Travelling Techie

Adventures in VMware

User Tools

Site Tools


Network Virtualization
Compute Virtualization
Storage Virtualization
Operating Systems
VMware Classes
Other Classes


Recent Changes

About The Author

Brandon Neill is a VMware Certified Instructor and Consultant. He specializes in NSX and vRealize Automation. In addition to teaching Official VMware Classes, he provides contract training and consulting services.


VMware Encryption

vSphere Encryption

vSphere Encryption encrypts the data as it exits the VM. This means that it is encrypted in flight and at rest. It also means that an admin on the host doesn't have access to the encrypted data unless they have access to the keys. The disadvantage is that vSAN deduplication and compression no longer function. vSphere encryption can be enabled on a per VM basis using Storage Profiles.

Hands on Labs

  • HOL-1811-04-SDC vSphere Security Getting Started

vSAN Encryption

vSAN Encryption encrypts data as it's being written to the storage media. This means that it's not encrypted in flight, and it means that deduplication and compression still function. However a rogue admin that has access to the ESXi host would have access to the unencrypted data.

Hands On Labs

  • HOL-1808-01-HCI - vSAN v6.6.1 - Getting Started
vmware_encryption.txt · Last modified: 2020/07/23 17:15 by brandon