- Sun Storage Virtual Tape Library VTL User Guide

ManualsBrandsSun Microsystems ManualsNetwork RouterVirtual Tape Library

141

142

143

144

145

146

147

148

149

150

Encrypting and shredding data

128 VTL User Guide • May 2008 G • 96267

Eachkeyconsistsofasecretphrase.For addit ion alsecurity,eachkeyispassword‐

protected . Youmustprovidethispasswordin ordertochangethekeyname,

password,orpasswordhint,ortodeleteorexportthekey.

Youcanapplyasinglekeytoallvi rt u altapeswhenyouexport

themtophysical

tape,oryoucancreateauniquekeyforeachone.Creatingmultiplekeysprovides

moresecurity;intheunlikelyeventthat akeyiscompromised,onlythetapesthat

usethatkeywouldbeaffected. However,ifyouusemultiplekeys,youmustkeep

trackofwhich

ke yappliestoeachtapesothat youusethecorrectkeytodecryptthe

datawhenyou impo rtthephysicaltapeback tovirtualtape.

Note:Ifyouapplyanincorrectkeywhenimportinga tape,thedataimpo rtedfrom

thattapewillbeindecipherable.

Onceyouhavecreatedone

ormorekeys,you canexportthemto aseparatefile

calledakeypackage.Ifyou se nd encryptedtapestootherlocationsthatrunVTL,

youcanalsosend themthekeypackage.Byimportingthekeypackage,

administratorsattheothersitescanthendecryptthetapeswhenthey

areimported

backintovirtualtapelibraries manage dbyVTL.

Youcanenableencryptionandspecifywhichkeytousewh enyoueithermanually

importorexportatapeorwhenyouusetheauto‐archive/replicationfeature.

Forinstructions,seethefollowing:

■ “Creatinga ke y”onpage 128

■ “Changinga key name orpassword”onpage 129

■ “Deletingakey”onpage 130

■ “Exportingakey”onpage 131

■ “Importinga key” onpage 132

■ “Shreddingavirtualtape”onpage 133.

▼ Creatinga key

1. Inthenavigationtree,right‐clicktheservernameandclickKey Management.

2. ClickNew.

3. IntheKey Name textbox(

A below),typeauniquenameforthekey(1–32

characters).

4. IntheSecret Phrase textbox(

B below),type thephrase(25–32characters,

includingnumbersandspaces)thatwillbeusedtoencryptthedata.

Saveyoursecretphrase.Onceyouhavecre ate dakey,youcannotchangethesecret

phraseassociatedwiththatkey.