CCI Private Cloud - VM Encryption

This document details VM Encryption and vTPM for VMs hosted in the CCI Private Cloud Virtualization Environment.

Portal - Login Information

vSphere Virtual Machine Encryption is available on per VM basis and is enabled by manual process performed by the CCI team.

Things to consider

  • Performance maybe affected; security is a tradeoff.
  • VM needs to be off to add Encryption.

VM Encryption

  • Encrypts the VM itself and all its settings.
  • Encrypts the disks. Can be all or individually selected.

CCI uses vSphere Native Key Provider for VM Encryption
NKP Q&A - https://core.vmware.com/native-key-provider-questions-answers

Alternatives to vSphere Virtual Machine Encryption 

Microsoft BitLocker
BitLocker support in a VM - https://kb.vmware.com/s/article/2036142

  • Windows Server 2008 and later
  • Designed to protect data by providing encryption for entire volumes.
    • Microsoft does not support the use of BitLocker on the bootable partition of a virtual hard disk.
    • BitLocker is supported on non-bootable partitions of a virtual hard disk.
 

Incident Reporting & Technical Support

CCI Private Cloud Incident Reporting

  • Customers should contact the DoIT Help Desk to report an incident or check the outages page for an CCI Private Cloud incident.
  • Formal support is provided for CCI Private Cloud during business hours only. After-hours support is best effort.

CCI Private Cloud Technical Support

  • Customers should contact the DoIT Help Desk or email cci-virtualization@wisc.edu with support requests.
  • CCI Private Cloud technologists will respond to all support requests by the end of the following business day.

 


KeywordsbitLocker, cci, cciv, cloud, encryption, machine, nkp, private, virtual, virtualization, vm, vtpm   Doc ID132284
OwnerDrew D.GroupCCI Private Cloud
Created2023-10-24 14:33:33Updated2023-10-27 11:10:46
SitesCampus Cloud Infrastructure (CCI) - Private Cloud
Feedback  0   0