Introduction
PhoenixNAP’s Data Security Cloud leverages the Key Management Service (KMS) by Fortanix to provide unparalleled data security. This solution enables end-to-end security management using a single web UI.
By incorporating security into your applications and databases, you achieve the necessary privacy compliance in multi-tenant environments.
The steps in this guide explain how service providers make the additional encryption policy visible to tenants and how to apply the storage policy to a virtual machine as a tenant.
Enable VM Encryption Policy for Organization
Tenants may not have the Fortanix encryption service enabled. Before attempting to apply the Fortanix encryption policy, tenants should verify whether their service provider has enabled the service.
Service providers must enable the storage VM Encryption Policy so tenants can apply the policy to virtual machines (VMs). As a service provider, to expose the feature, log in to your organization’s VMware Cloud Director portal and:
1. Navigate to Organization VDCs in the Resources > Cloud Resources section.
2. Select the Storage menu for the organization in question.
3. Click the radio button to enable the VM Encryption Policy.
Once you enable the policy, State should display Enabled as in the image below:
Now, the tenant can apply the encryption policy to a VM.
How to Apply VM Encryption Storage Policy as a Tenant
Once the provider has enabled the storage VM Encryption Policy, you can apply it to a virtual machine from the VMware Cloud Director tenant portal.
Note: You must turn off the VM before you apply the VM encryption storage policy.
To apply the policy, log in to the Cloud Director tenant portal and:
1. Select Virtual Machines in the Data Centers section and locate the VM to which you want to apply the storage policy.
2. Click the VM’s name. The machine status must read Powered off.
3. Apply the VM Encryption Policy as a Storage Policy in the edit VM window.
4. Click Save to apply the changes.
Verify VM Encryption Policy Status
To ensure the storage policy has been applied to your VM:
1. Select the Virtual Machines menu option.
2. Navigate to the VM to which you applied the policy.
3. Click the Details link at the bottom of the VM card.
4. In the General menu, locate the Storage Policy line and make sure it says “VM Encryption Policy (Encrypted).
Conclusion
The steps in this article showed how to enable the Fortanix storage encryption policy in VMware Cloud Director as a service provider. The guide also outlines the necessary steps that tenants need to take to apply the exposed policy to their virtual machines.
Next you should also read
Backup and Recovery,Virtualization
How to Create Recovery Media and Perform Bare Metal Restore from Veeam Cloud Connect
August 20, 2020
If you are phoenixNAP customer and need to learn how to create a recovery media and perform Bare Metal…
Backup and Recovery,Virtualization
VMware vCloud Availability Tenant Setup Guide
August 12, 2019
VMware vCloud Availability 3.0 is a single interface for workload migration, cloud-to-cloud disaster…
VMware vCloud Director Tutorial & Quick Start Guide
July 21, 2019
A quick start guide to phoenixNAP Virtual Private Datacenter and Data Security Cloud products. Both of these…
Backup and Recovery,SysAdmin,Bare Metal Servers
How to Install Veeam Backup and Replication
October 20, 2018
Veeam® Backup & Replication™ is a software solution responsible for protecting your data by performing…
Author
Goran Jevtic
Goran combines his passions for research, writing and technology as a technical writer at phoenixNAP. Working with multiple departments and on a variety of projects, he has developed extraordinary understanding of cloud and virtualization technology trends and best practices.