Skip to main content

client sid encryption and network encryption


Forum|alt.badge.img+7

Hi together,

I would like to understand how encryption works in detail.

The situation: I am using client side encryption (at the source) and I want to use encrypted (or authenticated) network traffic between client and media agent.

When I am using encrypted network traffic, all information (backup data and meta data … i.e. index, jobsresults) is encrpyted at the source (client) and decrypted at the target (media agent).

The encryption/decryption is consuming CPU … of course.

Does Commvault indentify that the backup data is already encrypted in this situation … or will the data be encrypted a second time for the network traffic … wasting my CPU? Or is Commvault only encrypting the meta-data for the network traffic?

Best regards.

Michael

  

 

 

2 replies

Forum|alt.badge.img+14

Hello @Michael Seickert 

When using Client-side (Agent-side) encryption the data is encrypted on the client, transmitted encrypted over the network, and written to storage encrypted. The encrypted data from the source does not get “double-encrypted” when in transit over the network.

 

Subclient Properties (Encryption) - https://documentation.commvault.com/2023e/expert/subclient_properties_encryption.html

Network and Media (Agent Side)

When selected, for data protection operations, data is encrypted before transmission and is stored encrypted on the media. During data recovery operations, data is decrypted by the client.

 

Thank you,
Collin


Forum|alt.badge.img+7

Hi Collin,

 

thank you for this clarification. No double encrpytion :-).

 

Best regards. Michael


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings