5 Essential Tips for Maximizing Your Experience at Nutanix .NEXT for Bloggers
Greetings, Does the Nutanix Local Key Manager (LKM) satisfy the recommendations/requirements to safely implement the Data at Rest Encryption?The documentation at: https://portal.nutanix.com/page/documents/details?targetId=Nutanix-Security-Guide-v6_5:wc-security-data-encryption-aos-wc-c.html has the warning: "Caution: DO NOT HOST A KEY MANAGEMENT SERVER VM ON THE ENCRYPTED CLUSTER THAT IS USING IT!! Doing so could result in complete data loss if there is a problem with the VM while it is hosted in that cluster." I too share this concern, which led me to investigate External Key Managers, but I am wondering how does using the LKM alleviate this risk? Also, as stated in the Nutanix Bible as well as here: https://portal.nutanix.com/page/documents/solutions/details?targetId=TN-2026-Information-Security:TN-2026-Information-Security "Now that Nutanix supports its own native LKM, Nutanix also takes the KEK and wraps it with a 256-bit encryption key called the machine encryption key (MEK). The
Already have an account? Login
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.