Question

VMWare Backup encrypted VMs with vSphere Native Key Provider

  • 9 October 2023
  • 2 replies
  • 206 views

Hello,

have anyone experience with backing up VMs when VMware Native Key Provider is beeing used?

One of our customers is thinking about encrypting the VMs for security reasons. 

From what I saw in the documentation the VMware Native Key Provider is only working for VMWare infrastructure products.

I am not quit sure how this will impact the backup regarding to, ddb increase, if the data will be browsable with/without an agent installed.

Any thoughts about this topic?


2 replies

Userlevel 7
Badge +19

In case you leverage VSA it will protect the disks as raw blocks. So, it has no notice of the data being encrypted or not. However you will loose the ability to perform indexing and file-level recovery from backup. You should be able to perform full instance recovery. 

 

 

Badge +3

Hello. Found this thread interesting, but a little bit confusing. 

We did the test of encrypting a vm and a proxy server and did backup in hotadd mode. Worked perfectly.

From what I was reading higher, I was under the impression we could not do a granular restore from the vm, but that’s not the case…

So now, I’m not sure about what’s called file-level recovery?

Will backup and restore work on encrypted machines that have an agent installed  (file system, sql or else) ?

Thx

G from Canada

Reply