The TSM clients (including TDP's) can encrypt at AES 256. You take a hit on performance for both backup and restore; you need to also turn on compression on the client, as encrypted data can't be compressed by the tape drive.
If you want to encrypt using the backup client, I STRONGLY recommend you upgrade to 5.5, where the TSM server manages the keys for you. Prior to that level, you have to maintain the keys manually; if you lose the keys and have to go to a DR site, you won't get your data back. At 5.5, the keys are generated randomly and maintained in the TSM data base. (The TDP's have the keys managed by the TSM data base starting at 5.3; for regular clients, that feature starts at 5.5). A better/cleaner method is encrypting outboard in the hardware. Look into upgrading your drives to LTO4; then (with an additional feature code on your 3584) you can do the encryption outboard, with no performance hit. TSM can still maintain the keys for you, if you want, or you can use an external key manager that IBM provides. Whether or not you can encrypt data that goes to your VTL outboard depends on your VTL vendor. On 3/6/08, Bell, Charles (Chip) <[EMAIL PROTECTED]> wrote: > > I am wondering what level of encryption TSM has as an application, if at > all. > > > > > We are running v5.4.2.0 on the server. > > We have a 3584 with LTO1 and LTO2, with copies of both going offsite to > Iron > Mountain. > > We have a VTL emulating 3592 for onsite use. > > > > God bless you!!! > > Chip Bell > Network Engineer I > IBM Tivoli Certified Deployment Professional > Baptist Health System > Birmingham, AL > > > > > > > ----------------------------------------- > Confidentiality Notice: > The information contained in this email message is privileged and > confidential information and intended only for the use of the > individual or entity named in the address. If you are not the > intended recipient, you are hereby notified that any dissemination, > distribution, or copying of this information is strictly > prohibited. If you received this information in error, please > notify the sender and delete this information from your computer > and retain no copies of any of this information. >
