HP Software manual Encryption and Compression, Cryptographic Algorithms

Page 40

7 Encryption and Compression

Encryption

Encryption is the process of changing data into a form that cannot be read until it is deciphered, protecting the data from unauthorized access and use. Company policy normally determines when encryption is required.

For example, your company may require encryption for company confidential and financial data, but not for personal data. Company policy will also define how encryption keys should be generated and managed.

Data Protector Express provides the ability to encrypt the data that is written to the media and fully implements the Advanced Encryption Standard (AES) for both hardware and software encryption.

Hardware encryption is supported on some backup devices, such as HP LTO-4 tape drives. Hardware encryption is faster than software encryption and requires no processing on the backup server. The encryption strength is determined by the backup device. HP LTO-4 and later generation tape drives always provide strong AES-256 encryption. This feature can be managed by a backup application that supports hardware encryption, such as Data Protector Express.

Software encryption uses the encryption algorithms available within Data Protector Express. You can select an encryption strength: Low 56 bit, Medium 128-bit or High 256-bit. Each encryption key size causes the algorithm to behave slightly differently. Increasing software encryption strength makes the data more secure, but requires more processing power.

Cryptographic Algorithms

Cryptographic algorithms are the basic components of cryptographic applications. As the complexity of the encryption algorithm increases, the information gets harder to read, and for software-based encryption, the load on the machine increases.

Software

Three cryptographic algorithms are provided. These three settings provide three levels of resistance which require progressively more CPU time to convert the same amount of data. The three options are for the software encryption mode only.

Low – DES 56-bit

Medium – AES 128-bit

High – AES 256-bit

Hardware

The cryptographic algorithm provided by hardware devices that provide hardware encryption is not under Data Protector Express control. The device provides access to configuration and operating parameters via a device-specific encryption method. In Data Protector Express, you can enable or disable hardware encryption, but you cannot adjust the encryption level or algorithm through the Data Protector Express interface. If the device supports multiple encryption algorithms, Data Protector Express will attempt to use the highest encryption algorithm supported on the device. If the device does not support encryption, you will be prompted with an alert saying that the device cannot be used because it does not support hardware encryption.

40 Encryption and Compression

Page 39 Page 41
Image 40
Page 39 Page 41
Contents Data Protector Express User Guide Acknowledgments Contents Disaster Recovery IndexConcepts OverviewTerminology Overview Simple, Immediate Backup Restore to a Different Location Restore to a Different Location Using the Administrator Administering BackupMain Window Property Pages Missing FeaturesOpening Property Pages Using Quick Access from Taskbar Viewing Data Protector Express statusManaging Data Protector Express Managing JobsSettings Monitoring jobsManaging Alerts Managing LogsAbout the Data Protector Express Service Other CommandsMicrosoft Windows and the Data Protector Express Server Linux and the Data Protector Express DaemonAbout the Data Protector Express Service Selecting Files Configuring Backup JobsSelecting Devices Schedule Settings ConfigurationEncryption Mode Settings Backup modeAuto verify mode Type of Fixed RotationWrite mode Split FileInterval Settings Auto format modeScheduled Dates Media to be usedAdvanced Settings Advanced OptionsSettings for Windows Log OptionsExecution Barcode FilterSelecting Files Configuring Restore and Verify JobsSelecting Versions Restoring a file with a new name Restoring foldersRestoring files and folders to a different folder Advanced Restore Options Advanced Verify Options Execution OptionsBarcode Filter Options Selecting Devices for Jobs Working With DevicesDevice Properties Device Commands Element statusWorking With Devices Device Commands Installation and Configuration Working with Tape LibrariesBarcode Filters Barcodes and MIC memory in cartridgeInitialization Process Sharing storage devices on a SAN Media ManagementBackup Schedule Considerations Scheduling, Rotations, and Media ManagementMedia Sets Scheduling ConceptsIntervals Implications for Restoring Data Media Rotation Types Running Jobs with Rotations Comparing rotation typesEncryption Encryption and CompressionCryptographic Algorithms Passphrase Encryption OptionsKey Management CompressionConfiguring a Microsoft Exchange Server Working with Third-Party ApplicationsMicrosoft Exchange Server Supported PlatformsBacking up Microsoft Exchange Server Restoring Microsoft Exchange Databases System-level Disaster Recovery Disaster Recovery with Microsoft Exchange ServerPreparing to Restore the Microsoft Exchange Server Restoring the Microsoft Exchange MTA Database Mailbox Backup and RecoveryRestoring Microsoft Exchange Databases Configuration Backing Up MailboxesRestoring Mailboxes RequirementsPowerShell Access Working with Microsoft SQL ServerSupported Exchange Server versions Mailbox PermissionsConfiguring the Microsoft SQL Server Microsoft SQL server conceptsBacking up Microsoft SQL Server Microsoft SQL Server Databases and the backup mode Restoring Microsoft SQL ServerRestoring Microsoft SQL Server user databases Restoring Microsoft SQL Server master databases Restoring Microsoft SQL Server 2000 master databasesStop the Data Protector Express and SQL Server services Create Database Alter DatabaseRestore the master database from the most recent backup Restart SQL Server in single-user modeRebuild the master database Apply changes to the master database Drop invalid databasesRestore the msdb database Start the Data Protector Express and SQL Server servicesRestoring Microsoft SQL Server 7 master databases Disk Mirror Disk Unmirror Disk Remirror Restart Microsoft SQL Server in single-user mode Drop invalid databases and database devices Windows SharePoint Services protection concepts Protecting Microsoft Windows SharePoint ServicesProtecting Windows SharePoint Services Restoring SharePoint Services Working with Certificate Services Using Disaster Recovery with Windows SharePoint ServicesBoot Media Disaster RecoveryImportant guidelines Preparing For a Disaster Advantage of Bootable Backup DevicesRestoring to dissimilar hardware Configuring Backups to Support Disaster Recovery Create bootable mediaTest the media Recovering From a Disaster Disaster Recovery with LibrariesDisaster Recovery Disaster recovery for Linux Disaster recovery for Windows 2003, Windows XP and earlierCompleting the Data Restore LimitationsBackup Domain Configuration Mail SettingsPerformance Settings Alert SettingsClient Upgrade Settings Setting a User PasswordDomain Security OptionsAdvanced Job Options Job Log optionsLog Type Log file formatsJob Pre-Post Execution Commands Pre Execution CommandsMail log AuditingBarcode Filters for Jobs Post Execution CommandsLogs Advanced Job Options Support and other resources Contacting HPRelated information Typographic conventionsDocumentation feedback Index Index VSS
Related manuals
Manual 1 pages 61.46 Kb Manual 1 pages 6.39 Kb
Top Page Image Contents