 |
|
Content Owner: Herman Rutten | ||||
Summary
Hardware: Self-encrypting drives (SEDs)
Software: AOS encryption; Vormetric VTE (validated), Gemalto (verified)
Software: AOS encryption; Vormetric VTE (validated), Gemalto (verified)
Details
Hardware:
Data-at-rest encryption is compatible with all hypervisor platforms: VMware vSphere, Microsoft Hyper-V, AHV. Hardware encryption is only available with the Ultimate edition.
AOS 5.8 introduced a Dual Encryption mechanism that protects the data on the clusters using both SEDs and AOS Software based encryption. Dual Encryption configuration requires an external key manager to store the keys.
Software:
AOS 5.5 introduced built-in software-based data-at-rest AES-256 encryption. Because it is 100% software, the built-in encryption works with standard drives, so does not require SED hardware. AOS 5.8 introduces the Cluster Native Key Management Server (KMS) which can manage the encryption keys on the cluster locally, without the need of an external KMS. Nutanix Acropolis Data Encryption (ADE) supports VMware vSphere, Microsoft Hyper-V and AHV hypervisors. Nutanix Acropolis Data Encryption (ADE) is only available in the Ultimate edition.
AOS 5.8 introduced a Dual Encryption mechanism that protects the data on the clusters using both SEDs and AOS Software based encryption. Dual Encryption configuration requires an external key manager to store the keys.
AOS 5.9 introduced Background Encryption. Software encryption can be enabled on clusters or containers having existing data. Switching between native key management server (KMS) and external KMS is supported.
Vormetric Transparent Encryption (VTE) and Vormetric Key Management (VKM) have been validated as Nutanix Ready for Networking and Security. Nutanix has also been verified for use with Gemalto SafeNet KeySecure. SafeNet KeySecure manages the encryption keys to Nutanix SEDs.
Data-at-rest encryption is compatible with all hypervisor platforms: VMware vSphere, Microsoft Hyper-V, AHV. Hardware encryption is only available with the Ultimate edition.
AOS 5.8 introduced a Dual Encryption mechanism that protects the data on the clusters using both SEDs and AOS Software based encryption. Dual Encryption configuration requires an external key manager to store the keys.
Software:
AOS 5.5 introduced built-in software-based data-at-rest AES-256 encryption. Because it is 100% software, the built-in encryption works with standard drives, so does not require SED hardware. AOS 5.8 introduces the Cluster Native Key Management Server (KMS) which can manage the encryption keys on the cluster locally, without the need of an external KMS. Nutanix Acropolis Data Encryption (ADE) supports VMware vSphere, Microsoft Hyper-V and AHV hypervisors. Nutanix Acropolis Data Encryption (ADE) is only available in the Ultimate edition.
AOS 5.8 introduced a Dual Encryption mechanism that protects the data on the clusters using both SEDs and AOS Software based encryption. Dual Encryption configuration requires an external key manager to store the keys.
AOS 5.9 introduced Background Encryption. Software encryption can be enabled on clusters or containers having existing data. Switching between native key management server (KMS) and external KMS is supported.
Vormetric Transparent Encryption (VTE) and Vormetric Key Management (VKM) have been validated as Nutanix Ready for Networking and Security. Nutanix has also been verified for use with Gemalto SafeNet KeySecure. SafeNet KeySecure manages the encryption keys to Nutanix SEDs.
