Guarding CTE files with CTE-U
CTE-U can read and write CTE files encrypted with a CS1
key on a local drive, (XFS or EXT 4). The kernel files contain a CTE header that is already compatible with CTE-U, however, that header is stored as an extended attribute on the file, and not as an embedded header.
Local file systems in CTE with CS1 keys store header information in an extended attribute. When opening the file, if CTE-U does not find an embedded header, it looks for the existence of a header in the extended attributes.
Note
Using Data Transformation to convert file headers
Data Transformation can convert the header files in the CTE from extended attribute files to embedded header files.
To convert the files, after applying your Data Transformation production policy to your GuardPoint, type:
This forces the conversion of all file sizes so they display correctly.
Note
This command does not require a Data Transformation policy. You can run the command while the GuardPoint is live and being accessed by applications.
See Rekeying with Data Transformation for more information.