MIDRANGE dot COM Mailing List Archive



Home » MIDRANGE-L » July 2014

RE: TS2900 Tape Libraries and Stand Alone Ultrium drives



fixed

Larry is correct the tape drive must be Fibre to do the tape encryption at
the tape device level.

You can with all the correct BRMS bits do software encryption before the
tape sees the file, but, and it's a big but, that will burn significant CPU
cycles and slow down the save by an unacceptable amount in all likelihood.

If the auditors are that insistent on encryption on the backup tapes, they
can help to justify the cost for a fibre attached tape library.

Realistically you can get a 3583 with two fibre LTO4 sleds at very
reasonable prices right now. Don't forget the fibre cards for the
partitions and the Fibre Switch (again all ridiculously cheap on the used
parts market).

--
Jim Oberholtzer
Chief Technical Architect
Agile Technology Architects


-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of
DrFranken
Sent: Thursday, July 24, 2014 12:51 PM
To: Midrange Systems Technical Discussion
Subject: Re: TS2900 Tape Libraries and Stand Alone Ultrium drives

IIRC that NO SCSI drives could do encryption. Needs to be Fiber or SAS for
that.

As to the keys that is absolutely a concern but just like your car you don't
put one set in the glove-box and one in the ignition. You put the second one
in a safe place like under the mat. .....kidding..... The keys are stored
in a server and a second server that is off-site. If the tape drive goes up
in smoke or down in water you get a new drive and connect it to the remote
server with the keys and now you can read your tapes again.

Switching between LPARs automatically with SSH script to HMC works very
well. A little setup is required but after that no issue.

- Larry "DrFranken" Bolhuis

www.frankeni.com
www.iDevCloud.com
www.iInTheCloud.com

On 7/24/2014 1:12 PM, Cyndi Bradberry wrote:
Don't I wish I could have new hardware. We just got a generator approved
that will power our whole building.

I dearly would love to go to 7.2 to test the Row/Column Access control
stuff. Audit stuff is thinking that we must encrypt data on the screens, but
I'm working with canned code, no source. Our DR box will go no higher than
7.1, so for a while I am stuck.

Our 2900 is scsi, no fiber anywhere.

Tks for the thoughts.

Cyndi
Boise, ID

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe,
or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at http://archive.midrange.com/midrange-l.







Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2014 by MIDRANGE dot COM and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available here. If you have questions about this, please contact