NBDE: How I could have slept better at night
|
|
- Christopher Thompson
- 5 years ago
- Views:
Transcription
1 NBDE: How I could have slept better at night Chuck Mattern Principal Solution Architect Red Hat
2 My old intro Red Hat Customer 18 years Linux User and Admin (TAMU, Slackware, Red Hat (& Enterprise), SuSE, Yggdrasil, Mandrake, Debian, CentOS, Scientific, Fedora) 26 years Unix User and Admin (Coherent, UNIXWare, DG-UX, HP-UX, AT&T B3, Solaris, AIX, OpenBSD, Dynix/PTX, DEC Unix, Ultix, SCO, PrimeOS) 27 years VMWare ESX (Engineer & Architect) 5 years Indus International (Unix Admin, Certified Solaris Admin (OS, Networking and Storage) 1998) 1.5 years Home Depot (Loss Prevention Supervisor, Programmer, Sys Admin, Architect, Principal Engineer, Red Hat Certified Engineer (RHEL 4 (2005), 6 (2011)) 27 years The Paradies Shops (Sr. Manager: Server, Network, Telephony, Desktop ) 1.5 years Red Hat (Solution Architect, Red Hat Certified Engineer (RHEL 7 (2016)) ~5 years
3 I m Irish, Italian and Sysadmin-ish We tend to talk with our hands We get excited We are passionate We like to share stories
4 Preface: Some core concepts Nobody is so horrible that he can t be the perfect bad example. -John Kelly Only in self discipline will you ever find freedom -Hon. James A. Walsh et al There but for the grace of God go I. -Hon. James A. Walsh et al
5 My Cautionary Tale 2,000+ sites across the US (including Puerto Rico, Hawaii and Guam) 4,000+ ESX hosts 2,000+ iscsi storage units 2,000+ Windows 2003 VMs 10,000+ RHEL VMs Global deduplicating compressing backup/recovery solution living on the same storage unit as the other VMs and replicating to a central site Fractional T1 to each location sharing credit auth and VOIP No local technical staff What could possibly go wrong?...oh yeah, my support team was 5 Engineers...
6 image via Peakpx
7 Enter the PRS Portable Recovery Server Run! Don t walk Grab the best castoff desktop you can find in the basement Snag two 1TB SAS disks a spare NIC and a gig of RAM from Microcenter Base install of RHEL4, mirroring the disks Encrypt the root volume with luks and use something tough like K&tx#vQ2*HW@9ucB! Remember, it s a $50-$100M a year business, in a box! Expose all spare disk via NFS Mount that up to your ESX host via primary NIC Build out a temporary recovery VM via ESX on the NFS share Replicate backup data Munge through and rename, re-ip everything under the covers Slap the remote location IP on the secondary NIC cause DHCP lived on one of the dead VMs (can you say down hard?) Shutdown and pack it in a box you found in the basement with styro-peanuts you stole^h^h^h borrowed from the shipping folks Drive like a maniac to Delta Dash then...wait...
8 What is LUKS? Linux Unified Key Setup from Clemens Fruhwirth in 2004 Originally for Linux, now there are Android (yeah I know it s Linux under there) Windows maybe elsewhere?
9 Translating: It ll be OK, I promise By Servershop24 [CC BY-SA 3.0 ( Wikimedia Commons By Dallastechline, Inc. [CC BY-SA 3.0 ( via Wikimedia Commons With a DR solution based on a scavenged desktop I had difficulty establishing credibility with my end customer even though I had a well thought out technical solution to the issue at hand. Talking a non-technical user through decrypting the root volume with a password such as K&tx#vQ2*HW@9ucB! Did not make things any easier
10 image via Peakpx
11 What is NBDE? Network Bound Disk Encryption Linux systems can decrypt volumes, even root volumes, over the network Based on clevis and tang clevis framework for the client side inserts into dracut has several pins tang for the server side one of the clevis pins License: CC0 Public Domain Robust Clevis On Vehicle
