We are starting to make more use of TSM Encryption. There is a
combination of features that appears to leave a security gap.
We have decided to use ENCRYPTKEY GENERATE, because it provides what is
in effect encryption key escrow. We require key escrow whenever
encryption is used for university
Hi Del,
That's very much appreciated!
Best,
Ruth
U of I, Urbana, IL
-Original Message-
From: ADSM: Dist Stor Manager [mailto:ADSM-L@VM.MARIST.EDU] On Behalf Of Del
Hoobler
Sent: Monday, March 16, 2015 5:57 AM
To: ADSM-L@VM.MARIST.EDU
Subject: Re: [ADSM-L] Old Technote: TSM encry
chell, Ruth Slovik"
> To: ADSM-L@VM.MARIST.EDU
> Date: 03/12/2015 05:57 PM
> Subject: Old Technote: TSM encryption compliance with FIPS 140-2
> Sent by: "ADSM: Dist Stor Manager"
>
> Hi All,
>
> I know we all grapple with outdated online documentation from time
Hi All,
I know we all grapple with outdated online documentation from time to time.
Does anyone have a suggestion for the best way to request IBM update an out of
date technote? I've already submitted feedback via the 'rate this page' link.
Is it better to open a service request? To me that see
-
From: ADSM: Dist Stor Manager [mailto:ADSM-L@VM.MARIST.EDU] On Behalf Of
Steven Langdale
Sent: Thursday, March 22, 2012 5:10 PM
To: ADSM-L@VM.MARIST.EDU
Subject: Re: [ADSM-L] More tsm encryption questions
Well, there you go. you're spot on there Bill!
I'm struggling to see what use generate
MARIST.EDU] On Behalf
> Of Steven Langdale
> Sent: Thursday, March 22, 2012 2:21 PM
> To: ADSM-L@VM.MARIST.EDU
> Subject: Re: [ADSM-L] More tsm encryption questions
>
> They restored because the client had an encryption key, delete that,
> or possibly the encryptiontype line
gt; those that don't." - ??
>
>
>
>
> -Original Message-
> From: ADSM: Dist Stor Manager [mailto:ADSM-L@VM.MARIST.EDU] On Behalf Of
> Steven Langdale
> Sent: Thursday, March 22, 2012 2:21 PM
> To: ADSM-L@VM.MARIST.EDU
> Subject: Re: [ADSM-L] Mor
[mailto:ADSM-L@VM.MARIST.EDU] On Behalf Of
Steven Langdale
Sent: Thursday, March 22, 2012 2:21 PM
To: ADSM-L@VM.MARIST.EDU
Subject: Re: [ADSM-L] More tsm encryption questions
They restored because the client had an encryption key, delete that, or
possibly the encryptiontype line and you will be prompted
They restored because the client had an encryption key, delete that, or
possibly the encryptiontype line and you will be prompted for it.
As for testing to see if they ARE encrypted, i think the client may say
with a q backup (but not sure). The test I used was to try a restore after
I had remove
Ok. Think I have encryption working.
Tried the following experiment.
1. Added these lines to dsm.opt
encryptiontype aes128
encryptkey generate
include.encrypt "c:\Documents and Settings\glee.BSU\My Documents\crypt\...\*"
2. did an incremental backup to pick up the crypt folder just created and
I checked my TSM server with this command
"q devclass f=d"
and it shows the Driver Encryption is set ON.
So I know that my TSM server is using AME method to encrypt the data
But any prerequisite and configure steps to achieve it?
+--
1)Any prerequisite or condition require before the data been encrypted such as
according to my understanding, TSM is a storage manager server, so any driver
or software need to install or configure to enable the encryption method either
by client side or driver side?
2) According to the informa
On Aug 1, 2011, at 10:59 PM, terrance wrote:
> So What you mean is TSM server don't has its own encryption instead help by
> the driver or client side encryption?
> ...
The Administrator's Guide for your given TSM release will describe encryption
opportunities available from the standpoint of t
So What you mean is TSM server don't has its own encryption instead help by the
driver or client side encryption?
1) What i mean is that when data store inside the storage, any encryption step
will run in this stage before it backup into a tape?
2) Will it possible a TSM server using both encryp
Manager [ADSM-L@VM.MARIST.EDU] On Behalf Of Richard Sims
[r...@bu.edu]
Sent: Monday, August 01, 2011 8:10 PM
To: ADSM-L@VM.MARIST.EDU
Subject: Re: [ADSM-L] Verifying IBM TSM Encryption types
TSM client encryption can be verified per IBM Technote 1303197.
Tape drive encryption is a hardware topic
TSM client encryption can be verified per IBM Technote 1303197.
Tape drive encryption is a hardware topic addressed by the documentation for
the particular drive model, as in recent 3592 model variants.
Richard Sims
How can I retrieve all the information about the what kind of encryption method
or type is using on my TSM server?
What I mean is how to check the backup data and store into a tape whether
encrypted or not?
Isn't it related to the default encrypted method AES 128 or alternative
encrypted method
ADSM: Dist Stor Manager [mailto:[EMAIL PROTECTED] On Behalf Of
William Boyer
Sent: Wednesday, December 05, 2007 9:56 AM
To: ADSM-L@VM.MARIST.EDU
Subject: [ADSM-L] Anyone doing TSM Encryption on TS1120's in a 3494 tape
library??
