Hi Eric,
They will still be excluded from dedup:
"Data deduplication is disabled if the enablelanfree option is set.
Backup-archive client encrypted files are excluded from client-side
data deduplication. Files from encrypted file systems are also
excluded."
Source:
https://www.ibm.com/support/knowledgecenter/SSEQVQ_8.1.7/client/r_opt_dedup.html
-
Thanks,
Marc...
________________________________________________________
Marc Lanteigne
Spectrum Protect Specialist AVP / SRT
416.478.0233 | marclantei...@ca.ibm.com
Office Hours: Monday to Friday, 7:00 to 16:00 Eastern
Latest Servermon for Spectrum Protect:
http://www-01.ibm.com/support/docview.wss?uid=swg21432937
Performance Mustgather for Spectrum Protect:
http://www-01.ibm.com/support/docview.wss?uid=swg22013355
Spectrum Protect Blueprint: https://ibm.biz/BdHc6b
Follow me on: Twitter, developerWorks, LinkedIn
-----Original Message-----
From: Loon, Eric van (ITOP NS) - KLM <eric-van.l...@klm.com>
Sent: Friday, February 22, 2019 11:04 AM
To: ADSM-L@VM.MARIST.EDU
Subject: Re: [ADSM-L] Encrypt all data on a Windows client
Hi Marc,
I will turn on client dedup and compression for the few nodes that have to
use encryption.
Thanks for your reply!
Kind regards,
Eric van Loon
Air France/KLM Storage & Backup
-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L@VM.MARIST.EDU] On Behalf Of
Marc Lanteigne
Sent: vrijdag 22 februari 2019 15:03
To: ADSM-L@VM.MARIST.EDU
Subject: Re: Encrypt all data on a Windows client
Eric,
Just be aware that if you are backing up to a container pool, encrypted
files will not dedup. If that's the case, you may want to encrypt traffic
instead, and use at-rest encryption on the storage pool.
-
Thanks,
Marc...
________________________________________________________
Marc Lanteigne
Spectrum Protect Specialist AVP / SRT
-----Original Message-----
From: Andrew Raibeck <stor...@us.ibm.com>
Sent: Friday, February 22, 2019 09:57 AM
To: ADSM-L@VM.MARIST.EDU
Subject: Re: [ADSM-L] Encrypt all data on a Windows client
Hi Eric,
To encrypt all files:
include.encrypt *
You should also review the "encryptiontype" and "encryptkey" settings.
"encryptiontype aes256" enables the client's strongest encryption setting.
"encryptkey generate" uses a dynamically created encryption key that is
stored (in encrypted form) on the IBM Spectrum Protect server.
Additional reference:
https://www.ibm.com/support/knowledgecenter/SSEQVQ_8.1.7/client/c_bac_winencrypt.html
https://www.ibm.com/support/knowledgecenter/SSEQVQ_8.1.7/client/r_opt_encryptiontype.html#r_opt_encryptiontype
https://www.ibm.com/support/knowledgecenter/SSEQVQ_8.1.7/client/r_opt_encryptkey.html#r_opt_encryptkey
Best regards.
Andy
____________________________________________________________________________
Andrew Raibeck | IBM Spectrum Protect Level 3 | stor...@us.ibm.com
"ADSM: Dist Stor Manager" <ADSM-L@VM.MARIST.EDU> wrote on 2019-02-22
03:00:50:
> From: "Loon, Eric van (ITOP NS) - KLM" <eric-van.l...@klm.com>
> To: ADSM-L@VM.MARIST.EDU
> Date: 2019-02-22 03:02
> Subject: Encrypt all data on a Windows client Sent by: "ADSM: Dist
> Stor Manager" <ADSM-L@VM.MARIST.EDU>
>
> Hi guys,
> What would be the best include.encrypt statement(s) to be added to the
> dsm.opt when I want everything to be encrypted on a Windows client? So
> all data, including system state and no matter how many drives it has.
> Thanks for your help in advance!
> Kind regards,
> Eric van Loon
> Air France/KLM Storage & Backup
> ********************************************************
> For information, services and offers, please visit our web site:
> https://urldefense.proofpoint.com/v2/url?
> u=http-3A__www.klm.com&d=DwIFAg&c=jf_iaSHvJObTbx-
>
siA1ZOg&r=Ij6DLy1l7wDpCbTfcDkLC_KknvhyGdCy_RnAGnhV37I&m=vty8pvtGCRZw4zA1mkrsrnbb6-2WJCCNr8sd6YoUFQY&s=4ngg9LeCqSEZW9rBGXtK0NHf3KDwOi6U7R1Uh5RK8O4&e=
> . This e-mail and any attachment may contain confidential and
> privileged material intended for the addressee only. If you are not
> the addressee, you are notified that no part of the e-mail or any
> attachment may be disclosed, copied or distributed, and that any other
> action related to this e-mail or attachment is strictly prohibited,
> and may be unlawful. If you have received this e-mail by error, please
> notify the sender immediately by return e-mail, and delete this
> message.
>
> Koninklijke Luchtvaart Maatschappij NV (KLM), its subsidiaries and/ or
> its employees shall not be liable for the incorrect or incomplete
> transmission of this e-mail or any attachments, nor responsible for
> any delay in receipt.
> Koninklijke Luchtvaart Maatschappij N.V. (also known as KLM Royal
> Dutch Airlines) is registered in Amstelveen, The Netherlands, with
> registered number 33014286
> ********************************************************
>
********************************************************
For information, services and offers, please visit our web site:
https://urldefense.proofpoint.com/v2/url?u=http-3A__www.klm.com&d=DwIFAg&c=jf_iaSHvJObTbx-siA1ZOg&r=hMBqtRSV0jXgOdXEmlNk_-O9LHkPCGSh9PJBRSlL8Q4&m=tzCa7GyntHyF_gYH0eg7fbVDNb-yIdtzaNNorkGddKs&s=WeVfkwoNkZdwAt6tG5DckVL0T-nqg72COjh2zxDH-Mw&e=.
This e-mail and any attachment may contain confidential and privileged
material intended for the addressee only. If you are not the addressee, you
are notified that no part of the e-mail or any attachment may be disclosed,
copied or distributed, and that any other action related to this e-mail or
attachment is strictly prohibited, and may be unlawful. If you have
received this e-mail by error, please notify the sender immediately by
return e-mail, and delete this message.
Koninklijke Luchtvaart Maatschappij NV (KLM), its subsidiaries and/or its
employees shall not be liable for the incorrect or incomplete transmission
of this e-mail or any attachments, nor responsible for any delay in
receipt.
Koninklijke Luchtvaart Maatschappij N.V. (also known as KLM Royal Dutch
Airlines) is registered in Amstelveen, The Netherlands, with registered
number 33014286
********************************************************