12 Where can I use NBDE? Laptops (duh ) Workstations Servers yep, even portable ones.
13 Logical View of Clevis and Tang
14 Architectural View
15 Server Installation
16 Server Installation and Configuration ~]# yum install -y tang [omitted] Installed: tang.x86_64 0:6-1.el7 Dependency Installed: http-parser.x86_64 0: el7_4 libjose.x86_64 0:10-1.el7 jose.x86_64 0:10-1.el7 Complete! ~]# systemctl enable tangd.socket --now Created symlink from /etc/systemd/system/multi-user.target.wants/tangd.socket to /usr/lib/systemd/system/tangd.socket. ~]# systemctl status tangd.socket tangd.socket - Tang Server socket Loaded: loaded (/usr/lib/systemd/system/tangd.socket; enabled; vendor preset: disabled) Active: active (listening) since Tue :01:23 UTC; 11s ago Listen: [::]:80 (Stream) Accepted: 0; Connected: 0 Oct 16 06:01:23 tang3.mobile.roninprinciples.com systemd[1]: Listening on Tan... Oct 16 06:01:23 tang3.mobile.roninprinciples.com systemd[1]: Starting Tang Se... Hint: Some lines were ellipsized, use -l to show in full. [root@tang3 ~]# firewall-cmd --add-service=http success [root@tang3 ~]# firewall-cmd --add-service=http --permanent success [root@tang3 ~]#
17 Client Installation
18 Client Installation: Software ~]# yum install -y clevis-dracut [omitted] Installed: clevis-dracut.x86_64 0:7-8.el7 Dependency Installed: clevis.x86_64 0:7-8.el7 clevis-luks.x86_64 0:7-8.el7 clevis-systemd.x86_64 0:7-8.el7 jose.x86_64 0:10-1.el7 libjose.x86_64 0:10-1.el7 libluksmeta.x86_64 0:8-1.el7 libpcap.x86_64 14: el7 luksmeta.x86_64 0:8-1.el7 nmap-ncat.x86_64 2: el7 tpm2-abrmd.x86_64 0: el7 tpm2-tools.x86_64 0: el7 tpm2-tss.x86_64 0: el7 tpm2-tss-devel.x86_64 0: el7 Complete! ~]#
19 Client Installation: luks Status ~]# cryptsetup luksdump /dev/vda2 LUKS header information for /dev/vda2 Version: 1 Cipher name: aes Cipher mode: xts-plain64 Hash spec: sha256 Payload offset: 4096 MK bits: 512 MK digest: 58 e6 af 4c 89 a8 05 f1 f9 fc 8d d c0 1c d7 43 MK salt: d8 c2 51 ae cd e7 3b d5 f7 9b dd 20 b9 3f e f0 c1 35 6a e b3 96 MK iterations: UUID: 80e b-45fd-88cd-7e8ec6b195c2 Key Slot 0: ENABLED Iterations: Salt: a6 6a 9f 45 a0 fb 11 f2 a4 e0 a a7 b6 0a c8 5a ce 5f 5a 7f c4 0e 87 e4 fc 68 Key material offset: 8 AF stripes: 4000 Key Slot 1: DISABLED Key Slot 2: DISABLED Key Slot 3: DISABLED Key Slot 4: DISABLED Key Slot 5: DISABLED Key Slot 6: DISABLED Key Slot 7: DISABLED [root@clevis ~]#
20 Client Installation: Configure clevis ~]# clevis luks bind -d /dev/vda2 sss ' { "t": 2, "pins": {"tang": [ {"url": " {"url": " {"url": " ] } } ' The advertisement contains the following signing keys: TepHUGV79tG8Cs0L9XPQh2s0f8A Do you wish to trust these keys? [ynyn] y The advertisement contains the following signing keys: _te0s8q9omn7gf4hqhehl9irsac Do you wish to trust these keys? [ynyn] y The advertisement contains the following signing keys: LdsB17ihj8MhRCaM8OiHEKkw2q8 Do you wish to trust these keys? [ynyn] y Enter existing LUKS password: [root@clevis ~]# Note: This example assumes a single block devise supporting an LVM volume group. Configurations with multiple block devices will require additional configuration.
21 Client Installation: luks Status ~]# cryptsetup luksdump /dev/vda2 LUKS header information for /dev/vda2 Version: 1 Cipher name: aes Cipher mode: xts-plain64 Hash spec: sha256 Payload offset: 4096 MK bits: 512 MK digest: 58 e6 af 4c 89 a8 05 f1 f9 fc 8d d c0 1c d7 43 MK salt: d8 c2 51 ae cd e7 3b d5 f7 9b dd 20 b9 3f e f0 c1 35 6a e b3 96 MK iterations: UUID: 80e b-45fd-88cd-7e8ec6b195c2 Key Slot 0: ENABLED Iterations: Salt: a6 6a 9f 45 a0 fb 11 f2 a4 e0 a a7 b6 0a c8 5a ce 5f 5a 7f c4 0e 87 e4 fc 68 Key material offset: 8 AF stripes: 4000 Key Slot 1: ENABLED Iterations: Salt: 12 8b 7e cd d8 79 b fd 4c bd d 1f ec aa a 14 8b 65 b1 e1 95 a2 de 3c cc eb Key material offset: 1016 AF stripes: 4000 Key Slot 2: DISABLED Key Slot 3: DISABLED Key Slot 4: DISABLED Key Slot 5: DISABLED Key Slot 6: DISABLED Key Slot 7: DISABLED [root@clevis ~]#
22 Client Installation: luksmeta status ~]# luksmeta show -d /dev/vda2 0 active empty 1 active cb6e ff-40da-a84a-07ab9ab5715e 2 inactive empty 3 inactive empty 4 inactive empty 5 inactive empty 6 inactive empty 7 inactive empty [root@clevis ~]#
23 Delivering: It ll be OK, I promise By Servershop24 [CC BY-SA 3.0 ( from Wikimedia Commons By Dallastechline, Inc. [CC BY-SA 3.0 ( via Wikimedia Commons
24 License: CC0 Public Domain Jeff Rowley
25 A few of the finer points No encryption needed in flight Luks key is never transmitted Only the encrypting key is transferred over the wire Encrypted paraphrase is stored in luks header
