You are of course correct. It is AES 128. My apologies! W
On 3/7/08, Michael Stempf <[EMAIL PROTECTED]> wrote: > > I believe TSM can only encrypt up to AES 128 & DES 56, I do not believe it > has been updated to support AES 256. > Michael > > > On Thu, Mar 6, 2008 at 10:03 AM, Wanda Prather <[EMAIL PROTECTED]> wrote: > > > The TSM clients (including TDP's) can encrypt at AES 256. You take a > hit > > on > > performance for both backup and restore; you need to also turn on > > compression on the client, as encrypted data can't be compressed by the > > tape > > drive. > > > > If you want to encrypt using the backup client, I STRONGLY recommend you > > upgrade to 5.5, where the TSM server manages the keys for you. Prior to > > that level, you have to maintain the keys manually; if you lose the keys > > and > > have to go to a DR site, you won't get your data back. At 5.5, the keys > > are > > generated randomly and maintained in the TSM data base. (The TDP's have > > the > > keys managed by the TSM data base starting at 5.3; for regular clients, > > that > > feature starts at 5.5). > > > > A better/cleaner method is encrypting outboard in the hardware. Look > into > > upgrading your drives to LTO4; then (with an additional feature code on > > your > > 3584) you can do the encryption outboard, with no performance hit. TSM > > can > > still maintain the keys for you, if you want, or you can use an external > > key > > manager that IBM provides. > > > > Whether or not you can encrypt data that goes to your VTL outboard > depends > > on your VTL vendor. > > > > > > On 3/6/08, Bell, Charles (Chip) <[EMAIL PROTECTED]> wrote: > > > > > > I am wondering what level of encryption TSM has as an application, if > at > > > all. > > > > > > > > > > > > > > > We are running v5.4.2.0 on the server. > > > > > > We have a 3584 with LTO1 and LTO2, with copies of both going offsite > to > > > Iron > > > Mountain. > > > > > > We have a VTL emulating 3592 for onsite use. > > > > > > > > > > > > God bless you!!! > > > > > > Chip Bell > > > Network Engineer I > > > IBM Tivoli Certified Deployment Professional > > > Baptist Health System > > > Birmingham, AL > > > > > > > > > > > > > > > > > > > > > ----------------------------------------- > > > Confidentiality Notice: > > > The information contained in this email message is privileged and > > > confidential information and intended only for the use of the > > > individual or entity named in the address. If you are not the > > > intended recipient, you are hereby notified that any dissemination, > > > distribution, or copying of this information is strictly > > > prohibited. If you received this information in error, please > > > notify the sender and delete this information from your computer > > > and retain no copies of any of this information. > > > > > >
