Dell PowerVault TL4000 Dell PowerVault ML6000 Encryption Key Manager User's - Page 14

Managing Encryption, Configuration files, Tape drive table, KeyGroups.xml file - password

Get Dell PowerVault TL4000 PDF manuals and user guides View all Dell PowerVault TL4000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 14 highlights

Considerations" on page 2-3. It is impossible to overstate the importance of preserving your keystore data. Without access to your keystore you will be unable to decrypt your encrypted tapes. Please carefully read the topics below to understand the methods available for protecting your keystore data. Configuration files The configuration files allow you to customize the behavior of the Encryption Key Manager to meet the needs of your organization. These behavioral choices are described extensively in this document, first in Chapter 2, "Planning Your Encryption Key Manager Environment," on page 2-1, then in the Chapter 4, "Configuring the Encryption Key Manager," on page 4-1, and later in Appendix B where the full set of configuration options is described. Tape drive table The tape drive table is used by the Encryption Key Manager to keep track of the tape devices it supports. The tape drive table is a non-editable, binary file whose location is specified in the configuration file. You can change its location to meet your needs. KeyGroups.xml file This password-protected file contains the names of all encryption key groups and the aliases of the encryption keys associated with each key group. Encryption Key Manager Generates encryption keys and manages their transfer to and from tape devices Config File Records Keystore location and defines Encryption Key Manager behavior a14m0234 Holds public/private key pairs and certificates Key store Key Groups Organizes encryption keys into groups Figure 1-1. The Encryption Key Manager's four main components Drive Table Tracks which tape devices Encryption Key Manager supports Managing Encryption The Dell Encryption Key Manager is a Java™ software program that assists encryption-enabled tape drives in generating, protecting, storing, and maintaining encryption keys that are used to encrypt information being written to, and decrypt information being read from, tape media (tape and cartridge formats). The Encryption Key Manager operates on Linux (SLES and RHEL) and Windows, and is designed to run in the background as a shared resource deployed in several 1-2 Dell Encryption Key Mgr User's Guide

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
Considerations” on page 2-3.
It is impossible to overstate the importance of preserving your keystore data.
Without access to your keystore you will be unable to decrypt your
encrypted tapes. Please carefully read the topics below to understand the
methods available for protecting your keystore data.
Configuration files
The configuration files allow you to customize the behavior of the
Encryption Key Manager to meet the needs of your organization. These
behavioral choices are described extensively in this document, first in
Chapter 2, “Planning Your Encryption Key Manager Environment,” on
page 2-1, then in the Chapter 4, “Configuring the Encryption Key
Manager,” on page 4-1, and later in Appendix B where the full set of
configuration options is described.
Tape drive table
The tape drive table is used by the Encryption Key Manager to keep track
of the tape devices it supports. The tape drive table is a non-editable,
binary file whose location is specified in the configuration file. You can
change its location to meet your needs.
KeyGroups.xml file
This password-protected file contains the names of all encryption key
groups and the aliases of the encryption keys associated with each key
group.
Managing Encryption
The Dell Encryption Key Manager is a Java
software program that assists
encryption-enabled tape drives in generating, protecting, storing, and maintaining
encryption keys that are used to encrypt information being written to, and decrypt
information being read from, tape media (tape and cartridge formats). The
Encryption Key Manager operates on Linux (SLES and RHEL) and Windows, and
is designed to run in the background as a shared resource deployed in several
Key
store
Drive
Table
Holds public/private key
pairs and certificates
Tracks which tape
devices
supports
Encryption Key
Manager
Records Keystore location and
defines
behavior
Encryption Key
Manager
Generates encryption keys
and manages their transfer
to and from tape devices
a14m0234
Key
Groups
Config
File
Organizes
encryption
keys into
groups
Encryption Key Manager
Figure 1-1. The Encryption Key Manager’s four main components
1-2
Dell Encryption Key Mgr User's Guide