Encrypting Network Traffic over HTTPS in enabled by default?

Question

Hello to all!I read some similar threads about Encrypting Network Traffic, but Im a little bit confused.A customer wants to know if the Commvault backup installation (11.28) has by default Network encryption over HTTPS between CS / MAs / clients?I need to clarify if encryption over network traffic for Commvault Servers are enabled by default, at this point I don’t care about Encrypting backup data.https://documentation.commvault.com/11.24/expert/134328_enabling_encryption_in_commcell.htmlPlease for your feedback,Nikos

John Robert · Accepted Answer

There is some performance degradation when enabling end-to-end encryption compared to unencrypted. but this is primarily due to cpu overhead of encrypting traffic.

Default is still to run unencrypted between the clients/mediaagents/commserve as they are considered to be in a trusted network environment.

Traffic between Mediaagent and Blob is encrypted as long as the blob is configured with https.

https://learn.microsoft.com/en-us/azure/storage/common/storage-require-secure-transfer

in addition you can configure commvault to encrypt data at rest, giving you an additional encryption layer that are not directly controlled by azure.

Onno van den Berg · Answer

It's been a while since I started a brand new CommCell environment from scratch, but as far as I know it is not enabled by default. You will have to configure network topologiesto accomplish this if you want to enable end-to-end encryption for both control and data traffic.

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded