Home > Storage > ObjectScale and ECS > Product Documentation > Dell ECS: Data at Rest Encryption > Encryption during the geo-replicated environment
ECS uses the VDC key to encrypt/decrypt HTTP content for geo traffic. When a system is added to form or extend a federation, the new VDC (VDC2) must tell the existing VDC (VDC1) the secret key which is 20 characters. At that point, the VDC1 will begin the initialization process to build the federation. The communication traffic between the two VDCs is protected by the AES128. (Geo traffic uses the SHA 256 of the VDC secret key as the key for encryption. We use only the first 16 bytes of the hash now).
See the ECS 3.8 Administration Guide about how to add a VDC to a federation.