Symantec puts encryption on the backup server

12.12.2006
Symantec Corp. Tuesday announced a new encryption feature for its flagship NetBackup backup and recovery software that takes the CPU-intensive load off of application servers and places the burden onto the backup server.

Symantec's Veritas NetBackup Media Server Encryption Option works within existing NetBackup policies and backs-up all existing NetBackup clients, making it easier to use than an appliance or third-party software product, said Mike Adams, senior group manager for NetBackup product marketing.

Veritas Corp., now owned by Symantec, introduced encryption in 2004, but it ran at the application server level. In April, Symantec introduced encryption through its Veritas NetBackup 6.0 PureDisk Remote Office Edition, but the product was not intended for the enterprise data center, Adams said.

The new NetBackup Media Server Encryption Option is intended for the data center and can offer 128-bit or 256-bit AES encryption, allowing users to stage data to a secondary disk storage array, such as a virtual tape library, or transfer the encrypted data directly to magnetic tape.

Symantec is OEMing the new technology from Vormetric Inc., in Santa Clara, Calif., in order encrypt data on a file system at actual backup server, according to Jon Olstik, an analyst with the Enterprise Strategy Group, in Milford, Mass. "The client encryption was notoriously slow and put the encryption processing burden on the clients. In this new model, the client sends data to the server in cleartext and the server then encrypts everything."

Also different about Symantec's latest backup encryption option is that encryption keys can be managed through a central database.