This article can also be found in the Premium Editorial Download "Storage magazine: Survey says storage salaries are climbing."

Download it now to read this article plus other related content.

But just because you can perform encryption using backup software doesn't necessarily mean you should--especially not on a large scale. "We position [NetVault's Encryption APM] as a first line of defense," says Bharat Kumar, BakBone's vice president of marketing. But in environments that require large-scale backup encryption, it should be "used alongside other technologies, like tape encryption appliances," he adds.

What's wrong with encrypting tapes using backup software? In a nutshell, it takes more time, consumes more storage and costs more money. Here's why:

  • Most backup software packages perform encryption on the client. That's a good thing in that data travels over the network encrypted, but it adds to the amount of time it takes to back that client up. According to W. Curtis Preston, vice president of data protection at GlassHouse Technologies Inc. in Framingham, MA, a backup encrypted with backup software will complete 50% slower than one not encrypted. Vendors that advertise better performance than that probably aren't using top-of-the-line 256-bit keys, he says, adding that "the length of time it takes to encrypt a backup is directly proportional to the size of the key used."
  • Encrypting data on the client makes it impossible to compress data later on because encrypted data is uncompressible. It's easy to circumvent that problem by using your backup

Requires Free Membership to View

  • software's compression feature, but that also slows down a backup.
  • Encryption is sometimes, although not always, an extra-cost option to the backup package. Symantec/ Veritas charges for 128- and 256-bit encryption (but it's considering offering 40- and 56-bit encryption for free, says the firm's Adams). BakBone charges $195 per server for its NetVault encryption add-in.
For some, taking the backup software route to encrypted backups works great. CUDP uses BakBone's NetVault encryption option, and is pleased with the performance and space consumption it's seeing. "It was a concern up front," says Ben Shapiro, a development programmer at CUDP, but "the testing I performed showed that the performance impact was minimal." That's because the encryption takes place on CUDP's customers' machines, and not on CUDP's machines. From Shapiro's perspective, adding encryption to its customers' backups has only added about 10 minutes to the overall process, he says.

Appliances abound
But in environments struggling to complete backups in a timely fashion, adding encryption to the mix "lengthen[s] your backup window," says John Lallier, vice president of technology at FalconStor Software, Melville, NY. In those environments, taking the encryption function out of the backup software and putting it into specialized hardware is probably the right way to go.

This was first published in November 2005

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: