Improve your Cluster Shared Volume security with Microsoft BitLocker
Posted by Ivan Ischenko on January 4, 2018
5/5 (1)

Introduction

Nowadays, every company is doing its best to protect its data, which is pretty much its most valuable asset. As you know, data is vulnerable to unauthorized access and that’s when Microsoft BitLocker saves the day. BitLocker is the encryption technology from Microsoft, which makes possible to encrypt the Logical Volume on the transparent blade-based level (not physical disk). In this article, we will see how to encrypt Cluster Shared Volume (CSV) using Microsoft BitLocker to protect your data against unauthorized access.

Starting from Windows Server 2012, Microsoft has added the BitLocker support for Cluster Shared Volumes to create an additional layer of protection for sensitive, highly available data. It allows adding an extra barrier to security by allowing only certain user accounts access to unlock the BitLocker volume. BitLocker uses the Advanced Encryption Standard (AES) encryption algorithm with either 128-bit or 256-bit keys. As to authentication options…well, there are few to choose from. You can authenticate by specifying a PIN or by storing a key on a flash drive, which you would then need to insert in order to boot the system.

Bitlocker Drive Encryption status

(more…)

Please rate this

Encryption of VMware vSphere 6.5 virtual machines and vMotion migrations. And their performance
Posted by Alex Samoylenko on January 26, 2017
5/5 (2)

As many admins of virtual infrastructures know, for the first time ever, VMware vSphere 6.5 received the long awaited encryption feature of both virtual disks content and vMotion hot migrations.

The VMs encryption works based on AES-NI algorithm, and the key management is carried out based on KMIP 1.1 standard. When I/O operation comes to the disk of the virtual machine, it is immediately encrypted on-the-fly, which provides complete security against data security attack.

Virtual machine Encryption How it works

(more…)

Please rate this