Comparison of encryption options
The following NetBackup options exist for data at rest encryption:
NetBackup client encryption, with standard encryption
NetBackup client encryption, with legacy encryption
Third-party encryption appliances and hardware devices
The following table shows the available encryption options along with their potential advantages and disadvantages.
Table: Encryption options comparison
Encryption option | Potential advantages | Potential disadvantages |
|---|
Client encryption, standard encryption
See Configuring standard encryption on clients.
| The encryption key is on the client computer and not controlled by the NetBackup administrator Can be deployed without affecting the NetBackup primary and media servers Can be deployed on a per client basis
| The encryption key on the client does not scale well to environments where each client must have a unique encryption key and individual encryption key Encryption and compression taking place on the client can affect client performance
|
Client encryption, legacy encryption
See Configuring legacy encryption on clients. | Same advantages as client encryption with standard encryption. | Same disadvantages as client encryption with standard encryption. |
Third-party encryption appliances and hardware devices
|
| The NetBackup Compatibility lab tests some of these solutions. This testing is neither an endorsement or rejection or a particular solution. This effort verifies that basic functionality was verified when used with a specific version of NetBackup. No integration with NetBackup configuration, operation, or diagnostics. The Disaster recovery scenario is provided by the appliance or device.
|