26 Encryption Walk Through
27 Encrypting a sample passphrase [root@clevis ~]# echo 'Good Morning Columbus, Ohio!' clevis encrypt sss ' { "t": 2, "pins": {"tang": [ {"url": " {"url": " {"url": " ] } } ' >gmco.jwe The advertisement contains the following signing keys: TepHUGV79tG8Cs0L9XPQh2s0f8A Do you wish to trust these keys? [ynyn] y The advertisement contains the following signing keys: _te0s8q9omn7gf4hqhehl9irsac Do you wish to trust these keys? [ynyn] y The advertisement contains the following signing keys: LdsB17ihj8MhRCaM8OiHEKkw2q8 Do you wish to trust these keys? [ynyn] y [root@clevis ~]#
28 Decrypting a sample passphrase With two servers down the threshold of 2 out of 3 tang servers cannot be met: [root@clevis ~]# clevis decrypt <gmco.jwe Error communicating with the server! Error communicating with the server! [root@clevis ~]# Once at least 2 of the 3 servers are online we can decrypt the passphrase: [root@clevis ~]# clevis decrypt <gmco.jwe Good Morning Columbus, Ohio! [root@clevis ~]#
29 It s not just tang for breakfast anymore Shamir s Secret Sharing from Adi Shamir Allows for combinations of multiple kinds of pins tang tpm2 http math too painful for mere mortals think of it as the intersection of RAID and cryptography for now see the Wikipedia link below if you re a cryptographer, mathematician or just like pain
30 Magical things you can do with SSS
31 Magical things you can do with SSS
32 Magical things you can do with SSS
33 Magical things you can do with SSS
34 Magical things you can do with SSS
35 Magical things you can do with SSS
36 Magical things you can do with SSS
37 Magical things you can do with SSS
38 Magical things you can do with SSS
39 Quick sample incantation (human readable) clevis luks bind -d /dev/vda2 sss ' {"t": 2, "pins": {"tang": [ {"url": " {"url": " {"url": " ] } }'
40 Thank you for attending Ohio Linux Fest!
41 Resources & Credits Portions of the content were based on presentation from: Nathaniel McCallum Brian Atkisson Jim Wildman Technical references: luks: cryptsetup Samir s Secret Sharing: clevis: tang:
New RHEL 7.5 features: VDO, USBGuard, NBDE and AIDE. RHUG Q Marc Skinner Principal Solutions Architect 3/21/2018
New RHEL 7.5 features: VDO, USBGuard, NBDE and AIDE RHUG Q1.2018 Marc Skinner Principal Solutions Architect 3/21/2018 RHEL7.5beta :: New Features Storage - Virtual Data Optimizer (VDO) Security - NBDE
More informationDisk-Level Encryption
2011-2017 Percona, Inc. 1 / 19 Disk-Level Encryption http://www.percona.com/training/ 2011-2017 Percona, Inc. 2 / 19 Introduction Clients in the PCI, HIPPA, or PHI space Encrypted "at rest" MySQL 5.7 InnoDB
More informationDisk-Level Encryption
2011-2017 Percona, Inc. 1 / 25 Disk-Level Encryption http://www.percona.com/training/ 2011-2017 Percona, Inc. 2 / 25 Disk-Level Encryption OVERVIEW 2011-2017 Percona, Inc. 3 / 25 Introduction Security,
More informationRed Hat announcements and new RHEL 7.5 features: VDO, USBGuard, NBDE and AIDE. Canada RHUGs Q Marc Skinner Principal Solutions Architect 9/2018
Red Hat announcements and new RHEL 7.5 features: VDO, USBGuard, NBDE and AIDE Canada RHUGs Q3.2018 Marc Skinner Principal Solutions Architect 9/2018 WHOIS :: Marc Skinner Live in Minneapolis, MN Joined
More informationServer Monitoring. AppDynamics Pro Documentation. Version 4.1.x. Page 1
Server Monitoring AppDynamics Pro Documentation Version 4.1.x Page 1 Server Monitoring......................................................... 4 Standalone Machine Agent Requirements and Supported Environments............
More informationIOPStor: Storage Made Easy. Key Business Features. Key Business Solutions. IOPStor IOP5BI50T Network Attached Storage (NAS) Page 1 of 5
IOPStor: Storage Made Easy Application data, virtual images, client files, email, the types of data central to running a successful business can seem endless. With IOPStor you finally have an advanced
More informationCisco Exam Questions & Answers
Cisco 648-244 Exam Questions & Answers Number: 648-244 Passing Score: 790 Time Limit: 110 min File Version: 23.4 http://www.gratisexam.com/ Cisco 648-244 Exam Questions & Answers Exam Name: Designing and
More informationRelease Notes for (Supporting 3ware 9690SA and 9650SE controllers)
Introduction Release Notes for 9.5.1 (Supporting 3ware 9690SA and 9650SE controllers) READ ME FIRST! Thank you for purchasing the LSI 3ware SAS/SATA RAID Controllers. This document describes important
More informationPRODUCT DOCUMENTATION. Backup & Replication v5.0. User Guide.
