Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ Security and Encryption Guide
  3. Section III. Encryption of data at rest
  4. External key management service configuration in NetBackup
NetBackup™ Security and Encryption Guide

External key management service configuration in NetBackup

This section includes the following topics:
  • About external KMS

  • Certificate configuration and authorization

  • Workflow for external KMS configuration

  • Validating KMS credentials

  • Configuring KMS credentials

  • Configuring KMS

  • Configuring keys in an external KMS for NetBackup consumption

  • Creating keys in an external KMS

  • Determining a key group name during storage configuration

  • Working with multiple KMS servers

  • Working with external KMS during backup and restore

  • Checking the compatibility of KMS vendor with NetBackup

  • Key rotation

  • Disaster recovery when catalog backup is encrypted using an external KMS server

  • Alerts for expiration of KMS credentials

Feedback

Was this page helpful?
Previous

Troubleshooting example - restore with an improper key record state

Next

About external KMS

Feedback

Was this page helpful?