Refer to the subsequent topics for more information.
The mode of key lifecycle management as either static or internal. | |
A global mode of key management in which a fixed key is used to encrypt all data. | |
• |
Key Management — In internal mode there is a maximum limit of 1023 keys. By default when encryption is enabled on the system, the key rotation period is set to 30 days. Users can later change the key rotation period from 7 days to 70 years, while configuring internal mode of encryption. |
• |
Performance Impacts — Encryption should have minimal to zero impact on both backup and restore workflows. |
It should also have no impact on the replication workflows.
• |
Replication — Encryption must be enabled on both the source and target DR Series systems to store encrypted data on the systems. This means that encrypted data on the source does not automatically imply that when it is replicated to the target it will be encrypted unless encryption is explicitly turned ‘ON’ on the target DR Series system. |
• |
Seeding — Encryption must be enabled on both the source and target DR Series systems to store encrypted data on the systems. If seeding is configured for encryption, then the data will be re-encrypted and stored. When the data stream is imported onto the target from the seed device, the stream will be encrypted as per the target policy and stored. |
• |
Security Considerations for Passphrase and Key Management — |
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center