PRODUCT DOCUMENTATION User Guide Backup & Replication v5.0 www.nakivo.com Table of Contents Solution Architecture... 4 Deployment...11 System Requirements... 12 Deployment Scenarios... 15 Installing NAKIVO
More informationData Protector 10.x Express Support Matrix
Data Protector 10.x Express Support Matrix Version: 1.1 Date: October 2018 For the following Data Protector components, only those combinations of Data Protector components, applications, and operating
More informationCIT 470: Advanced Network and System Administration. Topics. Workstation Management. Workstations
CIT 470: Advanced Network and System Administration Workstations CIT 470: Advanced Network and System Administration Slide #1 Topics 1. Machine Lifecycle 2. Automated Installs 3. Updates 4. Network Configuration
More informationMQ Message Encryption Overview
MQ Message Encryption Overview Capitalware Inc. Unit 11, 1673 Richmond Street, PMB524 London, Ontario N6G2N3 Canada sales@capitalware.com http://www.capitalware.com MQ Message Encryption Overview Page
More informationCOS 318: Operating Systems. File Systems. Topics. Evolved Data Center Storage Hierarchy. Traditional Data Center Storage Hierarchy
Topics COS 318: Operating Systems File Systems hierarchy File system abstraction File system operations File system protection 2 Traditional Data Center Hierarchy Evolved Data Center Hierarchy Clients
More informationThis option lets you reset the password that you use to log in if you do not remember it. To change the password,
User s Guide Overview IDrive offers the most cost-effective BMR functionality with onsite disk image backup for SMBs. You can store entire data of hard disks including the operating system (OS) and application
More informationSymantec NetBackup PureDisk Compatibility Matrix Created August 26, 2010
Symantec NetBackup PureDisk 6.6.1 Compatibility Matrix Created August 26, 2010 Copyright 2010 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and Backup Exec are trademarks or registered
More informationDownloading and installing Db2 Developer Community Edition on Red Hat Enterprise Linux Roger E. Sanders Yujing Ke Published on October 24, 2018
Downloading and installing Db2 Developer Community Edition on Red Hat Enterprise Linux Roger E. Sanders Yujing Ke Published on October 24, 2018 This guide will help you download and install IBM Db2 software,
More informationStorage and File Hierarchy
COS 318: Operating Systems Storage and File Hierarchy Jaswinder Pal Singh Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/) Topics Storage hierarchy File system
More informationCOS 318: Operating Systems
COS 318: Operating Systems File Systems: Abstractions and Protection Jaswinder Pal Singh Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/) Topics What s behind
More informationNetwork Security - ISA 656 IPsec IPsec Key Management (IKE)
Network Security - ISA 656 IPsec IPsec (IKE) Angelos Stavrou September 28, 2008 What is IPsec, and Why? What is IPsec, and Why? History IPsec Structure Packet Layout Header (AH) AH Layout Encapsulating
More informationSTORAGE CONSOLIDATION WITH IP STORAGE. David Dale, NetApp
STORAGE CONSOLIDATION WITH IP STORAGE David Dale, NetApp SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individuals may use this material in
More informationThe Best Storage for Virtualized Environments
The Best Storage for Virtualized Environments Paul Kessler Asia Pacific Solutions Marketing Alliances, NetApp Nov.4,2008 The Best Storage for Virtualized Environments Paul Kessler Solutions Marketing &
More informationSTORAGE CONSOLIDATION WITH IP STORAGE. David Dale, NetApp
STORAGE CONSOLIDATION WITH IP STORAGE David Dale, NetApp SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individuals may use this material in
More informationCOM Verification. PRESENTATION TITLE GOES HERE Alan G. Yoder, Ph.D. SNIA Technical Council Huawei Technologies, LLC
COM Verification PRESENTATION TITLE GOES HERE Alan G. Yoder, Ph.D. SNIA Technical Council Huawei Technologies, LLC Outline COM overview How they work Verifying the COMs SNIA Emerald TM Training ~ June
More informationCIS-331 Spring 2016 Exam 1 Name: Total of 109 Points Version 1
Version 1 Instructions Write your name on the exam paper. Write your name and version number on the top of the yellow paper. Answer Question 1 on the exam paper. Answer Questions 2-4 on the yellow paper.
