+| Virtualisation| --- | OVA, OVF | **Inbound**:<br>- Subscription to a Private Cloud SecNumCloud project.<br>- Order the appropriate number of hosts and datastores on the project to get a capacity comparable to that of the original infrastructure.<br>-Migration of VMs, disks, snapshots using a specialized tool (Veeam, API, ...) or manually.<br>-Use of the SecNumCloud zone's VPN Gateway or a custom VPN solution (e.g. NSX or virtual machine third party solution) to ensure data encryption when migrating from an external network.<br>-Then enable VM encryption and vSAN Cluster datastores using the vNKP software brick or your own KMS (compatible with the KMIP protocol). <br> -Use of the SPN (Secure Private Network) to connect SecNumCloud services inside a hosting site. <br>-Use of the inter DC SPN solution to connect your qualified infrastructure hosted in other hosting sites covered by the SecNumCloud qualification at OVHcloud <br><br>**Outbound**: <br> - -Planning the target environment capabilities compared to the original environment. <br>**- Encrypted data migration scenario with vNKP :** Set up an encrypted link between the OVHcloud hosting site and destination site. Export the vNKP key of the OVHcloud hosting environment. Import the vNKP key into the remote site’s vSphere environment. Cold-migration of data via a manual copy between the two sites, or hot-migration of data (via a failover mechanism) using a compatible third-party tool supported by the two providers. <br>**-Customer-specific KMS encrypted data scenario:** Setting up an encrypted link between the OVHcloud hosting site and destination site. Configuration of your KMS on the remote site’s vSphere environment. Cold-migration of data via a manual copy between the two sites, or hot-migration of data (via a failover mechanism) using a compatible third-party tool supported by the two providers. <br>- Migration via a specialized tool (e.g. Veeam, ...) <br> **Oubound** : TBC ....export VMs, disks via vSphere, and reuse on any VMware or compatible environment. Specialized tools can be used (e.g. Veeam, Zerto, PowerCLI, etc.) | The documentation [vSphere SecNumCloud](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/snc_getting_started) applies as soon as the service is delivered, to secure the connection and an end-to-end data encryption. Following this, the [documentation vSphere standard](https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-CEFF6D89-8C19-4143-8C26-4B6D6734D2CB.html) applies.<br><br>[Deploy an OVF Linux, Windows Server et Windows SQL Server](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/ovf_template)<br><br>[Deploy a virtual machine with vSphere](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/deploiement_d_une_machine_virtuelle)<br><br>[Create a cluster and activate EVC](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/create_cluster_enable_evc)<br><br>[Virtual machine encryption interoperability](https://docs.vmware.com/fr/VMware-vSphere/8.0/vsphere-security/GUID-C0AF1F3A-67B4-41A6-A933-7E52A3603D9D.html)<br><br>[Back up a vSphere Native Key Provider](https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/6-7/vsphere-security-6-7/configuring-and-managing-vsphere-native-key-provider/back-up-a-vsphere-native-key-provider.html).{external}<br><br>[vNKP - Enabling virtual machine encryption](/pages/hosted_private_cloud/hosted_private_cloud_powered_by_vmware/vm_encrypt-vnkp) |
0 commit comments