Configuring Data Encryption
The Data Encryption page allows you to select the type of encryption to use for OST data transfers. OST data sent from the media server to the Q-Cloud Protect appliance can be encrypted usingAdvanced Encryption Standard (AES) encryption methods.
This setting does not apply to data transfers during replication. For replication, specify encryption settings when configuring the replication or failback targets. See Configure Replication.
From the Configuration menu, select System > Security > Data Encryption to display the Data Encryption page.
Select an option in the Encryption drop-down box:
- From the Encryption drop-down list, select one of the following encryption options:
OST data is not encrypted.
Default AES 128
OST data is encrypted using AES 128-bit encryption.
Default AES 256
OST data is encrypted using AES 256-bit encryption.
TLS with AES 256
OST data is encrypted using AES 256-bit encryption with Transport Layer Security (TLS).
If you select this option, you must install the following required certificate and key files on the cloud appliance:
- Certificate File
- Private Key File
- Certificate Authority File
- Rejection List File
The certificate and key files installed on the system must match the files on the OST media server. For more information on certificate and key files, see the OST Plug-in Installation Instructions (6-67074).
Click the Browse button next to the appropriate file type to browse the system and locate the file.
Caution: Installing certificate files requires a system reboot immediately after the changes are applied. Wait for at least 15 minutes before logging back in.
Note: You can install new certificate and key files at any time, as long as there are no active network connections between the OST media server and the cloud applaince.
- To clear all changes without saving them, click Reset.
- To remove user installed certificate and key files, click Restore Factory Defaults.