Password Management provides the option to encrypt session passwords during backup and eliminates the need to repeatedly provide passwords. This feature lets you store session passwords in the Arcserve Backup database. During a backup job submission, the passwords are stored in encrypted form and will be automatically used during restore. Along with the session password, information about when to change your password is also stored. If you forget to change your session password, you will receive a reminder through the Activity Log.
Also, part of the enhancement is the ability to restore encrypted tapes on-site without requiring the encryption password. This feature allows other operators to perform different tasks without having to enter the password.
Note: If you run a restore, merge, or compare job for sessions created using an older version of Arcserve Backup, encrypted a tape in a different Arcserve Backup domain, or if Password Management was not enabled during a backup job, you need to provide the session/encryption password manually.
As a backup session is submitted, the session encryption password is saved to the Arcserve Backup database in encrypted format using a random key and the Globally Unique Identifier (GUID) is saved as a binary value. During a restore session, the encrypted password is extracted from the Arcserve Backup database and decrypted. To extract the encrypted password, the session GUID must be known. Depending on how the data was encrypted, either Server Side Encryption or Agent Side Encryption, there are two ways to identify the session GUID.
The restore session reads the Dummy Session Header from the Tape Engine and if server side encryption was used, the session GUID will be extracted from the Arcserve Backup database.
The restore session reads the Session Header from the Tape Engine and extracts the GUID from the Arcserve Backup database.
|
Copyright © 2016
|
|