Executive Summary
For enterprise customers, backing up and restoring data stored on HP-UX Encrypted Volume and File Systems (EVFS) volumes are critical. However, the available native backup tools such as cpio and dd pose some limitations. To overcome these limitations and to offer a reliable, easy, and efficient method to back up and restore data on HP-UX EVFS volumes, HP recommends using the HP OpenView Storage Data Protector 6.0 (Data Protector) software.
This white paper describes how to back up and restore critical data stored on HP-UX EVFS volumes using HP OpenView Storage Data Protector. It discusses two successfully tested scenarios for backing up and restoring data, and one scenario for backing up and restoring keys of the HP-UX EVFS volumes. It also discusses the limitations of the available native backup tools, such as cpio and dd.
Introduction
HP-UX EVFS protects data at rest (data on disks) by encrypting the data volumes. You can also use HP-UX EVFS to create an encrypted backup media. It prevents anyone who gains unauthorized physical access to the storage media from reading or using the data. HP-UX EVFS creates EVFS volumes, which are pseudo-devices (or virtual devices) layered on Logical Volume Manager (LVM), Veritas Volume Manager (VxVM), or physical volume devices. The HP-UX EVFS subsystem encrypts the data written to an HP-UX EVFS volume, and decrypts data read from an HP-UX EVFS volume per the requirements.
The operations to back up and restore large volumes of encrypted data on EVFS volumes must be carried out without any loss of critical data, or data corruption. Existing solutions, such as cpio and dd, which back up and restore data on EVFS volumes do not meet some of the specific backup requirements, such as backing up of large volumes of data across multiple tapes and incremental backups. The HP OpenView Storage Data Protector 6.0 (Data Protector), on the other hand, provides reliable data protection while supporting effective disk image (raw disk) backups. The Data Protector software also enables you to take full and incremental backup of data.
HP successfully tested the following: full volume backup of encrypted data from an HP-UX EVFS volume to a tape device; restoring the backed up data from a tape device; file level incremental back up of data on an HP-UX EVFS volume; restoring the file level incremental backed up data to an HP-UX EVFS volume; and backing up and restoring keys of an HP-UX EVFS volume. Based on these tests, HP has devised systematic procedures to perform these tasks using HP OpenView Storage Data Protector. This white paper describes how to perform these tasks.
The tasks described in this white paper were tested using the Disk Image (rawdisk) Backup and File System Backup feature supported by Data Protector. The backup media used were tape devices and file library devices. Disk image backup was used to back up raw encrypted volumes to a tape device. File system backup was used to perform full and incremental backup of data on an HP-UX EVFS volume. File system backup was also used to back up the keys of an HP-UX EVFS volume.
Limitations of Native Data Backup and Restore Tools on HP-
UX EVFS
This section discusses the limitations of native backup tools, such as dd and cpio, when backing up or restoring data on HP-UX EVFS volumes.
Following are the limitations of using dd to back up and restore data on HP-UX EVFS volumes:
1