Veritas NetBackup™ AdvancedDisk Storage Solutions Guide
- Introducing AdvancedDisk
- Licensing AdvancedDisk
- Configuring AdvancedDisk
- Configuring the AdvancedDisk option
- About AdvancedDisk file system requirements
- Configuring credentials for CIFS storage and disk storage units
- About AdvancedDisk storage servers
- About AdvancedDisk data movers
- About AdvancedDisk preferred or required read servers
- About data encryption for AdvancedDisk storage
- About key management for encryption of NetBackup AdvancedDisk storage
- Configuring key management for NetBackup AdvancedDisk storage encryption
- Configuring an AdvancedDisk storage server
- About AdvancedDisk disk pools
- Configuring a CIFS disk volume for AdvancedDisk encryption
- Configuring an AdvancedDisk disk pool
- Configuring an AdvancedDisk storage unit
- About storage lifecycle policies
- Creating a storage lifecycle policy
- Creating a backup policy
- Resilient Network properties
- Specifying resilient connections
- Managing AdvancedDisk
- Managing AdvancedDisk storage servers
- Managing AdvancedDisk disk pools
- Viewing AdvancedDisk disk pools
- About changing the AdvancedDisk disk pool size
- Adding volumes to an AdvancedDisk disk pool
- Changing AdvancedDisk disk pool properties
- Determining AdvancedDisk disk pool state
- Changing AdvancedDisk disk pool state
- Determining AdvancedDisk disk volume state
- Changing AdvancedDisk disk volume state
- Merging AdvancedDisk disk pools
- Removing a volume from an AdvancedDisk disk pool
- Inventorying a NetBackup disk pool
- Deleting an AdvancedDisk disk pool
- About monitoring AdvancedDisk storage capacity and usage
- Monitoring NetBackup disk activity
- Viewing AdvancedDisk disk reports
- Displaying detailed AdvancedDisk storage usage information
- Displaying KMS key information for AdvancedDisk encryption
- Toubleshooting AdvancedDisk
About key management for encryption of NetBackup AdvancedDisk storage
NetBackup uses the Key Management Service (KMS) to manage the keys for the data encryption for disk storage. KMS is a NetBackup master server-based symmetric key management service. The service runs on the NetBackup master server. An additional license is not required to use the KMS functionality.
NetBackup uses KMS to manage the encryption keys for AdvancedDisk storage.
See About data encryption for AdvancedDisk storage.
The following table describes the encryption keys that are required for the KMS database.
Table: Encryption keys required for the KMS database
Key | Description |
|---|---|
Host Master Key | The Host Master Key protects the key database. The Host Master Key requires a pass phrase and an ID. KMS uses the pass phrase to generate the key. |
Key Protection Key | A Key Protection Key protects individual records in the key database. The Key Protection Key requires a pass phrase and an ID. KMS uses the pass phrase to generate the key. |
The following table describes the encryption keys that are required for each storage server and volume combination.
Table: Encryption keys required for each storage server and volume combination
Key | Description |
|---|---|
A key group | A key group key protects the key group. Each storage server and volume combination requires a key group, and each key group key requires a pass phrase. The key group name must use the format for the storage type that is described as follows: For AdvancedDisk storage, the format depends on the operating system type that hosts the storage, as follows:
|
A key record | Each key group that you create requires a key record. A key record stores the actual key that protects the data for the storage server and volume. |
See Configuring key management for NetBackup AdvancedDisk storage encryption.
More information about KMS is available in the NetBackup Security and Encryption Guide: