Configuring encryption for MSDP optimized duplication and replication
The OPTDUP_ENCRYPTION parameter in the pd.conf file on the MSDP host controls duplication and replication encryption for that host. The data that is encrypted during transfer remains encrypted on the target storage.
Use this procedure to configure encryption for optimized duplication and replication on MSDP storage servers and on MSDP load balancing servers. To ensure that encryption occurs for all optimized duplication and replication jobs, configure it on all MSDP servers.
By default, optimized duplication encryption is disabled on all MSDP hosts.
To configure replication and duplication encryption on an MSDP server
- Use a text editor to open the pd.conf file on the MSDP server.
The pd.conf file resides in the following directories:
(UNIX) /usr/openv/lib/ost-plugins/
(Windows) install_path\Veritas\NetBackup\bin\ost-plugins
- For the line that begins with #OPTDUP_ENCRYPTION, remove the pound sign ( or hash sign, #) in column 1.
- In that same line, replace the 0 (zero) with a 1.
Note:
The spaces to the left and right of the equal sign (=) in the file are significant. Ensure that the space characters appear in the file after you edit the file.
- On load balancing servers, ensure that the LOCAL_SETTINGS parameter is set to 1. Doing so ensures that the ENCRYPTION setting on the load balancing server is used.
- Save and close the file.
- Restart the NetBackup Remote Manager and Monitor Service (nbrmms) on the host.