Hello,
today I have an environment with VxRail Dell EMC with vSAN.
VxRail uses a unique vSAN policy to configure according to FTT (RAID), which is a VMware standard for setting according to the number of nodes and resiliency.
However, I read that to protect my data at rest I need to set the disk with an encryption policy.
For this I first need to install the KMS that I found a link to download, but I'm not sure if this is a paid service or is it free.
Another question is when I change the disk policy, I will lose the vSAN policy, because I will need to change the disk configuration or when I create a new disk I will need to apply this encryption policy. It is not the same as vSAN which has specific settings for FTT (RAID).
Also I don't know if there is any difference between VM encryption or just disk encryption? Or is it just encryption?
I need a clarification on how this encryption issue works because I'm confused.
Thanks.