6. Encryption Management Service

Overview

VMware Cloud Director Encryption Management is a solution that grants in-transit encryption for disk I/O and vMotion for a customer's Virtual Machine using vTPM and VM Encryption technology.

Please refer to the Encryption Management service usage guide below.

Procedure

1

Step 1: Customer login to Portal vCD

2

Step 2: Verify Encryption Policy is available

3

Step 3: Choose the VM you want to encrypt. Note: this VM must be powered off before encryption

4

Step 4: Change Default Storage Policy

  • VM -> General -> EDIT Wait for this VM encryption process to complete (It will take time depending on the size of the VM's hard drive)

  • Optional: Enable Security Devices – Trusted Platform Module (vTPM)

    • Choose Security Devices -> Edit -> Enable -> SAVE

    NOTED: VM must meet the following requirements to add Trusted Platform Module:

    • VM is powered off

    • OS is compatible with Trusted Platform Module

    • VM doesn’t have any snapshots

    • Hardware version 14 or late

    • Boot firmware is EFI

5

Step 5: Powered on the encrypted VM:

  • VM configuration files, including swap files, core dump files, and more, are encrypted.

  • All Hard disks are encrypted.

  • vTPM is present (Optional: if it was enabled in step 5)

Last updated