Dell PowerVault TL4000 Dell Encryption Key Manager and Library Managed Encr - Page 25

How does EKM handle the addition of new drives or the replacement of bad drive? New or replacement drives can be added to the EKM through auto discovery or manually. To auto discover the drives, check the auto discovery checkbox on the EKM Server Configuration tab in the EKM GUI. To add the drives manually, follow the instructions in the Encryption Key Manager User's Guide to add the drives through the command line interface. It is recommended to use auto discovery as the 12-digit drive serial number (10 digit serial number plus two leading zeros) must be entered to add the drive manually. If security is a concern, auto discovery can be turned on and test backups run to add the necessary drives to the drive table. Then auto discovery can be turned off to prevent new drives from obtaining keys. As long as EKM can authenticate the drive digital signature assigned to the drive at the factory, EKM accepts the key request. The keys are grouped in the key store in key groups and the key groups can be associated with the new/replacement drives after the drives are added. How does EKM handle the addition of a new library or the replacement of a bad library? In library-managed encryption, the library is only a proxy. Libraries can be added or replaced and keys provided as long as the EKM can authenticate to the digital signature on the drive. How is compression affected by encryption and vice versa? The data is compressed prior to being encrypted as encrypted data is generally uncompressible. Therefore compression has no effect on encryption and vice versa. Is there a performance impact with encryption? There can be a slight performance impact with encryption but it should not cause an increase in the backup window. Dell Encryption Key Manager and Library Managed Encryption 25