Vembu BDR Suite is a comprehensive Backup and Disaster recovery software for small & medium businesses. It is a server machine which supports both windows and linux based environment. Vembu has developed wide range of products such as VMBackup, ImageBackup, NetworkBackup, Vembu OffsiteDR and many more. In Vembu BDR Suite, we can perform different types of backup using a single console. Backup can be performed in both the physical machine as well as the virtual machine.
Vembu BDR stands unique with many amazing features but one of the most important feature is its Encryption technique which I am going to brief through in this blog.
Encryption technique used in Vembu BDR Suite is AES-256 bit algorithm. AES-256 is a key generation method used to securely encrypt your data and prevent unwanted access to your files.
Outline for Vembu BDR Encryption
- Download Vembu BDR
- Encryption settings in Vembu BDR Suite
- Set password to protect your backup
- How Encryption works in Vembu BDR Server
- How user encryption password is used to restore
1.Download Vembu BDR
Use this link to download Vembu BDR https://www.bdrsuite.com/vembu-bdr-suite-download/
Verify this link to install Vembu BDR Suite https://www.bdrsuite.com/guide/evaluators-guide-for-vmware-backup/getting-started.html?SupportedPlatform1.html
2. Encryption settings in Vembu BDR Suite
Using Vembu BDR encryption settings, user can provide their own password for encryption. Once the password has been saved, encryption is enabled in Vembu BDR Backup Server. This encryption password is used only for VMware backup, Hyper-V backup and Disk Image backup. In Disk Image, backup data will not be encrypted in client, but backup data first transferred to Vembu BDR Server, after which it will be encrypted in Vembu BDR server. The data is transferred as blocks and after receiving every block from the client, encryption status will be checked using the encryption length of the block.
If the encryption length is 0, data has not been encrypted and encryption has to be performed for this block in the BDR Server. If the encryption length is greater than zero, the block has already been encrypted and therefore encryption should not be done for this block in the BDR Backup Server.
If the encryption is not enabled in the server, then the backup data from client will be encrypted in the server using default system generated password. If encryption is enabled in server, then the backup data from client will be encrypted in the server using user encryption password.
In Vembu NetworkBackup, client encrypts its data in client side itself, after that it is transferred to the BDR Server. Then, new backups will be scheduled with user encryption password. Encryption will be applicable for both the backups configured from client side and the server side.
3.Set password to protect your backup
Follow this instruction to provide a password for your backup.
- Login Vembu BDR Server
- Go to Management -> Settings -> Encryption settings
- Set password
4.How Encryption password works in Vembu BDR Server
For all the backups in Vembu BDR Server, once backup configuration is received from the client it is compared with the already existing configuration to check if there is any
mismatch found between existing and new configuration. If any mismatch is found in between existing and new configuration, backup will fail.
In each backup configuration, backup is maintained in Client backup configuration table in database. The values are inserted into this table by parsing corresponding backup
configuration file. For encryption enabled backups, when we insert the values in Client backup configuration table, password is taken from encryption settings table in client
database and then inserted.
For VMware backup, Hyper-V backup and Disk Image backup, once the backup configuration is received from the client, it is written to a file. Then Encryption status is checked in encryption settings table.(This table is presented in database under Vembu BDR Server). If encryption is enabled, then encrypted value is set as 1.Then md5 password (Encoded byte) is taken from that table. Using this md5 password, encoded byte is updated in configuration file.
MD5 Password – It is hashing algorithm and it is one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.
5. How user encryption password is used in restore?
While restoring encryption enabled backup, user should enter their password. Once user enters his password, the md5 Password for this user will be generated and then compared with the md5 Password present in the backup configuration file. If both the md5 Passwords match, then the password entered by the user is valid and then the restore will be proceeded. Once this password is verified, password will be sent in the restore configuration xml. If there is a mismatch between the md5 Passwords, then the password entered by the user is invalid and the restore will be denied.
Conclusion
Now we all know, how to keep our data secured using Vembu BDR Encryption. As security is one the most important aspect every one demands, Vembu makes sure the sensitive data of its customer are never at risk. Vembu BDR Server stores its backuped data in encrypted form so that no one can view or access your data.
Got questions? Email us at: vembu-support@vembu.com for answers.
Follow our Twitter and Facebook feeds for new releases, updates, insightful posts and more.
