none
Can DPM 2010 send encrypted data through the internet? RRS feed

  • Question

  • Hi,

    I'm planning to protect a server which have a low internet BW and unstable VPN tunnels.

    I was wondering if the DPM2010 have the possibility to protect a server through the internet by sending encrypted data or the connection should be through a VPN tunnel?

     

    // Laith.

    Monday, December 20, 2010 12:48 PM

Answers

  • DPM does not encrypt data for transfer, but your VPN should encrypt all data that passes through. For example if you use a Microsoft L2TP VPN tunnel the data will be IPSec encrypted between the tunnel endpoints.  You can also encrypt the data using PPTP and EAP-TLS. I believe most 3rd party VPN technologies either encrypt data by default or at least have some option to do data encryption.

     

    For more on L2TP and PPTP see:

    http://technet.microsoft.com/en-us/library/cc771298(WS.10).aspx

     

     

    • Proposed as answer by BuchatechMVP, Moderator Tuesday, December 21, 2010 1:35 AM
    • Unproposed as answer by Laith IT Thursday, December 23, 2010 10:30 AM
    • Marked as answer by Laith IT Tuesday, December 28, 2010 1:10 PM
    Monday, December 20, 2010 3:19 PM

All replies

  • DPM does not encrypt data for transfer, but your VPN should encrypt all data that passes through. For example if you use a Microsoft L2TP VPN tunnel the data will be IPSec encrypted between the tunnel endpoints.  You can also encrypt the data using PPTP and EAP-TLS. I believe most 3rd party VPN technologies either encrypt data by default or at least have some option to do data encryption.

     

    For more on L2TP and PPTP see:

    http://technet.microsoft.com/en-us/library/cc771298(WS.10).aspx

     

     

    • Proposed as answer by BuchatechMVP, Moderator Tuesday, December 21, 2010 1:35 AM
    • Unproposed as answer by Laith IT Thursday, December 23, 2010 10:30 AM
    • Marked as answer by Laith IT Tuesday, December 28, 2010 1:10 PM
    Monday, December 20, 2010 3:19 PM
  • Hi Marc,

    I know that all VPN tunnels used encryption.

    But my question was is it possible to send the information through the internet and skip the VPN tunnels?.

    The problem is that when the tunnel is unstable or can not handle to transfer alarge amount of data DPM will not work.

    Thats why i asked if there is a way to transfer the data throught the internet?

    Tuesday, December 21, 2010 9:53 AM
  • Laith,

    It *might* work, but even if I did I would not recommend it. As noted in my previous post DPM does not have any way to encrypt your data, it depends on the underlying network to handle encryption if needed. If you were to try this, you should set up IPSec between the protected remote servers and the DPM server so your DPM transfers are IPSec encrypted.

    Marc

    Wednesday, December 22, 2010 3:23 PM
  • Marc,

     

    I am using IPSec but as i said. In this case i doubt that the IPSec solution will work due to unstaible firewall and tunnels that the company have.

    I will not risk send unencrypted data through the internet but I think thats an option that MS have to take it into consideration in the next DPM generation (crypted data through the internet) there are some companies that they dont have a stable network but they do have an OK internet connection.

     

    So from your answer i can say that the only "save" way to take backup is through IPSec and its "not" possible for DPM 2010 to run "save" backup through the internet?

    // Laith.

    Thursday, December 23, 2010 7:16 AM