vCenter

 View Only
  • 1.  Data protection at rest

    Posted Aug 31, 2022 07:54 PM

    Hello,

    today I have an environment with VxRail Dell EMC with vSAN.

    VxRail uses a unique vSAN policy to configure according to FTT (RAID), which is a VMware standard for setting according to the number of nodes and resiliency.

    However, I read that to protect my data at rest I need to set the disk with an encryption policy.

    For this I first need to install the KMS that I found a link to download, but I'm not sure if this is a paid service or is it free.

    Another question is when I change the disk policy, I will lose the vSAN policy, because I will need to change the disk configuration or when I create a new disk I will need to apply this encryption policy. It is not the same as vSAN which has specific settings for FTT (RAID).

    Also I don't know if there is any difference between VM encryption or just disk encryption? Or is it just encryption?

    I need a clarification on how this encryption issue works because I'm confused.

    Thanks.