About the data channel
Data communication consists of the data that is backed up using NetBackup. The security policies require the Backup Administrators to ensure that the channel on which NetBackup clients send metadata and data to NetBackup servers be secure. In NetBackup 10.0 and later, the data and metadata are encrypted over the wire. This feature is referred to as data channel encryption or data in-transit encryption (DTE).
The following channels are classified as data channels:
Tar stream - client to media server: Over this channel, the tar / data stream flows between the client and the media server. During a backup operation, the media server receives the data from the client and sends it to storage (for example, an OST plug-in). The direction is reversed during a restore.
Tar stream - media server to media server: This channel is used during duplication.
Catalog information - client to media server: Over this channel, the catalog information and control commands are transferred between the client and the media server. The amount of data that is transmitted over this channel is proportional to the number of files and directories that are part of the backup. The media server sends the catalog information that the client has sent to the primary server.
Catalog information - media server to primary server: Over this channel, the catalog information is transferred from the media server to the primary server.
Note:
In case of fresh NetBackup 10.3 installation, the data in-transit encryption is set to Preferred On by default. In case of upgrade, the previous setting is retained.
You can configure data in-transit encryption at various levels: global level (primary server-level) and client level.