More informationFlush Dns Settings Linux Redhat 5 Step Step
Flush Dns Settings Linux Redhat 5 Step Step Setup Cahing DNS Server in RHEL/CentOS 7. DNS cache servers are used to resolve any DNS query they receive. Operating System : CentOS Linux release 7.0.1406
More informationFundamentals of Cryptography
Fundamentals of Cryptography Topics in Quantum-Safe Cryptography June 23, 2016 Part III Data Encryption Standard The Feistel network design m m 0 m 1 f k 1 1 m m 1 2 f k 2 2 DES uses a Feistel network
More informationZadara Enterprise Storage in
Zadara Enterprise Storage in Google Cloud Platform (GCP) Deployment Guide March 2017 Revision A 2011 2017 ZADARA Storage, Inc. All rights reserved. Zadara Storage / GCP - Deployment Guide Page 1 Contents
More informationStorage and File System
COS 318: Operating Systems Storage and File System Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall10/cos318/ Topics Storage hierarchy File
More informationInstallAnywhere: Requirements
InstallAnywhere: Requirements Create Multiplatform Installations from a Single Project File Physical, Cloud, and Virtual Environments, Plus Docker Containers Requirements This document shows the technical
More informationIM B36 Why You Should be Using NetBackup Bare Metal Restore (BMR) in Your DR Solution
IM B36 Why You Should be Using NetBackup Bare Metal Restore (BMR) in Your DR Solution Dick Goter, NetBackup Product Management Jaime Vazquez, Senior Tech Principal Support Engineer Roadmap Timelines Disclaimer
More informationDocumentation. OTRS Appliance Installation Guide. Build Date:
Documentation OTRS Appliance Installation Guide Build Date: 12/10/2014 OTRS Appliance Installation Guide Copyright 2001-2014 OTRS AG This work is copyrighted by OTRS AG. You may copy it in whole or in
More informationProviding a first class, enterprise-level, backup and archive service for Oxford University
Providing a first class, enterprise-level, backup and archive service for Oxford University delivering responsive, innovative IT 11th June 2013 11 th June 2013 Contents Service description Service infrastructure
More informationInteroperability of Bloombase StoreSafe and Thales payshield for Data-at-Rest Encryption
Bloombase Interoperability Program P1 2015 Bloombase, Inc. Interoperability of Bloombase StoreSafe and Thales payshield for Data-at-Rest Encryption December 2015 Executive Summary Thales payshield enterprise
More informationCompatibility and Support Information Nasuni Corporation Boston, MA
Information Nasuni Corporation Boston, MA Contents 1. Introduction... 1 2.... 1 2.1. Virtualization platforms... 1 3. Filers... 2 3.1. Filer properties... 2 3.2. Clients... 4 3.3. VSS... 7 3.4. Security...
More informationQuick Note 52. Connecting to Digi Remote Manager Through Web Proxy. Digi Product Management February 2017
Quick Note 52 Connecting to Digi Remote Manager Through Web Proxy Digi Product Management February 2017 Contents 1 Document Version... 3 2 Abstract... 3 3 Introduction... 3 4 Web Proxy Configuration...
More informationHP Data Protector 7.0 Virtualization Support Matrix
HP Data Protector 7.0 Virtualization Support Matrix Version: 3.5 Date: September 2014 The combinations of Data Protector component + operating system and/or application versions listed in this support
More informationIntroduction to Virtualization. From NDG In partnership with VMware IT Academy
Introduction to Virtualization From NDG In partnership with VMware IT Academy www.vmware.com/go/academy Why learn virtualization? Modern computing is more efficient due to virtualization Virtualization
More informationCIS-331 Fall 2013 Exam 1 Name: Total of 120 Points Version 1
Version 1 1. (24 Points) Show the routing tables for routers A, B, C, and D. Make sure you account for traffic to the Internet. NOTE: Router E should only be used for Internet traffic. Router A Router
More informationIBM i Cloud Backup & DRaaS
IBM i Cloud Backup & DRaaS Protect your critical data with Cloud, Hybrid Cloud or Private Cloud options. UCG Technologies protects all platforms from 10GB to in excess of 100TB with specific expertise
More informationVIRTUAL GPU LICENSE SERVER VERSION , , AND 5.1.0
VIRTUAL GPU LICENSE SERVER VERSION 2018.10, 2018.06, AND 5.1.0 DU-07754-001 _v7.0 through 7.2 March 2019 User Guide TABLE OF CONTENTS Chapter 1. Introduction to the NVIDIA vgpu Software License Server...
More informationCIS-331 Fall 2014 Exam 1 Name: Total of 109 Points Version 1
Version 1 1. (24 Points) Show the routing tables for routers A, B, C, and D. Make sure you account for traffic to the Internet. Router A Router B Router C Router D Network Next Hop Next Hop Next Hop Next
More informationPeerStorage Arrays Unequalled Storage Solutions
Simplifying Networked Storage PeerStorage Arrays Unequalled Storage Solutions John Joseph, VP of Marketing EqualLogic,, 9 Townsend West, Nashua NH 03063 Phone: +1-603 603-249-7772, FAX: +1-603 603-579-6910
More informationPurpose. Target Audience. Install SNMP On The Remote Linux Machine. Nagios XI. Monitoring Linux Using SNMP
Purpose This document describes how to monitor Linux machines with using SNMP. SNMP is an agentless method of monitoring network devices and servers, and is often preferable to installing dedicated agents
More informationHP Supporting the HP ProLiant Storage Server Product Family.
