VMWare 6.5 Encryption

  • We are looking at using data encryption in VMWare 6.5 .  In this scenario a Key Management Server works in concert with vCenter to provide encryption/decryption keys for when a VM boots up.  In essence, a powered down VM is data-at-rest encrypted.  Does Zerto have guidelines for set up in this environment, how Zerto movements between vCenters should be handled, how to build a the test Replication/DR environment, and how Zerto Backups work in this type scenario?  I know it’s a lot of q’s in one fell swoop!

    Thanks.

    Hi Jim

    We don’t support VM encryption in VMware 6.5 today.  This is on our roadmap.  You can find this feature request and vote on it here:  https://www.zerto.com/myzerto/support/feature-requests/

    Thanks

    Amy Mitchell

    Zerto Platform Product Manager

    Amy – if I were to use a 3rd part VM encryption product, such as Gemalto, would my Zerto replication and recovery still work? I think yes, since the encryption is layer 7, application, but this post got me thinking about it.

    Thanks!

    Hi Matt,

    I’m not familiar with the way Gemalto does encryption.  We do have customers who do storage encryption and that is transparent to Zerto.

    Amy Mitchell

    Zerto Platform Product Manager

    We are looking at VMWare to do the encryption because it makes the data encrypted regardless of where the data resides.  The storage platform becomes ‘encryption agnostic’ which then extends our hardware platforms lives.  It covers us in case of a backup being stolen either on disk or from disk (downloaded and taken out).  Disk encryption only covers the physical media it seems, whereas the software encryption extends our coverage.  I’m sorry to see it hasn’t really gotten a lot of votes for the roadmap.

    My follow-up question is, has anyone tried to do this and what were their results?  From a brief overview it seems to me that if you have access to vCenter and a recognized Key Server, the data file should then unlock.  I’d rather not be the one that told the auditors we were data at rest and DR compliant, only to find out the one broke the other.  Technology, always something new to tackle.

    Hello Amy/Zerto Project Management,

     

    Has there been any movement on supporting vmware encryption ?

    I tried visiting this link and it doesn’t take me anywhere: https://www.zerto.com/myzerto/support/feature-requests/

     

    Thanks

You must be logged in to create new topics. Click here to login