vSphere vCenter Server VM Encryption
GPTKB entity
Statements (44)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
VMware technology feature
|
| gptkbp:appliesTo |
existing VMs
new VMs |
| gptkbp:auditedBy |
vCenter Server events
|
| gptkbp:canBe |
replication
snapshots backups clones VM templates |
| gptkbp:compatibleWith |
gptkb:vSAN_encryption
VMs with Fault Tolerance enabled VMs with PCI passthrough devices VMs with vSphere Replication prior to 6.5.1 vSAN encryption (vSAN has its own encryption) |
| gptkbp:documentation |
https://docs.vmware.com/en/VMware-vSphere/index.html
|
| gptkbp:doesNotEncrypt |
guest OS data in memory
network traffic (unless vMotion encryption is used) |
| gptkbp:enables |
encryption of virtual machine files
|
| gptkbp:encryption |
VM swap files
VM home files virtual disks (VMDK files) |
| https://www.w3.org/2000/01/rdf-schema#label |
vSphere vCenter Server VM Encryption
|
| gptkbp:introducedIn |
gptkb:vSphere_6.5
|
| gptkbp:managedBy |
gptkb:vCenter_Server
|
| gptkbp:partOf |
gptkb:VMware_vSphere
|
| gptkbp:policyManagedBy |
vSphere Storage Policy Based Management (SPBM)
|
| gptkbp:protectedBy |
unauthorized access to VM data
|
| gptkbp:repealedBy |
removing KMS key
|
| gptkbp:requires |
gptkb:vCenter_Server
gptkb:Enterprise_Plus_license gptkb:Key_Management_Server_(KMS) hardware virtualization support (AES-NI recommended) ESXi host version 6.5 or later VM Encryption policy vSphere Web Client or vSphere Client for management |
| gptkbp:supports |
role-based access control
encryption at rest key rotation encryption in motion (vMotion encryption) key re-encryption |
| gptkbp:supportsAlgorithm |
AES-256 XTS
|
| gptkbp:uses |
KMIP protocol for KMS integration
|
| gptkbp:bfsParent |
gptkb:vSphere_8
|
| gptkbp:bfsLayer |
8
|