It's been a while since I started a brand new CommCell environment from scratch, but as far as I know it is not enabled by default. You will have to configure network topologies to accomplish this if you want to enable end-to-end encryption for both control and data traffic.
Hi @Onno van den Berg
Thanks for your reply.
In case I configure network topologies for end-to-end encryption, Im going to face any performance degradation?
Also, in case you have a Azure Blob Storage as a backup repository, by default the traffic between MA Blob Storage is encrypted over HTTPS?
Thanks again,
Nikos
There is some performance degradation when enabling end-to-end encryption compared to unencrypted. but this is primarily due to cpu overhead of encrypting traffic.
Default is still to run unencrypted between the clients/mediaagents/commserve as they are considered to be in a trusted network environment.
Traffic between Mediaagent and Blob is encrypted as long as the blob is configured with https.
https://learn.microsoft.com/en-us/azure/storage/common/storage-require-secure-transfer
in addition you can configure commvault to encrypt data at rest, giving you an additional encryption layer that are not directly controlled by azure.