CCI Private Cloud - VM Encryption

This document details VM Encryption and vTPM for VMs hosted in the CCI Private Cloud Virtualization Environment.

Portal - Login Information

vSphere Virtual Machine Encryption is available on per VM basis and is enabled by manual process performed by the CCI team.

Things to consider

  • Performance maybe affected; security is a tradeoff.
  • VM needs to be off to add Encryption.

VM Encryption

  • Encrypts the VM itself and all its settings.
  • Encrypts the disks. Can be all or individually selected.

CCI uses vSphere Native Key Provider for VM Encryption
NKP Q&A - https://core.vmware.com/native-key-provider-questions-answers

Alternatives to vSphere Virtual Machine Encryption 

Microsoft BitLocker
BitLocker support in a VM - https://kb.vmware.com/s/article/2036142

  • Windows Server 2008 and later
  • Designed to protect data by providing encryption for entire volumes.
    • Microsoft does not support the use of BitLocker on the bootable partition of a virtual hard disk.
    • BitLocker is supported on non-bootable partitions of a virtual hard disk.
 

Incident Reporting & Technical Support

CCI Private Cloud Incident Reporting

  • Customers should contact the DoIT Help Desk to report an incident or check the outages page for an CCI Private Cloud incident.
  • Formal support is provided for CCI Private Cloud during business hours only. After-hours support is best effort.

CCI Private Cloud Technical Support

  • Customers should contact the DoIT Help Desk or email cci-virtualization@wisc.edu with support requests.
  • CCI Private Cloud technologists will respond to all support requests by the end of the following business day.

 


Keywords:
bitLocker, cci, cciv, cloud, encryption, machine, nkp, private, virtual, virtualization, vm, vtpm 
Doc ID:
132284
Owned by:
Drew D. in CCI Private Cloud
Created:
2023-10-24
Updated:
2024-12-02
Sites:
Campus Cloud Infrastructure (CCI) - Private Cloud