Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ Security and Encryption Guide
  3. Section II. Encryption of data-in-transit
  4. Configuring data-in-transit encryption (DTE)
  5. View the DTE-specific attributes of a NetBackup image and an image copy
NetBackup™ Security and Encryption Guide

View the DTE-specific attributes of a NetBackup image and an image copy

Primarily, the global DTE mode and the client DTE mode decide whether the data-in-transit encryption takes place or not for a backup operation. If the data is encrypted during a backup operation, the DTE mode attribute of the associated NetBackup image is set to On.

Based on the global DTE mode and the client DTE mode, if the data cannot be encrypted during a backup operation, the DTE mode attribute of the image is set to Off.

See Modify the DTE mode on a backup image.

An image copy has two DTE-specific attributes:

Copy DTE mode

Specifies whether the data is transferred over a secure channel when the current image copy is created.

Copy Hierarchical DTE mode

Specifies whether the data is transferred over a secure channel when the current image copy and all its parent copies in the hierarchy are created.

If the data is transferred over an insecure channel when one of the parent copies in the hierarchy is created, the current copy's hierarchical DTE mode is set to Off.

If the copy hierarchical DTE mode is Off, the copy is said to be insecure. It indicates that any parent copy in the hierarchy can be compromised and copying from a compromised copy is not secure even if the current copy is generated securely.

Note:

The image DTE mode is always shown as Off if the media server that is involved in the data transfer is earlier than 9.1. Copy DTE and Copy Hierarchical DTE modes are always shown as Off if the media server that is involved in the data transfer is earlier than 10.0.

RESTful API to be used to view the image attributes:

  • GET - /catalog/images

  • GET - /catalog/images/{backupId}

To view the DTE attributes of an image and an image copy using the NetBackup web UI

  1. Sign in to the NetBackup web UI.
  2. On the left, select Catalog.

    When you search for backup images, the image list displays at the bottom of the screen. The DTE-specific attributes of the image and the image copy - Image DTE mode, Copy DTE mode, and Copy Hierarchical DTE mode - are also displayed.

To view the DTE attributes of an image and an image copy using the command-line interface

  • Use the following commands: bpimagelist, bpclimagelist and bpimmedia.

    For more details on the commands, see the NetBackup Commands Reference Guide.

To view the DTE attributes of an image using the NetBackup Administration Console

  • In the NetBackup Administration Console, see the following reports to verify the DTE mode (Data-in-transit encryption column) of the image:
    • NetBackup Management > Reports > Images on Media

    • NetBackup Management > Reports > Tape Reports > Images on Tape

    • NetBackup Management > Reports > Disk Reports > Images on Disk

Feedback

Was this page helpful?
Previous

View the DTE mode of a NetBackup job

Next

Configure the DTE mode on the media server

Feedback

Was this page helpful?