Manualshelf

BackBox H4.00 Tape Encryption Option

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series
31323334353637383940
Configuration
32 BackBox H4.00 Tape Encryption
o Select a VT Controller ID in the drop-down list. ATTENTION:
Check the displayed number of Encryption Devices: a VTC must be
licensed for at least one encryption device to be functional.
o Enter the User ID to be used by the VTC to login to Key Manager.
o Enter the Password to be used by the VTC to login to Key Manager.
o Enter the Key Pass-phrase need by the VTC to access the private
key for the TLS/SSL communication channel with the Key
Manager.
o Enter TLS Configuration Files Location where digital certificate and
private key have been install. (ClientCert.pem, ClientKey.pem
and CACert.pem).
o Repeat for all other VTC Client needed to be attached to the Key
Manager ID
Remark: above information should be same information collected in previous
Key Manager and VTC Configuration prerequisites.
Click on the Save link
Enabling encryption in a Volume Group
ATTENTION: Toggling encryption ON and OFF affect subsequence usage virtual
volume member of the Volume Group. It is recommend to minimize number of users
who can update the BackBox configuration to avoid disabling the tape encryption by
mistake, i.e. to protect the BBSVCFG NSK file. See Access to the NSK files in the
BackPak installation sub volume” in the BackBox User Manual
.
ATTENTION: Encrypting data will protect the data from external system access, but
it will not protect the access to media from a tape application running in the
NonStop. If user segregation needs to be done Control access from Volume Group
advanced attributes should be enabled. See “Control of Access to Virtual Volumes” in
the BackBox User Manual
.
Logon to the BackPak UI interface
Select the Configuration menu and select the Switch to Edit mode