Encrypting Virtual Machines and the Data Within — VMware requires the use of an approved KMS to enable encryption. VaultCore for VMware provides a lite and seamless solution.
Securing Your VxRail Hyperconverged Infrastructure — Solve VMware encryption challenges with a simple, turnkey add-on appliance for any customer deploying VMware Cloud Foundations on VxRail or vSAN Ready Nodes.
The VMware product documentation states, “vSAN encryption requires an external Key Management Server (KMS), the vCenter Server system, and your ESXi hosts. vCenter Server requests encryption keys from an external KMS. The KMS generates and stores the keys, and vCenter Server obtains the key IDs from the KMS and distributes them to the ESXi hosts.”