Data Protector Practitioners Forum

DP 6.21 and Encrypted Control Communication....

Trusted Contributor.

DP 6.21 and Encrypted Control Communication....

To all,


PCI requirements are forcingme to enable Encrypted Control Communications.


I've done some initial searching on the subject matter already but havent found anything directly related to my situation. In the mean time I've opened a support case and am posting here to see if I can get some questions answered. Below is some background information on my environment.


5 cell managers in a MoM build out.


4-Cell managers runinng Windows 2003 SP2 64bit

1 Cell Manager running Windows 2008 SP2 64bit

1- Media server (currently controls several libraries but not all libraries) also running Windows 2003 SP2 64bit


11 Tape Library Devices, once of which is NAS controlled for NDMP backups, but shared for standard backups also.

2 D2D devices.


Some questions I have:


Last time I spoke to HP support regarding this feature (ECC) and the subsequent reversal of the initial configuration they indicated that you could only use HP's default SSL certs for this feature. Is this correct?


1) What are implications of enabling ECC in a MoM environment? ( I use central licensing and MMDB)


2) Are the SSL certs randomly generated or does every Cell manager on the planet have the same default certificates?


3) How do I ensure all Cell Mangers can communicate to the CMMDB and licensing server IF certs are random generated? (Is there a keyring?)


4) What happens to a NDMP controlled library? (since no agent is installed)


5) Install and licensing guide indicates potential issue with multi-nic servers, how is that resolved? (multiple dns names?)


Thank you all.