View Using the DR Series System Support Options Configuring and Using Rapid NFS and Rapid CIFS Configuring and Using Rapid Data Access with Dell NetVault Backup and with Dell vRanger Configuring and Using RDA with OST
Understanding RDA with OST Guidelines Terminology Supported RDA with OST Software and Components Best Practices: RDA with OST and the DR Series System Setting Client-Side Optimization Configuring an LSU Installing the RDA with OST Plug-In Configuring DR Series System Information Using NetBackup Backing Up Data From a DR Series System (NetBackup) Using Backup Exec With a DR Series System (Windows) Understanding the OST CLI Commands Understanding RDA with OST Plug-In Diagnostic Logs Collecting Diagnostics Using a Linux Utility Guidelines for Gathering Media Server Information
Configuring and Using VTL Configuring and Using Encryption at Rest Troubleshooting and Maintenance Supported Ports in a DR Series System Getting Help

Guidelines for Configuring VTL

Guidelines for Configuring VTL

The overall steps and recommended guidelines for using and configuring a virtual tape library (VLT) with the DR Series system are described below.

Determine the following before creating a container of type VTL.

Identify the Data Management Application (DMA) that you will be using to back up data. Refer to the Dell DR Series System Interoperability Guide for a complete list of the supported DMAs.
For the NDMP protocol, determine the filer that will be backed up using NDMP Refer to the Dell DR Series System Interoperability Guide for a list of the supported Filers and Operating systems.

Refer to the DR Series system documentation, which includes best practices whitepapers for the supported DMAs, for your specific DR Series system at:

http://www.dell.com/powervaultmanuals

Refer to the topics, Creating Storage Containers and Creating a VTL Type Container, for detailed instructions about creating containers. Refer to the Dell DR Series System Command Line Interface Guide for details about the CLI commands for creating containers.

Refer to the Dell DR Series System Command Line Reference Guide for more details about using these commands.

You can easily check that the library has been created and is available for use by using the following commands.

container --show –verbose

See the DR Series system documentation, which includes DMA best practices whitepapers for your specific DR Series system at:

http://www.dell.com/powervaultmanuals

Configuring and Using Encryption at Rest

Configuring and Using Encryption at Rest

This chapter introduces the concept of Encryption at Rest as used by the DR Series system as well as related concepts and tasks.

Refer to the subsequent topics for more information.

Understanding Encryption at Rest

Understanding Encryption at Rest

Data that resides in the DR Series system can be encrypted. When encryption is enabled, the DR Series system uses the Industry standard FIPS 140-2 compliant 256-bit Advanced Encryption Standard (AES) encryption algorithm for encrypting and decrypting user data. The content encryption key is managed by the key manager, which operates in either a Static mode or an Internal mode. In Static mode, a global, fixed key is used to encrypt all data. In internal mode, key lifecycle management is performed in which the keys are periodically rotated. The minimum key rotation period before the content encryption key can be rotated and a new key is generated is 7 days. This rotation period is user-configurable and can be specified in days. A user-defined passphrase is used to generate a pass phrase key, which is used to encrypt the content encryption keys. It is mandatory to define a passphrase to enable encryption. The system supports up to a limit of 1023 different content encryption keys. All streams of a data-store are encrypted or re-encrypted with the same content encryption key. DR Series system statistics report the amount of data encrypted and decrypted bytes consistently.

Encryption at Rest Terminology

Encryption at Rest Terminology

This topic introduces and briefly defines some basic encryption at rest terminology used in the DR Series system documentation.

Term

Description

Passphrase

A passphrase is a sequence of words or other text used to control access to data, similar to a password in usage, but is generally longer for added security. In the DR Series system, the passphrase is user-defined and is used to generate a passphrase key that encrypts the file in which the content encryption keys are kept. The passphrase is a human readable key, which can be up to 256 bytes in length. It is mandatory to define a passphrase to enable encryption.

Content encryption key

The key used to encrypt the data. The content encryption key is managed by the key manager, which operates in either a static mode or an internal mode. The system supports up to a limit of 1023 different content encryption keys.

Key management mode

The mode of key lifecycle management as either static or internal.

Static mode

A global mode of key management in which a fixed key is used to encrypt all data.

Internal mode

A mode of key lifecycle management in which the keys are periodically generated and rotated. The minimum key rotation period before the content encryption key can be rotated and a new key is generated is 7 days. This rotation period is user-configurable and can be specified in days.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating