Encryption is a powerful tool for protecting the confidentiality of information, and VxRail has built in encryption capabilities to protect data in use, in motion, and at rest. However, the data security provided by encryption is only as good as the generation, protection, and management of the keys used in the encryption process.
Encryption keys must be available when they're needed, and access to the keys during decryption activities must be preserved for the lifetime of the data. Therefore, the proper management of encryption keys is essential to the effective use of cryptography. Many organizations centralize key management across the enterprise to simplify management, enforce policy, and provide reporting and auditing for compliance.
VxRail and vSphere support the Key Management Interoperability Protocol (KMIP), allowing it to work with many enterprise key management systems. Dell EMC CloudLink provides KMIP-compliant key management and encryption for public, private, and hybrid clouds. For organizations that have existing key management services, VxRail and vSphere easily integrate, providing a single point of key management across the enterprise. VMware offers a list of compatible key management servers.