Data Encryption provides the ability to encrypt data both for transmission over non-secure networks and for storage on media. The flexibility of key management schemes makes data encryption useful in a wide variety of configurations.
The following data encryption methods are provided:
- Software encryption allows you to encrypt data during backup jobs, auxiliary copy job, and data replication job.
- The Crypto Library module supports data encryption methods approved by the Federal Information Processing Standard (FIPS) as well as additional data encryption methods not approved by FIPS.
- The National Institute of Standards and Technology (NIST) has the Commvault's FIPS 140-2 Certified Crypto Library 2.0 Certificate #3060 listed on the cryptographic module validation program (CMVP) website.
- Hardware encryption allows you to encrypt data on tape drives that have built-in encryption capabilities.
For information about the supported algorithms and key lengths, see Data Encryption Algorithms.
With any of the encryption methods, keys are always stored in the CommServe database. Optionally, you can store keys on the media. This can be useful when using the external tools such as Media Explorer to recover the data from the media.
Last modified: 3/1/2018 9:42:41 PM