BakBone Blog

Quest NetVault Data Protection

Posts Tagged ‘encryption’

Encrypting all Backups vs. Job-Level Encryption with NetVault: Backup

Posted by Dawn renee Campbell on January 27, 2010

Dawn renee Campbell

  

You have selected the encryption algorithm you are going to use with the NetVault: Backup (NVBU) Encryption Plugin and have decided whether to encrypt your primary or secondary backups, but now you are not sure if you should encrypt all of your backups or use NVBU 8.5’s new job-level encryption feature.  

Prior to NVBU 8.5, your only option was to encrypt all the backups for the NVBU Server or a Heterogeneous Client where the NVBU Encryption Plugin is installed, but NVBU 8.5 gives you the ability to only enable encryption for specific jobs.  Understanding the benefits of both options will help you choose the best strategy for your environment.  

Encrypt all Backups  

The NVBU Server or Heterogeneous Client should only be configured to encrypt all its backups when  

  • All the NVBU Plugins installed on the NVBU Server or Heterogeneous Client are compatible with the Encryption Plugin
  • All backups from the NVBU Server or Heterogeneous Client require encryption
  • Primary and secondary backups require encryption
  • Backups will be targeted to NetVault: SmartDisk (NVSD) devices for deduplication

For a list of NVBU Plugins that are not compatible with the Encryption Plugin, refer to the NetVault: Backup Encryption Plugin Release Notes.  

Job-Level Encryption  

Job-level encryption for primary backups is beneficial when  

  • Not all the NVBU Plugins installed on the NVBU Server or Heterogeneous Client are compatible with the NVBU Encryption Plugin
  • Not all backups from the same NVBU Server or Heterogeneous Client require encryption
  • Primary backups do not require encryption while secondary backups for offsite protection do require encryption
  • Primary backups are targeted to NVSD devices for deduplication

Posted in BakBone North America | Tagged: , , , , , | Comments Off

Encrypting Primary Backup vs. Secondary Copy Backups with NetVault: Backup

Posted by Dawn renee Campbell on January 13, 2010

Dawn renee Campbell

You have the NetVault: Backup Encryption Plugin installed and have selected the algorithm you want to use. Now you are wondering if you should encrypt your primary backups, your secondary copy backups, or maybe you are not even sure of the difference between a primary backup and a secondary backup.

In NetVault: Backup 8.5 (NVBU 8.5), a backup job can be split into two distinct phases: primary backup and secondary copy. The primary backup is the back up of the data stream to the targeted backup device, while the secondary copy is a duplication or data copy of the primary backup to a different backup device, which is typically for offsite protection.

Unencrypted Primary Backup vs. Encrypted Secondary Copy Backup

Prior to NVBU 8.5, your only option was to encrypt both the primary backups and the secondary copy backups, but starting with NVBU 8.5, you can encrypt your primary backups, just the secondary copy backups or both your primary and secondary copy backups. Understanding the difference between the primary backups and secondary backups will help you choose the best strategy for your environment.

Typically the primary backup is performed to local disk-based backup devices such as NetVault: SmartDisk (NVSD) devices, virtual tape library (VTL) or shared virtual tape library (SVTL) to enable faster restores while the secondary copies are targeted to remote disk-based backup devices or physical tape libraries whose tapes are stored offsite for disaster recovery purposes.

Security requirements will typically dictate whether both the primary backups and the secondary copy backups require encryption. For example, if security requirements only require backups that leave the corporate network (such as those stored on physical tapes stored in a remote location) require encryption, then only encrypting the secondary copy backups that target the physical tape library is required. However, if security requirements dictate that data must be encrypted while it transfers across the network and/or while it is stored on a disk-based backup device, even though the disk-based backup device is located within the corporate network, then encrypting both the primary backup and secondary copy backup is required.

Encrypted data does not deduplicate well; therefore, encrypting only the secondary copy backup is beneficial when targeting primary backups to NVSD devices that have the deduplication option enabled. This enables users to take advantage of both encryption and deduplication by deduplicating the primary backup and encrypting the secondary copy.

In my next blog, we will discuss the difference between encrypting all your backups and using job-level encryption.

Related links:

Selecting an Encryption Algorithm to use with NetVault: Backup

Posted in BakBone North America | Tagged: , , , , , , , | Comments Off

Podcast – Spotlight on NetVault: Backup Featuring First Looks at NetVault: SmartDisk

Posted by Amber Winans on October 14, 2009

Dawn renee Campbell

Dawn renee Campbell

    
6 min 44 sec
 
In this technology spotlight podcast we talk to Senior Product Manager Dawn renee Campbell about NetVault: Backup 8.5 and the newly introduced NetVault: SmartDisk. Dawn discusses the new features in NetVault: Backup, including the new Hyper-V and encryption plugins and dives into the specifics of our new disk-based data protection and deduplication capabilities in NetVault: SmartDisk.
 
 

Posted in BakBone North America, Podcasts | Tagged: , , , , , , , , , , , , , , , , | Comments Off

 
Follow

Get every new post delivered to your Inbox.

Join 28 other followers