Key Manager for VMware vSphere from HyTrust
Secure Virtual Machines on vSphere
With the release of vSphere 6.5, VMware introduced the ability to encrypt VMs. This strengthens an organization’s in-depth security strategy. In the event the VM is compromised and falls into the wrong hands, the data is useless. And encryption also helps with industry data protection regulations, such as GDPR.
vSphere encryption requires a Key Management Server (KMS), to secure its Data Encryption Keys (DEK) with another layer of encryption: The Key Encryption Key (KEK). The key manager is, therefore, a cornerstone of the business-critical infrastructure and must be highly available, or the VMs can’t operate. vSphere environments often deal with hundreds or even thousands VMs. The VMs require multiple encryption events throughout their lifecycle; frequent re-keying is part of a secure strategy. KeyControl preserves keys from all lifecycle stages, so snapshots and backups remain viable. This means scalability of the key management solution is also essential.
HyTrust KeyControl enables vSphere encryption users to easily manage their encryption keys at scale. HyTrust is the only KMS vendor that VMware invested in. It is available as an OVA, for fast installation and configuration in VMware vCenter.
HyTrust KeyControl capabilities include:
- VMWare Certified Key Manager Server (KMS) for vSphere 6.5
- Enterprise-grade availability, scalability, and performance
- KeyControl can run in an active-active, high availability cluster