Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. Veritas NetBackup™ CloudPoint Install and Upgrade Guide
  5. Section I. CloudPoint installation and configuration
  7. Volume Encryption in NetBackup
  9. Volume encryption for AWS
Veritas NetBackup™ CloudPoint Install and Upgrade Guide

Volume encryption for AWS

You can encrypt disks in AWS using the following methods:

  • Default encryption, using Platform Managed Key (PMS).

  • Customer Managed Encryption Key (CMEK), using AWS KMS.

For more information on AWS encryption, see: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html

Table: Encryption for creating snapshots

Disk encryption

Snapshot encryption

Platform Managed Key (PMK)

Same PMK is used as the source disk.

CMEK

Same CMEK is used as the source disk.

Table: Encryption for restoring snapshots

Snapshot encryption

Restored disk encryption

PMK

Same PMK is used as the snapshot.

CMEK

Same CMEK is used as the snapshot.

Feedback

Was this page helpful?
Previous

Volume encryption for GCP

Next

Section II. CloudPoint maintenance

Feedback

Was this page helpful?