5 Essential Tips for Maximizing Your Experience at Nutanix .NEXT for Bloggers
Does the Nutanix Local Key Manager (LKM) satisfy the recommendations/requirements to safely implement the Data at Rest Encryption?The documentation at: https://portal.nutanix.com/page/documents/details?targetId=Nutanix-Security-Guide-v6_5:wc-security-data-encryption-aos-wc-c.html has the warning: "Caution: DO NOT HOST A KEY MANAGEMENT SERVER VM ON THE ENCRYPTED CLUSTER THAT IS USING IT!! Doing so could result in complete data loss if there is a problem with the VM while it is hosted in that cluster." I too share this concern, which led me to investigate External Key Managers, but I am wondering how does using the LKM alleviate this risk?Also, as stated in the Nutanix Bible as well as here: https://portal.nutanix.com/page/documents/solutions/details?targetId=TN-2026-Information-Security:TN-2026-Information-Security "Now that Nutanix supports its own native LKM, Nutanix also takes the KEK and wraps it with a 256-bit encryption key called the machine encryption key (MEK). The MEK is distr
Were you able to find the answers to these questions? I’m particularly interested in recovery in the event of hardware or cluster failure as the LKM is on the same cluster.
Already have an account? Login
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.