Configuring backup and restore
IBM® Security Guardium® Key Lifecycle Manager provides a set of operations to back up and restore current, active files and data.
IBM Security Guardium Key Lifecycle Manager creates cross-platform backup files in a manner that is independent of operating systems and directory structure of the server. You can restore the backup files to an operating system that is different from the one it was backed up from. For example, you can restore a backup file that is taken on a Linux® system and restore it on a Windows system.
- Data in the IBM Security Guardium Key Lifecycle Manager database tables
- Truststore and keystore with the master key
- IBM Security Guardium Key Lifecycle Manager configuration files
Your role must have permissions to back up or to restore files.
The IBM Security Guardium Key Lifecycle Manager backup and restore operations support the use of AES 256-bit key length for data encryption/decryption to conform to the PCI DSS (Payment Card Industry Data Security Standard) standards for increased data security.
Encryption methods to back up IBM Security Guardium Key Lifecycle Manager data
- Password-based encryption
- External master key store based encryption
High-performance backup and restore
When IBM Security Guardium Key Lifecycle Manager is configured for high-performance backup and restore, IBM Db2® native backup technology is used to run the backup and restore operation for more efficiency. However, with this configuration, you can restore the backup only in an identical operating environment. The operating system, middleware components, and directory structures must be identical on both systems.
You cannot create a cross-platform compatible backup file if IBM Security Guardium Key Lifecycle Manager is configured for high-performance backup and restore activities. For information about how to back up large amount of data, see Backing up large amount of data.