Disk encryption allows you to protect the backup data stored on the Backup & Disaster Recovery appliance from being accessed offline. For example, if someone takes out a hard disk from appliance, or if you replace a failed disk in the RAID, the disk stays encrypted, thus reducing the risk of the data breach.
Encryption on the primary appliances
Hard disks in the primary appliances (those located on the customer’s premises), both physical or virtual, are encrypted with LUKS.
LUKS is an industry standard hard disk encryption system build into Linux. It uses the AES algorithm with a 256-bit key in the CBC-ESSIV mode. The system generates a random encryption key, encrypts it with another key (master key), and stores it in one of the key slots provided by LUKS.
When writing to or reading from a hard disk, the system encrypts or decrypts data on the fly using the master key derived by PBKDF2 from a user-defined passphrase stored on the appliance boot disk.
Disk encryption on the primary appliances is not a default feature. Our implementation specialists can enable it during the initial appliance configuration – that is when the appliance is set up for the first time and contains no backups yet. Otherwise, encryption will erase everything stored on the hard disks.
Encryption on the secondary appliances
Hard disks in the secondary appliances (those located in the data centers), both physical or virtual, are encrypted by default using the AES-256 algorithm.
Encryption exclusions
Encryption applies only to hard disks where appliance stores the backup data. It does not apply to the boot disk and SSD.
Boot disk contains only the operating system, while SSD holds the block map (index) for DDFS, and the appliance catalog database:
-
DDFS block map contains the hash of each stored block, and metadata about the block, for example, the reference count, the address, and other.
-
Catalog database stores metadata about each backup job (name, date started and ended, size, and so on).
For File and Folder backup jobs, it also includes metadata about each file in a job (name and size of the file, permissions, timestamps, and other). It does not contain actual job data.