On Thu, 31 Aug 2006 14:45:20 -0400, Walt Farrell wrote: >Yes, there's a penalty (as encryption always costs something). But note >that the encryption does not happen in the host, and thus "offloading" >to zIIP/zAAP/whatever does not really apply. > >The encryption is in the drive (or controller?) itself, which has >several advantages: >(1) It should be able to work in conjunction with hardware compression >(compress, then encrypt). That would not be possible if the encryption >happened in the host before sending the data to the tape. > >(2) It works for more than just z/OS or System z. From the >announcement, it supports: IBM System z™, System i™, System p™, >System x™, and can be used with a wide range of Linux on System z, Sun, >and Hewlett Packard servers, and Linux-based servers, as well as >Intel®-compatible servers running Linux, Microsoft™ Windows 2000, or >Windows Server 2003.
I see a risk to sites that jump into it with both feet - there doesn't seem to be a method of Stand Alone Restore (SAR) from encrypted system volumes. (There never was much possibility of that though, correct?) I can't wait to hear about a site being required (by auditors, et al) to encrypt all backup copies - especially sensitive system volumes - and then not be able to restore under dire circumstances. Surely that's an issue raised and cured before now... ??? -- Tom Schmidt Madison, WI ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
