- This topic has 6 replies, 4 voices, and was last updated September 12, 2019 by Amy M.
VMWare 6.5 Encryption
We are looking at using data encryption in VMWare 6.5 . In this scenario a Key Management Server works in concert with vCenter to provide encryption/decryption keys for when a VM boots up. In essence, a powered down VM is data-at-rest encrypted. Does Zerto have guidelines for set up in this environment, how Zerto movements between vCenters should be handled, how to build a the test Replication/DR environment, and how Zerto Backups work in this type scenario? I know it’s a lot of q’s in one fell swoop!
We don’t support VM encryption in VMware 6.5 today. This is on our roadmap. You can find this feature request and vote on it here: https://www.zerto.com/myzerto/support/feature-requests/
Zerto Platform Product ManagerMatthew CAugust 17, 2018 07:48:45 PM
Amy – if I were to use a 3rd part VM encryption product, such as Gemalto, would my Zerto replication and recovery still work? I think yes, since the encryption is layer 7, application, but this post got me thinking about it.
I’m not familiar with the way Gemalto does encryption. We do have customers who do storage encryption and that is transparent to Zerto.
Zerto Platform Product Manager
We are looking at VMWare to do the encryption because it makes the data encrypted regardless of where the data resides. The storage platform becomes ‘encryption agnostic’ which then extends our hardware platforms lives. It covers us in case of a backup being stolen either on disk or from disk (downloaded and taken out). Disk encryption only covers the physical media it seems, whereas the software encryption extends our coverage. I’m sorry to see it hasn’t really gotten a lot of votes for the roadmap.
My follow-up question is, has anyone tried to do this and what were their results? From a brief overview it seems to me that if you have access to vCenter and a recognized Key Server, the data file should then unlock. I’d rather not be the one that told the auditors we were data at rest and DR compliant, only to find out the one broke the other. Technology, always something new to tackle.
Hello Amy/Zerto Project Management,
Has there been any movement on supporting vmware encryption ?
I tried visiting this link and it doesn’t take me anywhere: https://www.zerto.com/myzerto/support/feature-requests/
The link to the feature requests is: https://www.zerto.com/myzerto/support/feature-requests/ once there, you can search for encryption so you can vote on the type of encryption you need. We have encryption in our roadmap. Please contact your Zerto account team to discuss the roadmap further.
Zerto Product Manager