Encrypted Backup and Restore
Only the host designated as the primary host for an LDT GuardPoint Group can perform encrypted backup or restore operations on GuardPoints over NFS.
When a policy does not enforce a Security Rule with the Apply Key effect on backup/restore operations, the policy does not decrypt data on I/O operations from that backup application. Under such a policy, the backup application stores encrypted data and the CTE-LDT extended attributes of the file on the backup media.
In Linux, CTE-LDT operations must be suspended during backup. Suspending CTE-LDT completes the ongoing rekey operations on regions of files before starting the backup. During live transformation, CTE-LDT first preserves those regions of a file to be rekeyed in the MDS file. Then it updates some of the metadata in order to update the status of the data preserved in the MDS file in preparation for the rekey. Then it starts rekeying and updating those regions in the underlying file.
Suspending CTE-LDT waits for ongoing rekey operations to complete, and saves the metadata in the CTE-LDT extended attribute section of the MDS file. Suspending CTE-LDT ensures that the rekey status stored in the CTE-LDT extended attribute accurately reflects the rekey status of the data in the entire file during backup.
This requirement does not apply to CTE-LDT for Windows.
The following table summarizes the state of the data in files in backup media:
CTE-LDT State of File | Security Policy | Backup Metadata or Alternate Data Streams Along with File data | Effect |
---|---|---|---|
Not rekeyed | Permit | Yes | Data in backup may be in clear format or encrypted with older key version. |
Rekey in progress | Permit | Yes | File in backup storage is partially rekeyed. Some parts are in clear format or encrypted with older key version, and other parts are encrypted with current key version. |
Rekey complete | Permit | Yes | File in backup storage is in the encrypted format with new key version. |