SvKMS with VMware

A VMware-certified key manager for VM encryption in vSphere and vSAN

For adequate security, ensure data within your VMware environment is encrypted

VMware has provided an encryption feature since the release of vSphere 6.5. This allows virtual machines (VMs) within the vSphere environment to be protected with data-at-rest encryption. But to allow VMware’s encryption to be enabled, you must use an external, third party key management system (KMS). StorMagic SvKMS is a VMware-certified key manager and is available on the VMware Cloud Marketplace.

Why use SvKMS to enable vSphere encryption?

SvKMS has supported vSphere encryption since the beginning of VMware’s encryption capabilities and is officially recognized as a certified KMS on the VMware KMS compatibility matrix. SvKMS supports the most recent version of the KMIP (key management interoperability protocol) standard and therefore provides a seamless integration with vSphere to enable the encryption of VMs.

SvKMS is a full-featured key management system that handles entire key lifecycle operations. It supports many uses cases, centralizing your organization’s key management into a single console. It facilitates integrations with many other platforms and software, not only through the use of KMIP, but also BYOK (bring your own key), it’s REST API and HSM Extension feature.

How to integrate VMware vSphere with StorMagic SvKMS

Once SvKMS has been successfully deployed and activated, it can be configured as a Key Management Server (KMS) for vSphere.

vSphere requests encryption keys from SvKMS. SvKMS generates and stores these keys which are passed to the vCenter server and used whenever a VM stored on vSphere needs to be encrypted.

This process requires two configuration steps. Firstly, to create a group, user and authentication certificate in the SvKMS Web Portal. Secondly SvKMS must be added as a KMS to your vCenter Server.

A full explanation and step-by-step guide to integrating vSphere with SvKMS can be found in the SvKMS manual, within the “Integrations” section. Separate guides are provided for vSphere versions 6.5, 6.7 and 7.0.

More information on StorMagic SvKMS

StorMagic SvKMS encryption key management goes much further than just providing simple KMIP integration with leading encryption workloads. SvKMS enables organizations to manage all of their encryption keys, wherever they are located, within a secure, flexible management interface. Enterprise-grade features enable the management of the entire key lifecycle, from key creation to key destruction, and all at a surprisingly low cost.