Bacula and Bacula Enterprise backup and restore software is known in the IT industry for being very sensitive to communication and data encryption. It is largely used in companies with high level security policies. Since the introduction of Bacula Enterprise 12.0 and Bacula 11.0.6, it comes enabled by default with TLS communication encryption. All daemons and consoles are fully encrypted for network communications. The pre-shared key used between Bacula deamons is the password set in those daemons.
It is still possible to use TLS certificates, but this new feature eases the encryption of all communications by default, for all our users.