Using the Standard Encryption Method
If you want to encrypt your data using the standard (offline) encryption method, you need to create two different policies. The first policy is the initial encryption policy that specifies the symmetric key that you want to use to encrypt the data for the first time. The second is the production policy that you want to use for day-to-day operations on the encrypted data.
The initial encryption must be done while the volume or directory is offline, and users and applications must be prevented from accessing the data until the entire encryption process has finished. Once this initial encryption has been completed, any new or changed data in the GuardPoint will be automatically encrypted as it is added.
If you want to encrypt the data without restricting access during the encryption process, you can use the LDT feature. For details, see Using the CTE-LDT Encryption Method.
To use the standard encryption method:
-
Make sure that you have created the required policy components for DFS(R) as described in Creating Required DFS(R) Policy Components.
-
Create the initial encryption and production policies as described in Creating Standard Policies for DFS(R).
-
Create the GuardPoints that you want to use. The GuardPoint creation method depends on your DFS(R) topology. For details, see one of the following: