Key Encryption for VMware Environments

Easily Encrypt vSAN Data Stores with KMIP-compliant Key Management Server

The encryption and protection of license keys is central to an enterprise’s data security strategy. Yet, even though key manager servers (KMS) have been around for a long time, organizations that rely on virtual machines (VMs), ( just about every organization today) are reluctant to adopt these servers because of added network latency and performance concerns.

It is now possible for vSphere users to encrypt a VM I/O with a Bring Your Own Key (BYOK) key management interoperability protocol (KMIP) compliant solution. However, when vCenter requests keys from the KMS to encrypt a vSAN data store, only one key is requested, and it encrypts the entire data store. This creates vulnerabilities in that only one key makes the data store vulnerable to attack, and if the KMS becomes unresponsive, the data cannot be encrypted or decrypted

The ARIA™ Key Management Server (KMS) is an easy-to-deploy application that takes advantage of the widely accepted KMIP for integration with other existing applications such as VMware vSphere. Running the ARIA KMS application on the Myricom Security Intelligent Adapter (SIA) and using its TrustZone TPM shields the keys from exposure, even if the host server is breached.


  • Provides a zero-footprint KMS with TrustZone

  • Deploys quickly, in most cases in an hour or less-without specialized knowledge

  • Supports Bring Your Own Key (BYOK) security models

  • Eliminates risk, thanks to automated configuration and management of critical KMS processes

Resources and Related Content


February 26, 2020
ARIA Cybersecurity Solutions Integrates with Juniper Networks to Stop Network-Borne Threats Earlier in the Cybersecurity Kill-Chain Process

ARIA SDS Solution Combined with Juniper’s Secure Analytics Improves Enterprise-Wide Network Visibility, Intrusion Detection and Threat Containment

February 25, 2020
ARIA Cybersecurity Solutions Integrates with Sumo Logic to Improve Cyber Intrusion Detection and Containment of Network-borne Attacks

ARIA SDS Solution Combined with Sumo Logic Continuous Intelligence Platform Delivers Enhanced Enterprise-wide Network Visibility

December 9, 2019
ARIA Cybersecurity Solutions Expands Partner Network with the Addition of HIC Network Security Solutions and SYNACKTEK

ARIA™ Cybersecurity Solutions, a CSPi business (NASDAQ: CSPi), delivers an open, software-defined approach for improved cyber-attack detection and rapid incident response as well as…



January 23, 2020
Attend this one-day conference for informational presentations on current cybersecurity threats and solutions. You’ll also have the chance to visit 30-60 cybersecurity exhibits.