Encrypted Volume and File System v2.0 Administrator Guide HP-UX 11i v3
Figure 1 EVFS architecture
Features and benefits
EVFS protects data by encrypting data volumes to protect data at rest – data on disks. You can
also use EVFS to create encrypted backup media. EVFS prevents anyone who gains unauthorized
physical access to storage media from reading or using the data.
EVFS creates EVFS volumes, which are pseudo-devices (or virtual devices) layered on Logical
Volume Manager (LVM), Veritas Volume Manager (VxVM), or physical volume devices. You can
use the newfs command to create a file system on an EVFS volume just as you would create a
file system on an LVM, VxVM, or physical volume. The EVFS subsystem encrypts data written to
an EVFS volume and decrypts data read from an EVFS volume as needed.
EVFS provides the following features:
• Data protection that is file-system independent.
When configured in volume mode (EVS), EVFS supports all disk file system types that can be
mounted on a LVM, VxVM, or physical volume, including High Performance File System (HFS)
and Veritas File System (VxFS, also referred to as Journaled File System, or JFS). EFS mode
only supports HFS and VxFS.
• Application transparency.
EVFS volumes are implemented as pseudo-devices below the HP-UX file system. No changes
to applications are necessary. When configured in volume mode (EVS), EVFS is compatible
with network file sharing utilities, such as Network File System (NFS) and Common Internet
File System (CIFS), and with network file access utilities, such as File Transfer Protocol (FTP)
and remote copy (rcp).
14 Overview