Release Note для Spectra Logic spectra t120
Chapter 12 – Configuring and Using Encryption
95
Chapter 12 – Configuring and Using Encryption
This chapter describes configuring and using BlueScale Encryption Basic Edition,
which is included with the Spectra T120 library. For information about using BlueScale
Professional Edition, see the BlueScale Encryption User Guide. This guide also provides
useful information about encryption best practices.
which is included with the Spectra T120 library. For information about using BlueScale
Professional Edition, see the BlueScale Encryption User Guide. This guide also provides
useful information about encryption best practices.
BlueScale Encryption Overview
BlueScale Encryption is tightly integrated into your Spectra library. Encryption can be
handled through the library’s encryption-enabled QIPs, if any are in use, and through
LTO-4 drives working with LTO-4 media. BlueScale encryption key management is
provided through the library’s user interface.
handled through the library’s encryption-enabled QIPs, if any are in use, and through
LTO-4 drives working with LTO-4 media. BlueScale encryption key management is
provided through the library’s user interface.
Note:
The encryption performed by encryption-enabled LTO-4 tape drives is not
compatible with the encryption performed by an encryption-enabled F-
QIP. If an encryption-enabled F-QIP and an encryption-capable LTO-4
drive are in the same partition, you must choose one type of encryption
or the other. You cannot use both types in the same partition.
compatible with the encryption performed by an encryption-enabled F-
QIP. If an encryption-enabled F-QIP and an encryption-capable LTO-4
drive are in the same partition, you must choose one type of encryption
or the other. You cannot use both types in the same partition.
The BlueScale Encryption system has two major components:
The encryption chip in the F-QIP or LTO-4 drive. Using hardware encryption makes
encryption extremely fast and places no burden on your network.
BlueScale Key Management software accessed through the library’s user interface,
either using the touch screen or a remote connection through a web browser.
Optionally, you can secure the web browser using SSL, which is part of the
Observatory suite of management tools.
Optionally, you can secure the web browser using SSL, which is part of the
Observatory suite of management tools.
Together, these components let you easily implement the strongest encryption
available, as recognized by the federal government: AES encryption using a 256-bit key.
BlueScale Encryption incorporates multiple layers of security, some of which are
discussed in this chapter. Others are technically implemented and invisible to the user.
available, as recognized by the federal government: AES encryption using a 256-bit key.
BlueScale Encryption incorporates multiple layers of security, some of which are
discussed in this chapter. Others are technically implemented and invisible to the user.
Site-Specific Decisions
To determine a BlueScale Encryption strategy appropriate for your site and your data,
decide on the security level appropriate for your site, and the amount and kinds of data
to encrypt. Then you can make some choices about how best to implement BlueScale
Encryption. The following sections describe considerations that affect how you
configure encryption.
decide on the security level appropriate for your site, and the amount and kinds of data
to encrypt. Then you can make some choices about how best to implement BlueScale
Encryption. The following sections describe considerations that affect how you
configure encryption.