Manualshelf

BackBox H4.00 User Manual

ManualsBrandsHP ManualsServerHP Integrity NonStop J-Series
11121314151617181920
Product Description
18 BackBox H4.00 User Manual
The data is encrypted using IEEE 1619.1 (tape) industry standard algorithms before
it is sent to the Data Store. The encryption algorithm uses a 256 bit encryption key
stored in an external Key Management Server.
Encryption by BackBox software can be used with an HP Enterprise Security Key
Manager (ESKM) and can optionally be fully integrated with the NonStop Volume
Level Encryption (VLE) product. The backups created from Blade systems with
LTO4 and VLE can be restored by older systems with LTO3 or CART3480 emulations,
and vice-versa. When emulating LTO3 or CART3480, the BackBox VTC creates and
retrieves in an ESKM the same encryption keys a CLIM implementing VLE would do.
Encryption by BackBox software can also be used with any Key Management server
compatible to the OASIS Key Management Interoperability Protocol (KMIP)
standard.
IMPORTANT: For storage subsystems that implement data de-duplication, such as
Data Domain, BackBox data encryption MUST NOT BE USED. Encryption or
compression prevent de-duplication algorithms from matching re-occurring data
“chunks”, making de-duplication ineffective. For these subsystems, encryption
should be performed by the storage subsystems themselves.
More detail about encryption by BackBox software can be read in the Configuration
section in this manual.
Encryption by the storage subsystem
Encryption provided by the storage or operating system itself is not described in this
manual. Such encryption techniques are transparent to the BackBox software and
configuration.
For example, EMC offers optional capabilities for “data at rest” and “data in motion”
encryption on their Data Domain products.
IBM Tivoli Storage Manager (TSM API Data Stores and WINDISK Data Stores backed-
up to a TSM server) offers various encryption functionalities, as do other similar
enterprise backup products.
Virtualization / materialization of Virtual volumes
By using a physical tape drive attached to a BackBox VTC, it is possible to clone:
A NonStop-written physical tape to a virtual volume (virtualization)
A virtual volume to a NonStop-readable physical tape (“materialization)
This allows the migration of an collection of archived tapes to BackBox virtual tapes,
as well as the occasional production or acquisition of legacy physical media.
1) The physical tape drive(s) must be attached to a VTC Windows server.
Old model tape drives and auto-loaders are supported.
It is also possible to directly attach the VTC to a third-party Virtual tape subsystem
(e.g. HP VTS.)
2) Using the BackPak GUI, the operator requests the VTC to detect the attached
physical tape device(s), and assign them aliases in the Domain configuration.
See the VT Controller Advanced properties.