Best practices for Backup Exec 12.5 software encryption

Details:

Best practices for Backup Exec 12.5 software encryption

Best practices include tips and recommendations to help you use software encryption effectively with Symantec Backup Exec for Windows Servers. For more information about software encryption, see the Backup Exec for Windows Servers Administrator’s Guide.

The following best practices can ensure smooth operations when you administer software encryption:

Create strong pass phrases by doing the following:
- Use more than the minimum number of characters that are required.
- Use a combination of upper- and lower-case letters, numbers, and special characters.
- Avoid literary quotations in pass phrases.
- Keep your pass phrases secure.
Run Backup Exec Services in FIPS mode and use 256-bit AES encryption to be FIPS compliant.
This option is available at Tools > Options > Network and Security. It is called Use FIPS 140-2 compliant software encryption.
Use software compression with encryption if the data must be compressed.
Avoid using hardware compression with software encryption.
If you do not use software encryption when you back up data to a backup-to-disk folder, use File System encryption to prevent unauthorized access.
Use the same encryption key for all of the templates in a synthetic backup policy.

Supplemental Material:

System: Ref.#	Description
Vasont ID: v11565493_corsicaweb

Products Applied:
Backup Exec for Windows Servers 12.5

Last Updated: October 16 2008 03:23 PM GMT
Expires on: 365 days from publish date

Subscribe to receive critical updates about this document

Subjects:
Backup Exec for Windows Servers
   Information Development: Best Practices
Windows 2000
   Information Development: Best Practices
Windows NT Small Business Server
   Information Development: Best Practices
Windows Server 2003
   Information Development: Best Practices
Windows Server 2008
   Information Development: Best Practices
Windows XP
   Information Development: Best Practices

Languages:
English (US)

Operating Systems:
Windows 2000

Professional, Server

Windows NT Small Business Server

2000

Windows XP

Pro 5.1, Pro 5.1 64 bit SP1, Pro 5.1 64 bit SP2, Pro 5.1 64-bit, Pro 5.1 SP1, Pro 5.1 SP2

Windows Server 2003

DataCenter, DataCenter (IA64), DataCenter (x64), DataCenter SP1, DataCenter SP1(IA64), DataCenter SP1(x64), DataCenter SP2, Datacenter SP2(x64), Enterprise (IA64), Enterprise (x64), Enterprise SP1(IA64), Enterprise SP1(x64), Enterprise SP2, Enterprise SP2(x64), Enterprise Server, Enterprise ServerSP1, R2, Standard Server, Standard Server SP1, Standard Server SP1 (x64), Standard Server SP2, Standard Server SP2 (x64), Standard Server(x64), Storage Server, Storage Server SP1, Storage Server SP2, Web Server, Web Server SP1, Web Server SP2

Windows Server 2008

DataCenter (x64-64bit), DataCenter (x86-32bit), Enterprise (x64-64bit), Enterprise (x86-32bit), Itanium, Standard (x64-64bit), Standard (x86-32bit), Web Server (x64-64bit), Web Server (x86-32bit)

Symantec World Headquarters:
20330 Stevens Creek Blvd. Cupertino, CA 95014
World Wide Web: http://www.symantec.com,
Tech Support Web: http://entsupport.symantec.com,
E-Mail Support: http://seer.entsupport.symantec.com/email_forms,
FTP: ftp://ftp.entsupport.symantec.com or http://ftp.entsupport.symantec.com

THE INFORMATION PROVIDED IN THE SYMANTEC SOFTWARE KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. SYMANTEC SOFTWARE DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL SYMANTEC SOFTWARE OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES,EVEN IF SYMANTEC SOFTWARE OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.