Looking for help...TSM 5.4.1.1 on WIndows2003 running the lates
Looking for help...TSM 5.4.1.1 on WIndows2003 running the latest IBM tape
driver. The library and drives are at the latest firmware
as of about 2-weeks ago. The drives have application encryption enabled. This
was done through the CE interface on the back of the
drives. A query of the drive VPD d
lf Of
Kelly Lipp
Sent: Monday, August 13, 2007 4:20 PM
To: ADSM-L@VM.MARIST.EDU
Subject: [ADSM-L] LTO4 and TSM Encryption of Storage Pool Volumes and DB
Backup Tapes
Folks,
I'm trying to plug the hole in the system here. With TSM V5.3.5.2 and
5.4.0.2 LTO4 drives and their encryption functio
Folks,
I'm trying to plug the hole in the system here. With TSM V5.3.5.2 and
5.4.0.2 LTO4 drives and their encryption functionality can finally be
exploited at the application level. Within TSM, we use device classes
to enable this. So I'm thinking one could have one device class
supporting en
x27;zero' - for example :
> >>by renaming the filespace on the server
> >>at the time changing the hostname ?
> >>
> >>Thanks again for any hints !
> >>-- that is something really confusing to me :-|
> >>
> >>Rainer
> >>
!
-- that is something really confusing to me :-|
Rainer
Alexei Kojenov schrieb:
Rainer,
You need to make TSM client prompt you for encryption key password on
the
next backup after you changed the hostname. The only way to do this is
to
rename/remove the existing TSM.PWD file (this i
prompt you for encryption key password on
the
> > next backup after you changed the hostname. The only way to do this is
to
> > rename/remove the existing TSM.PWD file (this is the file where TSM
client
> > stores its passwords). You should rename this file rather than delete
it
e/remove the existing TSM.PWD file (this is the file where TSM client
stores its passwords). You should rename this file rather than delete it,
in case you have problems and want to revert.
Alexei
---
Dear TSmers,
we have tsmserver 5.3.3.2 /solaris and tsm-Client 5.3.4.0 /lin
delete it,
in case you have problems and want to revert.
Alexei
---
Dear TSmers,
we have tsmserver 5.3.3.2 /solaris and tsm-Client 5.3.4.0 /linux.
On the Client we use tsm-encryption :
The 'nodename' Option is set in the dsm.sys and also the
'encryptkey save'
Dear TSmers,
we have tsmserver 5.3.3.2 /solaris and tsm-Client 5.3.4.0 /linux.
On the Client we use tsm-encryption :
The 'nodename' Option is set in the dsm.sys and also the
'encryptkey save' OPtion is set and 'encryptiontype AES128' is also set.
The inc
Unfortunately no, we have been searching and can not find in the HIPAA documentation
the level of encryption required, just that it is required.
David Jelinek
> -Original Message-
> I would recommend that you open a requirement against the product for
> stronger encryption. By the w
Jim,
I would recommend that you open a requirement against the product for
stronger encryption. By the way, what are the HIPAA requirements as they
relate to data encryption? Are these well documented?
Thanks,
Jim Smith
TSM development
>>>
Hello Jim
Follow up question,
Can you ask if the
Hello Jim
Follow up question,
Can you ask if there is anyway for us to get clients that do stronger
encryption, eg tripledes? If not, are there plans in the future to offer
strong encryption? This relates to the HIPAA requirements that are coming.
Thanks again.
Jim Sporer
At 10:32 AM 9/26/2
Jim,
Thanks for the info.
Jim Sporer
At 10:32 AM 9/26/2002 -0700, you wrote:
>Jim,
>
>The TSM Backup/Archive client uses 56-bit DES encryption.
>
>Thanks,
>Jim Smith
>TSM Development
>
> >>>
>Does anyone know what level of encryption is done when using the INCLUDE
>ENCRYPTION option in your dsm.o
Jim,
The TSM Backup/Archive client uses 56-bit DES encryption.
Thanks,
Jim Smith
TSM Development
>>>
Does anyone know what level of encryption is done when using the INCLUDE
ENCRYPTION option in your dsm.opt file? Is it DES, triple DES or what?
Jim Sporer
[EMAIL PROTECTED]
Does anyone know what level of encryption is done when using the INCLUDE
ENCRYPTION option in your dsm.opt file? Is it DES, triple DES or what?
Jim Sporer
[EMAIL PROTECTED]
Hi everyone.
For those who don't remember this discussion a few months ago here is some
update.
A few months ago we had a chance to offer TSM to one of the largest company
here. Soon it became obvious that security where a large concern to them.
They asked a lot of Encryption questions witch we
-by step guide to
> implementing TSM encryption for backup and archive ??
>
> As noticed by somebody else in this list the documentation for this
> function in the manuals is extremely light.
>
> Even a quick process outline by someone who has implemented TSM encryption
> would be ap
Hi There,
Just wondering if anybody has written or knows of a step-by step guide to
implementing TSM encryption for backup and archive ??
As noticed by somebody else in this list the documentation for this
function in the manuals is extremely light.
Even a quick process outline by someone who
36 matches
Mail list logo