HP HP0-698 Supporting the HP ProLiant Storage Server Product Family https://killexams.com/pass4sure/exam-detail/hp0-698 QUESTION: 1 What does Volume Shadow Copy provide?. A. backup to disks B. LUN duplication
More informationCIS-331 Exam 2 Fall 2014 Total of 105 Points. Version 1
Version 1 1. (20 Points) Given the class A network address 119.0.0.0 will be divided into a maximum of 15,900 subnets. a. (5 Points) How many bits will be necessary to address the 15,900 subnets? b. (5
More informationSEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security
SEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security Consider 2. Based on DNS, identified the IP address of www.cuhk.edu.hk is 137.189.11.73. 1. Go to http://www.cuhk.edu.hk 3. Forward the
More informationData Protector 10.0x Platform and Integration Support Matrix
Data Protector 10.0x Platform and Integration Support Matrix Version: 2.2 Date: May 2018 For the following Data Protector components, only those combinations of Data Protector components, applications,
More informationHP Data Protector 8.00 Platform and Integration Support Matrix
HP Data Protector 8.00 Platform and Integration Support Matrix Version: 1.9 Date: March 2014 For the following Data Protector components, only those combinations of Data Protector components, applications
More informationData Protector 10.x Platform and Integration Support Matrix
Data Protector 10.x Platform and Integration Support Matrix Version: 2.6 Date: October 2018 For the following Data Protector components, only those combinations of Data Protector components, applications,
More informationData Protector 10.x Platform and Integration Support Matrix
Data Protector 10.x Platform and Integration Support Matrix Version: 3.2 Date: April 2019 For the following Data Protector components, only those combinations of Data Protector components, applications,
More informationManual Ftp Windows Server 2008 R2 Enterprise Virtual
Manual Ftp Windows Server 2008 R2 Enterprise Virtual 77. Virtual path. 77. Including virtual paths in "Maximum Directory Size" calculations Case File: Custom FTP command response. 101. Encryption We recommend
More informationServices: Monitoring and Logging. 9/16/2018 IST346: Info Tech Management & Administration 1
Services: Monitoring and Logging 9/16/2018 IST346: Info Tech Management & Administration 1 Recall: Server vs. Service A server is a computer. A service is an offering provided by server(s). HTTP 9/16/2018
More informationCreating the Fastest Possible Backups Using VMware Consolidated Backup. A Design Blueprint
Creating the Fastest Possible Backups Using VMware Consolidated Backup A Design Blueprint George Winter Technical Product Manager NetBackup Symantec Corporation Agenda Overview NetBackup for VMware and
More informationUpgrade Guide. This document details the upgrade process for customers moving from the full version of OnApp Cloud v2.3.1 to v2.3.2.
Upgrade Guide v2.3.2 This document details the upgrade process for customers moving from the full version of OnApp Cloud v2.3.1 to v2.3.2. It explains important changes to the backup system, network config
More informationCIS-331 Final Exam Spring 2015 Total of 115 Points. Version 1
Version 1 1. (25 Points) Given that a frame is formatted as follows: And given that a datagram is formatted as follows: And given that a TCP segment is formatted as follows: Assuming no options are present
More informationCIS-331 Exam 2 Fall 2015 Total of 105 Points Version 1
Version 1 1. (20 Points) Given the class A network address 117.0.0.0 will be divided into multiple subnets. a. (5 Points) How many bits will be necessary to address 4,000 subnets? b. (5 Points) What is
More informationFtp Get Command Line Windows 7 Bootable Usb
Ftp Get Command Line Windows 7 Bootable Usb Using WinPE 3.1: Built from Windows 7 SP1 code base. _Burn c:/bitpe_x64.iso to an optical disk or copy it to a Bootable USB Flash Drive, refer step 9_ Walkthrough
More informationDistributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 26. Cryptographic Systems: An Introduction Paul Krzyzanowski Rutgers University Fall 2015 1 Cryptography Security Cryptography may be a component of a secure system Adding cryptography
More informationNEC Express5800/B120d-h System Configuration Guide
NEC Express5800/B120d-h System Configuration Guide Introduction This document contains product and configuration information that will enable you to configure your system. The guide will ensure fast and
More informationInteroperability of Bloombase StoreSafe Security Server, QLogic FC-HBAs and QLogic SAN Switch for Transparent Storage Area Network (SAN) Encryption
Bloombase Interoperability Program P1 2012 Bloombase Interoperability of Bloombase StoreSafe Security Server, QLogic FC-HBAs and QLogic SAN Switch for Transparent Storage Area Network (SAN) Encryption
More informationEnabling Fast Recovery of Your Virtual Environments: NetBackup, Backup Exec & VCS for VMware
Enabling Fast Recovery of Your Environments: NetBackup, Backup Exec & VCS for VMware Agenda 1 Symantec and ization 2 NetBackup 6.5 for VMWare 3 Backup Exec & Backup Exec System Recovery for VMWare 4 Veritas
More informationLinux Installation Planning
