vSphere Virtual Machine Encryption
GPTKB entity
Statements (37)
Predicate | Object |
---|---|
gptkbp:instanceOf |
VMware technology
|
gptkbp:auditing |
vCenter logs encryption events
|
gptkbp:compatibleWith |
gptkb:vSphere_Replication
Fault Tolerance VMware vSphere Storage DRS (for encrypted VMs) vMotion (encrypted) |
gptkbp:developedBy |
gptkb:VMware
|
gptkbp:documentation |
https://docs.vmware.com/en/VMware-vSphere/index.html
|
gptkbp:doesNotEncrypt |
guest OS data in memory
network traffic (unless using encrypted vMotion) |
gptkbp:encryption |
VM configuration files (VMX)
VM disk files (VMDK) |
gptkbp:encryptionScope |
virtual machine files only
|
gptkbp:granularity |
per-VM
per-VMDK |
https://www.w3.org/2000/01/rdf-schema#label |
vSphere Virtual Machine Encryption
|
gptkbp:introducedIn |
gptkb:vSphere_6.5
|
gptkbp:key |
external KMS via KMIP
|
gptkbp:managedBy |
gptkb:vCenter_Server
|
gptkbp:policyBased |
true
|
gptkbp:purpose |
encrypt virtual machine files
|
gptkbp:requires |
gptkb:vCenter_Server
gptkb:Enterprise_Plus_license gptkb:Key_Management_Server_(KMS) ESXi host 6.5 or later |
gptkbp:supports |
role-based access control
encryption at rest key rotation key revocation encryption in motion key re-encryption |
gptkbp:supportsAlgorithm |
gptkb:AES-256
|
gptkbp:uses |
data protection
compliance multi-tenancy security |
gptkbp:bfsParent |
gptkb:vSphere_8
|
gptkbp:bfsLayer |
8
|