I recently was doing some research on this topic and this is some
information I got from an IBM rep ....
Our encryption solution is outstanding ... you need to pick a library vs
a standalone drive and you need to attach via fibre or SAS. You then
load up at least 2 Windows boxes with the key manager, called TKLM, and
you're off to the races. We can run an encrypted backup at the same
speed as a non-encrypted backup which sets us apart from all the
SW-based and appliance-based encryption solutions. If you're going to
do encryption, we'd encourage you to get our Lab Services guy to come
onsite to help you set it up to make sure you have all the proper stuff
set up to protect your keys, since without them, you're toast. For
example ... you need to make sure you have encryption capable gear and a
key manager at your DR site too, plus backup copies of your key manager
each time you change your keys.
Additional information ....
TS2900 - single half high (HH) LTO4 SAS drive with 9 library slots (1 of
them is a convenience io)
TS3100 - single full high (FH) LTO4 SAS or fibre drive, or dual HH LTO4
SAS drives with 24 library slots (1 of them is a convenience io)
TS3200 - dual full high (FH) LTO4 SAS or fibre drives, or up to 4 HH
LTO4 SAS drives with 24 library slots (3 of them are a convenience io)
TS3310 - modular library running from 1 chassis with 1-2 FH LTO4 SAS or
fibre drives with up to 4 expansion chassis with up to 4 drives in each
for a total of 18 drives
TS3500 - our big enterprise library with up to 192 FH fibre LTO4 drives.
It can also hold TS1120/TS130 enterprise drives if you prefer. The
first frame holds up to 12 drives
Fibre drives give you better sharing across LPARs via a switch, but SAS
drives and adapters are cheaper. SAS needs V6R1 and POWER6. If you go
with fibre, you can get the new IOPless fibre cards if you're on POWER6
and V6R1 (they take 1 slot vs 2,and have 2 ports with 64 addresses each,
compared with 1 port with 16 addresses on the IOP'd cards), otherwise
you can just use the older IOP'd cards.
Here are some #'s so you can see the dazzling performance of the LTO4
3590-E on fibre on 5xx CPU's 95 GB/hr 140 GB/hr
HH LTO4 on fibre on 5xx CPU's 220 GB/hr 700 GB/hr
<<< see note
FH LTO4 on fibre on 5xx CPU's 220 GB/hr 890 GB/hr
Note: HH LTO4 drives have the same burst rate as FH drives, but they
can't sustain it. However, not many folks have big enough files to hit
those speeds anyway
I hope this information was useful ....
Kenneth E. Graap
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Ingvaldson, Scott
Sent: Tuesday, September 15, 2009 7:42 AM
Subject: LTO4 Encryption
Is anyone doing LTO4 hardware encryption? We will soon be upgrading to
LTO4 drives in our TS3100 libraries and would like to know what we need
to do to implement hardware encryption. We're at V6R1 with BRMS.
Senior IBM Support Specialist
Midwest Region Data Center
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at http://archive.midrange.com/midrange-l.
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives