If your Rapid Recovery Core is already registered with a phone-home key, access the General settings on the Core, change the setting Agree to use of personal data to No, and when prompted, register the non-phone-home key.
For more information or step-by-step instructions for changing General settings for your Core, see the topic Configuring Core general settings.
For more information about managing licenses from the Rapid Recovery Core, see the topic "Managing licenses in the Rapid Recovery 6.3 Installation and Upgrade Guide.
Complete the steps in this procedure to contact the Quest licensing team to obtain a non-phone-home license.
|Field Name||Description||Required Field|
Enter the email address to which you want the Quest licensing team to respond. If you have access to the email account associated with your Rapid Recovery license, use that address for fastest response.
|Contact First Name||Enter your first name.||Yes|
|Contact Last Name||Enter your last name.||Yes|
Enter the name of the company associated with your Rapid Recovery license.
|US Federal||Select if your license is related to a US federal organization.||No|
|Country||Select your country.||Yes|
|Phone Number||Enter your phone number, including area code. If outside the US, include country code.||Yes|
|License Number (if available)||No|
|License Key (if available)||License keys were used in AppAssure 5.4.1 and earlier. This is typically a string of 30 characters (6 groups of 5 numbers and upper-case alphabetic letters, separated by hyphens).||No|
|Machine ID||The name of the registered Core machine.||No|
|Service Tag (if available)||Enter the service tag if available.||No|
License Request Details
Indicate in this field that, per GDPR, you want a non-phone-home license to replace your phone-home license to protect your PII.
|License File||If you have a phone-home license, you can attach the license file.||No|
When you receive the non-phone-home license file, upload it to the Core server to register the license. For more information, see "Updating or changing a license" in the Rapid Recovery 6.3 Installation and Upgrade Guide.
This section describes the process of securing data in your environment using encryption keys and machine-level snapshot encryption settings.
The Rapid Recovery Core can encrypt snapshot data for all volumes within any repository using encryption keys that you define and manage from the Core Console.
Instead of encrypting the entire repository, Rapid Recovery lets you specify an encryption key for one or more machines protected on a single Rapid Recovery Core. Each active encryption key creates an encryption domain. There is no limit to the number of encryption keys you can create on the Core.
In a multi-tenant environment (when a single Core hosts multiple encryption domains), data is partitioned and deduplicated within each encryption domain. As a result, Quest recommends using a single encryption key for multiple protected machines if you want to maximize the benefits of deduplication among a set of protected machines.
You can also share encryption keys between Cores using one of three methods. One method is to export an encryption key as a file from one Rapid Recovery Core and import it to another Core. A second method is to archive data secured with an encryption key, and then import that archived data into another Rapid Recovery Core. The third method is to replicate recovery points from a protected machine using an encryption key. After you replicate protected machines, the encryption keys used in the source Core appear as replicated encryption keys in the target Core.
In all cases, once imported, any encryption key appears in the Core with a state of Locked. To access data from a locked encryption key, you must unlock it. For information about importing, exporting, locking or unlocking encryption keys, see the topic Managing encryption keys.
Key security concepts and considerations include:
Caution: Rapid Recovery takes a new snapshot whenever you apply an encryption key to a protected machine. A new snapshot is also triggered after you disassociate an encryption key for a protected machine.
Encryption keys generated from the Rapid Recovery Core are text files that contain four parameters, as described in the following table:
|Name||This value is equivalent to the key name given when adding a key in the Rapid Recovery Core Console.|
|Key||This parameter consists of 107 randomly generated English alphabetic, numeric, and mathematical operator characters.|
|ID||The key ID consists of 26 randomly generated upper-case and lower-case English characters.|
|Comment||The comment contains the text of the key description entered when the key was created.|
Rapid Recovery Core includes an encryption feature. You can encrypt all data in transport over a network. Quest recommends enabling this encryption setting when data between your Core and protected machines (or between two Cores such as for replication) must flow over the public or untrusted networks such as the internet.
While there is only a small performance cost involved in enabling this encryption, if your Cores and protected machines are within the confines of a private local area network, you can disable this option with confidence.
Please read the following information and adjust your environment accordingly.
By default, when protecting a machine using the Protect Machine wizard or the Protect Multiple Machines wizard, encryption for the data in transport over a network is enabled. If you select advanced options for the wizard, you can view the Encryption options. On the Encryption page of the wizard, if preferred, you can clear the option Encrypt the data in transport over a network.
NOTE: If you do not select Advanced options in the wizard, encryption for data in transport is enabled nevertheless.
After completing the relevant protection wizard, you can always enable or disable encryption for snapshot data by changing transfer settings at the machine level. Select the protected machine, click Settings, and under Transfer settings, for the setting Encrypt snapshot data, select Yes to enable encryption or select No to disable encryption during transport. For specific details, see Viewing and modifying protected machine settings .