Key Encryption for VMware Environments

Easily Encrypt vSAN Data Stores with KMIP-compliant Key Management Server

The encryption and protection of license keys is central to an enterprise’s data security strategy. Yet, even though key manager servers (KMS) have been around for a long time, organizations that rely on virtual machines (VMs), ( just about every organization today) are reluctant to adopt these servers because of added network latency and performance concerns.

It is now possible for vSphere users to encrypt a VM I/O with a Bring Your Own Key (BYOK) key management interoperability protocol (KMIP) compliant solution. However, when vCenter requests keys from the KMS to encrypt a vSAN data store, only one key is requested, and it encrypts the entire data store. This creates vulnerabilities in that only one key makes the data store vulnerable to attack, and if the KMS becomes unresponsive, the data cannot be encrypted or decrypted

The ARIA™ Key Management Server (KMS) is an easy-to-deploy application that takes advantage of the widely accepted KMIP for integration with other existing applications such as VMware vSphere. Running the ARIA KMS application on the Myricom Security Intelligent Adapter (SIA) and using its TrustZone TPM shields the keys from exposure, even if the host server is breached.


  • Provides a zero-footprint KMS with TrustZone

  • Deploys quickly, in most cases in an hour or less-without specialized knowledge

  • Supports Bring Your Own Key (BYOK) security models

  • Eliminates risk, thanks to automated configuration and management of critical KMS processes

Interested in learning more?

Download our complete technology brief, “Easily Encrypt VMware vSphere Environments with ARIA KMS” today!

Download Now

Contact Us to Speak to a Cybersecurity Expert!

Resources and Related Content


June 6, 2022
Aria Cybersecurity Introduces Breakthrough Solution Accelerated by NVIDIA to Stop Network-Based Cyber-Attacks Within Core of the Internet and Public Cloud

ARIA Cybersecurity Solutions, a CSPi business (NASDAQ: CSPi) announces its ARIA Zero Trust Gateway, a next-generation network security solution focused on automated 100G Network…

December 21, 2021
ARIA Cybersecurity Solutions Accelerates Zero-Trust Adoption with Transmit-Only SmartNIC

Myricom ARC-C TxO provides network intrusion protection and cyberattack prevention with a unidirectional network traffic gateway solution.

November 22, 2021
ARIA Cybersecurity Featured at NVIDIA GTC for Work in Cyber Attack Detection and Response

Achieves deployment of advanced cybersecurity applications leveraging the NVIDIA BlueField-2 DPU



June 7, 2022
A next generation network security platform - focused on automated 100G Network Response Built upon the NVIDIA BF2 DPU Platform. Network Service Providers and…
March 11, 2021
Legacy hardware security modules (HSM) appliances aren't well-suited to meet today's organization encryption needs. Deployed as a stand-alone, "black-box" appliance attached to the network…
May 25, 2021
The Northern California Virtual Cybersecurity Summit is a new way to connect with like-minded executives, innovative solutions providers, experts and luminaries. With a shared…