Solved

Third Party KMS

  • 22 April 2022
  • 1 reply
  • 341 views

Userlevel 3
Badge +11

Hi Team,

If we use third party Key management server such as AWS KMS with Commvault , will there be any impact on backups and recovery throughput or performance .

Iam assuming that Encryption keys retrieval is faster when its present in CS database as compared to retrieve keys from third part KMS  ? Let me know if my understanding is not right .

Also , during a backup or recovery job does encryption keys retrieval from CS DB or third party KMS happen only 1 time or it will be continuous for each and every block/chunk ?

icon

Best answer by Jos Meijer 23 April 2022, 12:53

View original

If you have a question or comment, please create a topic

1 reply

Userlevel 7
Badge +16

Yes native kms is faster then 3rd party kms due to local data vs data over remote connection. Doesn't have to take much/noticably longer, all depends on your connection with kms.

Kms is based on the process described here:

https://documentation.commvault.com/11.24/essential/7814_third_party_key_management.html

I believe it is a per backup/restore job retrieval. Per block is not needed as the kms key is linked on a global dedup storage pool or a storage policy copy level