vSphere Virtual Machine Encryption

GPTKB entity

Statements (37)
Predicate Object
gptkbp:instanceOf VMware technology
gptkbp:auditing vCenter logs encryption events
gptkbp:compatibleWith gptkb:vSphere_Replication
Fault Tolerance
VMware vSphere Storage DRS (for encrypted VMs)
vMotion (encrypted)
gptkbp:developedBy gptkb:VMware
gptkbp:documentation https://docs.vmware.com/en/VMware-vSphere/index.html
gptkbp:doesNotEncrypt guest OS data in memory
network traffic (unless using encrypted vMotion)
gptkbp:encryption VM configuration files (VMX)
VM disk files (VMDK)
gptkbp:encryptionScope virtual machine files only
gptkbp:granularity per-VM
per-VMDK
https://www.w3.org/2000/01/rdf-schema#label vSphere Virtual Machine Encryption
gptkbp:introducedIn gptkb:vSphere_6.5
gptkbp:key external KMS via KMIP
gptkbp:managedBy gptkb:vCenter_Server
gptkbp:policyBased true
gptkbp:purpose encrypt virtual machine files
gptkbp:requires gptkb:vCenter_Server
gptkb:Enterprise_Plus_license
gptkb:Key_Management_Server_(KMS)
ESXi host 6.5 or later
gptkbp:supports role-based access control
encryption at rest
key rotation
key revocation
encryption in motion
key re-encryption
gptkbp:supportsAlgorithm gptkb:AES-256
gptkbp:uses data protection
compliance
multi-tenancy security
gptkbp:bfsParent gptkb:vSphere_8
gptkbp:bfsLayer 8