Linux Installation Planning Mark Post Novell, Inc. March 4, 2011 Session 8986 Agenda More Questions Than Answers First Things First Pick the Right Architecture Disk Storage Selection Application Selection
More informationRed Hat Enterprise Linux Atomic Host 7 Getting Started with Cockpit
Red Hat Enterprise Linux Atomic Host 7 Getting Started with Cockpit Getting Started with Cockpit Red Hat Atomic Host Documentation Team Red Hat Enterprise Linux Atomic Host 7 Getting Started with Cockpit
More informationRed Hat Enterprise Linux 7 Getting Started with Cockpit
Red Hat Enterprise Linux 7 Getting Started with Cockpit Getting Started with Cockpit Red Hat Enterprise Linux Documentation Team Red Hat Enterprise Linux 7 Getting Started with Cockpit Getting Started
More informationForensics Challenges. Windows Encrypted Content John Howie CISA CISM CISSP Director, Security Community, Microsoft Corporation
Forensics Challenges Windows Encrypted Content John Howie CISA CISM CISSP Director, Security Community, Microsoft Corporation Introduction Encrypted content is a challenge for investigators Makes it difficult
More informationVIRTUAL GPU LICENSE SERVER VERSION AND 5.1.0
VIRTUAL GPU LICENSE SERVER VERSION 2018.06 AND 5.1.0 DU-07754-001 _v6.0 through 6.2 July 2018 User Guide TABLE OF CONTENTS Chapter 1. Introduction to the NVIDIA vgpu Software License Server... 1 1.1. Overview
More informationGL-280: Red Hat Linux 7 Update. Course Description. Course Outline
GL-280: Red Hat Linux 7 Update Course Description This is a differences course that focuses on the new technologies and features that made their appearance in Red Hat Enterprise Linux v7. It is intended
More informationQNAP OpenStack Ready NAS For a Robust and Reliable Cloud Platform
QNAP OpenStack Ready NAS For a Robust and Reliable Cloud Platform Agenda IT transformation and challenges OpenStack A new star in the cloud world How does OpenStack satisfy IT demands? QNAP + OpenStack
More informationRapid Recovery Installation and Upgrade Guide
Rapid Recovery 6.1.3 Table of Contents Introduction to Rapid Recovery...5 Rapid Recovery system requirements...6 Recommended network infrastructure...6 UEFI and ReFS support...6 Support for dynamic and
More informationLamassu: Storage-Efficient Host-Side Encryption
Lamassu: Storage-Efficient Host-Side Encryption Peter Shah, Won So Advanced Technology Group 9 July, 2015 1 2015 NetApp, Inc. All rights reserved. Agenda 1) Overview 2) Security 3) Solution Architecture
More informationVenafi Platform. Architecture 1 Architecture Basic. Professional Services Venafi. All Rights Reserved.
Venafi Platform Architecture 1 Architecture Basic Professional Services 2018 Venafi. All Rights Reserved. Goals 1 2 3 4 5 Architecture Basics: An overview of Venafi Platform. Required Infrastructure: Services
More informationNetBackup Deployment Template User Guide for Chef
NetBackup Deployment Template User Guide for Chef September 25, 2017 Third-party mass-deployment tools such as Chef and System Center Configuration Manager (SCCM) make deploying software on different platforms
More information271 Waverley Oaks Rd. Telephone: Suite 206 Waltham, MA USA
f Contacting Leostream Leostream Corporation http://www.leostream.com 271 Waverley Oaks Rd. Telephone: +1 781 890 2019 Suite 206 Waltham, MA 02452 USA To submit an enhancement request, email features@leostream.com.
More informationTriple DES and AES 192/256 Implementation Notes
Triple DES and AES 192/256 Implementation Notes Sample Password-to-Key and KeyChange results of Triple DES and AES 192/256 implementation For InterWorking Labs customers who require detailed information
More informationStep by Step SQL 17 Installation on CentOS Linux Release 7.4.
Step by Step SQL 17 Installation on CentOS Linux Release 7.4. Hussain Shakir LinkedIn: https://www.linkedin.com/in/mrhussain Twitter: https://twitter.com/hshakir_ms Blog: http://mstechguru.blogspot.ae/
More informationAdvanced Crypto. Introduction. 5. Disk Encryption. Author: Prof Bill Buchanan. Bob. Alice. Eve.
Advanced Crypto Bob Alice 5. Disk Encryption Eve Introduction Trent http://asecuritysite.com/crypto Market Microsoft Bitlocker File/Folder Encryption Disk Encryption Check Point Full Disk Encryption Software
More informationSun Microsystems Product Information
Sun Microsystems Product Information New Sun Products Announcing: the Sun Fire(TM) X4600 M2 server, using the Next Generation AMD Opteron 8000 series processors This is the fastest, most scalable, and
More information8/3/17. Encryption and Decryption centralized Single point of contact First line of defense. Bishop
Bishop Encryption and Decryption centralized Single point of contact First line of defense If working with VPC Creation and management of security groups Provides additional networking and security options
More informationCLC Server Command Line Tools USER MANUAL
CLC Server Command Line Tools USER MANUAL Manual for CLC Server Command Line Tools 2.2 Windows, Mac OS X and Linux August 29, 2014 This software is for research purposes only. CLC bio, a QIAGEN Company
More informationBackup Solution Testing on UCS B and C Series Servers for Small-Medium Range Customers (Disk to Tape) Acronis Backup Advanced Suite 11.
