Disk encryption allows you to protect the backup data stored on the cloud failover appliance (CFA) from being accessed offline. For example, if someone takes out a hard disk from the CFA, or if you replace a failed disk in the RAID, the disk stays encrypted, thus reducing the risk of the data breach.

Encryption on primary appliances

Hard disks in the primary CFAs (located on the customer’s premises), whether physical or virtual, are encrypted with LUKS.

LUKS is an industry standard hard disk encryption system build into Linux. It uses the AES algorithm with a 256-bit key in the CBC-ESSIV mode. The system generates a random encryption key, encrypts it with another key (master key), and stores it in one of the key slots provided by LUKS.

When writing to or reading from a hard disk, the system encrypts or decrypts data on the fly using the master key derived by PBKDF2 from a user-defined passphrase stored on the CFA boot disk.

Note

Disk encryption on the primary CFAs is not a default feature. Our implementation specialists can enable it during the initial CFA configuration—that is when the CFA is set up for the first time and contains no backups yet. Otherwise, encryption will erase everything stored on the hard disks.

Encryption on secondary appliances

Hard disks in the secondary CFAs (located in the Infrascale datacenters), whether physical or virtual, are encrypted by default using the AES-256 algorithm.

Encryption exclusions

Encryption applies only to hard disks where the CFA stores the backup data. It does not apply to the boot disk and SSD.

Boot disk contains only the operating system, while SSD holds the block map (index) for DDFS, and the CFA catalog database:

  • DDFS block map contains the hash of each stored block, and metadata about the block, for example, the reference count, the address, and other.

  • Catalog database stores metadata about each backup job (name, date started and ended, size, and so on). For File and Folder backup jobs, it also includes metadata about each file in a job (name and size of the file, permissions, timestamps, and other). It does not contain actual job data.