Solved

CommServe Database Encryption

  • 8 February 2021
  • 3 replies
  • 1343 views

Badge +1

Has anyone been able to locate any data or has anyone attempted encrypting the CommServe database through SQL?

icon

Best answer by Brian Bruno 8 February 2021, 16:47

View original

3 replies

Userlevel 7
Badge +23

Hey @Marozac!  Thanks for posting and welcome!

To clarify, are you referring to encrypting backups of the Commserve database, or securing it in Production?  If you can add any context that would help.

While I wait for your reply, we do have a detailed section on securing your Commserve database here.

Badge +1

Securing it in Production.  Essentially encrypting the database itself.  I Read through the securing your Commserve database and did not see any data on the encryption of the Commserv Database itself.  We are already performing encryption of the backups. 

Userlevel 5
Badge +13

Hi @Marozac,

We do support having the Commserve databases encrypted with TDE Encryption.  This is transparent to Commvault, and so long as the TDE encryption is configured properly from a Microsoft SQL Server Standpoint, there is no additional configuration required for the Commserve to function afterwards.

 

The exception to that rule would be if you are using CommServe LiveSync, or any other form of Transaction Log shipping to a Standby CommServe.  In that scenario, you will have to synchronize the Encryption keys to the standby server to allow the restores to function.  We’ve outlined the required steps here :

 

https://documentation.commvault.com/commvault/v11_sp20/article?p=117493.htm

 

Please note - as with any form of encryption, it is VERY important to backup and keep your encryption keys safe.  If the encryption key is lost, there would be no way for Commvault to recover them.

 

As an additional side note, if the databases are encrypted Commvault Support would need to be given the encryption keys in order to do any database staging for offline review and escalations to Development.  Any database backups taken after encryption is enabled will require the keys in order to be restored onto any destination SQL Server.

 

 

 

Reply