Managing a Key Management Server

You can perform the following tasks to manage a key management server:

Note

  • You are recommended to take a backup of the keys that the key management servers generate. Do not use Commvault software to back up the keys.
  • The Commvault software rotates the keys in a time frequency of maximum 90 days.
  • You can change the Key Management Server (KMS) for a storage pool without impacting existing data, provided the change is successful.
  • The old key is not required to restore previously encrypted data.
  • Data does not need to be recopied or re-encrypted when switching to a new key.
  • After key rotation, older data remains accessible because the Key Encryption Key (KEK) is automatically protected with the new key.

Configuring Software Encryption on a Storage Pool

×

Loading...