What’s new on vSAN Encryption 6.7 U1?

I’ve written a few blog posts in the past about vSAN Data at Rest Encryption (D@RE). These posts explain how encryption works, and how the keys are handed over to vSphere. Go here for more info. For vSAN D@RE to work properly, ESXi hosts need to be able to reach the KMS cluster during reboot operations. … Continue reading What’s new on vSAN Encryption 6.7 U1?

Considerations when Enabling vSAN Encryption

In previous posts, I talked about vSAN Encryption architecture, and how to enable such feature. However, there are a couple of considerations aside from the requirements that should be taken into account prior to enabling vSAN Encryption. BIOS Settings: With most deployments, whether it is vSphere, or vSAN; I’ve noticed that BIOS settings are often … Continue reading Considerations when Enabling vSAN Encryption

Replacing vCenter with vSAN Encryption Enabled

In my previous post, I talked about vSAN Encryption configuration, and key re-generation among other topics. On that post you can see that there is a trust relationship amongst the vCenter and KMS server/cluster. But what happens if my vCenter dies, gets corrupted, or I simply want to build a new vCenter and migrate my … Continue reading Replacing vCenter with vSAN Encryption Enabled

What’s new on vSAN 6.6

Today, one of the largest vSAN releases was announced. This release comes packed with new features, enhancements, and a lot of improvements; making vSAN 6.6 easier to deploy with enhanced performance, and a more complete HCI platform. What’s New with vSAN 6.6? Native Encryption  Encryption is one of the main features for this release. This … Continue reading What’s new on vSAN 6.6