Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Security and Encryption Guide
  5. Section III. Encryption of data at rest
  7. External key management service
  9. Configuring KMS
NetBackup™ Security and Encryption Guide

Configuring KMS

To configure NetBackup KMS (NBKMS)

  • Run the following command:

    nbkmscmd -configureKMS -name configuration_name -type NBKMS -hmkId host_master_key_ID_to_identify_HMK_passphrase -kpkId key_protection_key_ID_to_identify_KPK_passphrase [-useRandomPassphrase 0 | 1] [-enabledForBackup 0 | 1] [-priority priority_of_KMS_server] [-server master_server_name] [-description description]

To configure external KMS

  • Run the following command:

    nbkmscmd -configureKMS -name configuration_name -type KMIP -port port_to_connect_to_external_KMS_server -kmsServerName network_name_of_external_KMS_server -credId credential_ID | -credName credential_name [-enabledForBackup 0 | 1] [-priority priority_of_KMS_server] [-server master_server_name] [-description description]

Feedback

Was this page helpful?
Previous

Deleting KMS credentials

Next

Listing KMS configurations

Feedback

Was this page helpful?