Encryption on the TS7700 is controlled on a storage pool basis. DFSMS storage group and management class constructs control the use of primary and secondary storage pools for logical volumes, through mapping in the Library Manager, resulting in an indirect form of encryption policy management. The storage pools, which were originally created for the management of physical media, have been enhanced to include encryption characteristics.
You can set up storage pools for encryption through the TS7700 Management Interface (MI) and then direct primary and secondary copies of volumes to these pools by using the storage group and management class constructs.
In z/OS, automatic class selection (ACS) routines assign storage group and management class to volumes dynamically. In non-z/OS environments, you can set up encryption policies by assigning storage group and management class statically to ranges of volume serials using the Library Manager user interface.
You assign encryption key labels using the Management Interface on a per-storage-pool basis. For more information, refer to these publications:
IBM Virtualization Engine TS7700 Release 1.4a: Tape Virtualization for System z Servers, SG24-7312
IBM Virtualization Engine TS7700 Series Encryption Overview:
ftp://ftp.software.ibm.com/storage/Encryption/Docs/TS7700_Encryption_Support_V1 1.pdf
4.4 IBM LTO Ultrium tape drives and libraries
In this section, we give an overview of LTO Ultrium tape drive and media technology and describe IBM LTO Ultrium tape drives and automated tape libraries. We describe the following products:
IBM System Storage TS2240 Tape Drive Express Model
IBM System Storage TS2340 Tape Drive Express Model
IBM System Storage TS1040 Tape Drive
IBM System Storage TS2900 Tape Autoloader
IBM System Storage TS3100 Tape Library
IBM System Storage TS3200 Tape Library
IBM System Storage TS3310 Tape Library
The System Storage TS3500 Tape Library also supports IBM LTO Ultrium tape drives, but it is not exclusively an LTO tape library. It supports the installation of IBM LTO Ultrium, IBM System Storage TS1120 tape drives and IBM System Storage TS1130 tape drives. Using IBM TS1120 or IBM TS1130 tape drives, the TS3500 can attach to open systems and also to System z hosts. We describe the TS3500 Tape Library in a separate section (4.6, “IBM System Storage TS3500 Tape Library” on page 120).
Chapter 4. IBM System Storage tape automation for encryption 105
4.4.1 Linear Tape-Open overview
The Linear Tape-Open (LTO) Program was formed in 1997 by IBM, Hewlett-Packard (HP), and Seagate. The three companies, HP, IBM, and Quantum (the successor to Seagate), jointly oversee the development and road map of Linear Tape-Open (LTO) technology.
The LTO technology objective was to establish new open-format specifications for high capacity, high performance tape storage products for use in the midrange and network server computing environments and to enable superior tape product options.
LTO program cooperation goes beyond the initial three companies. LTO format specifications have been made available to all companies that want to participate through standard
licensing provisions. LTO program technology has attracted a number of other industry leaders, so that LTO-specified products (tape drives and tape storage cartridges) will reach the market from multiple manufacturers, not just the technology provider companies. This approach is critical to meeting an open market objective and is accomplished through the open licensing of the technology.
Cooperation is also evident in the LTO program requirement that all products produced by licensees are technically certified annually. The primary objective of this certification is to help determine whether LTO format cartridges will be interchangeable across drives produced by separate LTO Ultrium manufacturers. The objective is that LTO compliant media from any vendor can be read and written in LTO compliant drives from any vendor.
All three consortium members (IBM, HP, and Quantum) ship LTO Ultrium products, and numerous other licensees ship hardware and media. Obtain more information at the Linear Tape-Open organization website:
http://www.lto.org
For more information about LTO technology, refer to the IBM System Storage Tape Libraries Guide for Open Systems, SG24-5946.
Obtain more information at the IBM LTO website:
http://www.ibm.com/storage/lto
The LTO Ultrium road map (Figure 4-11 on page 106) shows the evolution of LTO technology.
At the time of writing this book, IBM Ultrium generation 3 and 4 products are available. The information in the road map is an indication of possible future developments by the three consortium members and is subject to change.
LTO: For the remainder of this book, we use the term LTO as a generic term for various generations of the LTO Ultrium tape drives. We use LTO4 as a generic term for IBM LTO Ultrium Generation 4 drives:
IBM System Storage TS2240 Tape Drive
IBM System Storage TS2340 Tape Drive
IBM System Storage TS1040 Tape Drive
IBM LTO Ultrium 4 tape drives installed in the System Storage TS2900 Autoloader
System Storage TS3100, TS3200, and TS3310 tape libraries
Figure 4-11 LTO Ultrium road map
4.4.2 LTO media
Each generation of LTO Ultrium tape drives uses its own cartridge. LTO drives generally provide backward read compatibility for the previous generations and read/write compatibility for the previous generation. For example, LTO4 drives can read and write in LTO3 format on LTO3 media. They can also read the LTO2 format from LTO2 media, but they cannot write in LTO2 format. The LTO technology consists of the following generations:
LTO1 was the first generation of the LTO technology with an uncompressed tape capacity of 100 GB per cartridge.
LTO2 is the second generation of the LTO technology with an uncompressed tape capacity of 200 GB per cartridge.
LTO3 is the third generation of the LTO technology with an uncompressed tape capacity of 400 GB per cartridge. A WORM (write-once, read-many) version of the LTO3 cartridge is also available.
LTO4 is the fourth generation of the LTO technology with an uncompressed tape capacity of 800 GB per cartridge. A WORM (write-once, read-many) version of the LTO4 cartridge is also available. LTO4 is the first LTO generation that supports encryption. Encryption on LTO drives requires the use of LTO4 media.
LTO5 is the fifth generation of the LTO technology with an uncompressed tape capacity of 1.5 TB per cartridge. A WORM (write-once, read-many) version of the LTO5 cartridge is also available. LTO5 supports encryption.
LTO cartridges are color-coded. The LTO Ultrium 1 data cartridge is black. The LTO Ultrium 2 data cartridge is purple. The LTO Ultrium 3 data cartridge is steel blue. The LTO Ultrium 4 data cartridge is green. The LTO Ultrium 5 cartridge is red.
Important: Hewlett-Packard, IBM, and Quantum (the successor to Seagate) reserve the right to change the information in this migration path without notice.
Generation
Encryption No No No Yes Yes Yes
Chapter 4. IBM System Storage tape automation for encryption 107 The third generation IBM WORM cartridge is a two-tone cartridge with a steel-blue top and a platinum (silver) bottom. The fourth generation WORM is a two-tone cartridge with a
steel-green top and a platinum (silver) bottom.