Backup Solution Testing on UCS B and C Series Servers for Small-Medium Range Customers (Disk to Tape) Acronis Backup Advanced Suite 11.5 First Published: June 24, 2015 Last Modified: June 26, 2015 Americas
More informationMigrating to WebGUI on VMWare
Migrating to WebGUI on VMWare Presented by Jarrod Igou WebGUI User Conference September 2, 2010 1 What we ll talk about WebGUI and me. (Well, OK. Us.) Why did we migrate? Our solution a plan is formed
More informationPurpose. Target Audience. Solution Overview NCPA. Using NCPA For Passive Checks
Using For Passive Checks Purpose This document describes how to configure the Nagios Cross Platform Agent () to send passive check results to Nagios XI or Nagios Core using Nagios Remote Data Processor
More informationQuickSpecs. Models. Overview
Overview The HP Smart Array P400 is HP's first PCI-Express (PCIe) serial attached SCSI (SAS) RAID controller and provides new levels of performance and reliability for HP servers, through its support of
More informationOpenSSL Hacks Anthony J. Stieber Abstract OpenSSL contains a command-line tool to do nearly everything possible within the OpenSSL library. Even better, it's probably already installed on your system.
More informationExam LFCS/Course 55187B Linux System Administration
Exam LFCS/Course 55187B Linux System Administration About this course This four-day instructor-led course is designed to provide students with the necessary skills and abilities to work as a professional
More informationConfiguration and Day 2 Operations First Published On: Last Updated On:
Configuration and Day 2 Operations First Published On: 05-12-2017 Last Updated On: 12-26-2017 1 Table of Contents 1. Configuration and Day 2 Operations 1.1.Top Day 2 Operations Knowledge Base Articles
More informationFedora Core: Made Simple
Table of Contents Installing Fedora...2 Before you begin...2 Compatible Hardware...2 Minimum Requirements...2 Disk Space Requirements...2 Help! Booting from the CD ROM Drive Fails!...2 Installing Fedora
More informationrsync link-dest Local, rotated, quick and useful backups!
rsync link-dest Local, rotated, quick and useful backups! Scope No complete scripts will be presented Just enough so that a competent scripter will be able to build what they need Unixes used: OpenBSD,
More informationThe OnApp Cloud Platform
The OnApp Cloud Platform Everything you need to sell cloud, dedicated, CDN, storage & more 286 Cores / 400 Cores 114 Cores 218 10 86 20 The complete cloud platform for service providers OnApp software
More informationSECRET SHARING SECRET SPLITTING
Clemens H. Cap Universität Rostock clemens.cap (at) uni-rostock (dot) de SECRET SHARING SECRET SPLITTING BaSoTI 2012, Tartu Anecdotal Problem Trent wants to give Alice and Bob access to the safe Trent
More informationQuickSpecs. Models. HP Smart Array P400i Controller. Overview
Overview The HP Smart Array P400 Serial Attached SCSI (SAS) controller (SA-P400) provides new levels of performance and reliability for HP servers, through its support of the latest SCSI technology and
More informationTo configure the patching repository so that it can copy patches to alternate locations, use SFTP, SCP, FTP, NFS, or a premounted file system.
Configuring Protocols to Stage and 1 Deploy Linux and UNIX Patches VCM supports patching of managed machines in distributed environments, either geographically or separated by firewalls. VCM uses a single
More informationLecture 4: Hashes and Message Digests,
T-79.159 Cryptography and Data Security Lecture 4: Hashes and Message Digests Helsinki University of Technology mjos@tcs.hut.fi 1 Cryptographic hash functions Maps a message M (a bit string of arbitrary
More informationExample File Systems Using Replication CS 188 Distributed Systems February 10, 2015
Example File Systems Using Replication CS 188 Distributed Systems February 10, 2015 Page 1 Example Replicated File Systems NFS Coda Ficus Page 2 NFS Originally NFS did not have any replication capability
More informationData Protection Guide
SnapCenter Software 4.0 Data Protection Guide For Oracle Databases May 2018 215-12930_D0 doccomments@netapp.com Table of Contents 3 Contents Deciding whether to read the SnapCenter Data Protection Guide
More informationSecurity context. Technology. Solution highlights
Code42 CrashPlan Security Code42 CrashPlan provides continuous, automatic desktop and laptop backup. Our layered approach to security exceeds industry best practices and fulfills the enterprise need for
More informationVeritas Storage Foundation In a VMware ESX Environment
Veritas Storage Foundation In a VMware ESX Environment Linux and Solaris x64 platforms December 2008 TABLE OF CONTENTS Introduction... 3 Executive Summary... 4 Overview... 5 Virtual Machine File System...
More informationStorage Area Networks: Performance and Security
Storage Area Networks: Performance and Security Presented by Matthew Packard July 27, 2003 SAN Architecture - Definition & DAS Limitations Storage Area Network (SAN) universal storage connectivity free
More informationFUJITSU Storage ETERNUS AF series and ETERNUS DX S4/S3 series
Utilizing VMware vsphere Virtual Volumes (VVOL) with the FUJITSU Storage ETERNUS AF series and ETERNUS DX S4/S3 series Reference Architecture for Virtual Platforms (15VM/iSCSI) The ETERNUS AF series and
More informationEMC CUSTOMER UPDATE. 12 juni 2012 Fort Voordorp. WHAT S NEW IN EMC AVAMAR 6.1 Arjo de Bruin. Copyright 2012 EMC Corporation. All rights reserved.
EMC CUSTOMER UPDATE 12 juni 2012 Fort Voordorp WHAT S NEW IN EMC AVAMAR 6.1 Arjo de Bruin 1 Agenda Business Critical Applications Virtualization Performance & Scalability Extended Retention Management
More information