Other than investing tens of thousands of dollars into a mobile key provider system that can follow your servers in a DR scenario, is there a better way to do this? It seems that the only scenario would be encrypting the datastore at the VMWare level instead so that the VMs themselves are replicated over unencrypted since the datastores are unlocked at the VMWare level at the time of replication but it is my understanding that licensing is fairly expensive if you have a small customer on something like VMWare Essential licensing. Obviously the technology is doing it's job - Bitlocker with TPM is supposed to stop a malicious actor from being able to put your data on new hardware and just "use it", but it really hampers legitimate DR scenarios. The replication works, but all of the bitlockered servers boot to a Bitlocker recovery screen, requiring you to 1) have all of your Bitlocker keys documented and accessible in a disaster, and 2) manually enter in several 30+ character Bitlocker unlock codes every time the virtual machine starts up. This all works fine, until they replicate their servers to another set of hardware for DR. In that case, the only way to decrypt the drive is to use the BitLocker recovery key - it exists specifically for cases like this. If the TPM chip is cleared, this key is lost (for ever). We have customers that are enabling TPM security on their ESXi hosts and using Microsoft Windows Bitlocker to encrypt their servers within the guest, and then the keys are stored within the host TPM / vCenter. BitLocker usually (see below for exception) uses the computers TPM chip to store the key required for decrypting the boot drive. We are starting to run into a new challenge more and more.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |