Skip to main content
purple hex pattern

Secure multi-cloud workloads throughout their lifecycle.

Working with leading private and public cloud platforms, hyperconvergence, and storage solutions, KeyControl Vault for VM Encryption centrally manages encryption keys to reduce complexity and facilitates compliance with regulations such as GDPR.

Comprehensive Data Protection

Entrust KeyControl Vault for VM Encryption provides granular encryption for comprehensive multi-cloud security. The protection boundary does not stop at the hypervisor or data store - VMs are individually encrypted. Inside VMs, unique keys can be assigned to encrypt individual partitions, including the boot (OS) disk.

Quick and Easy Setup

Setup is a breeze, providing a superior user experience that provides an easy way to manage workload security. On the fly encryption and rekeying enables continuous operation, not ever needing to take workloads off-line.

Cloud Agnostic Encryption and Key Management

Recent surveys show over 50% of IT managers withhold sensitive data from the cloud. Latest breaches indicate user account and passwords continue to be stored unencrypted. Entrust’s KeyControl Vault for VM Encryption agent and powerful key management capabilities deliver an easy to deploy secure cloud solution.

person walking down steps in front of two skyscrapers

Advantages of KeyControl Vault for VM Encryption for AWS, Azure, and IBM Cloud

Entrust KeyControl Vault for VM Encryption is engineered to move with the VM. Should you migrate from private to public cloud or from one cloud provider to another, your data should remain safely encrypted, and with Entrust, it does.

plum checkmark icon

Easy to deploy and use

plum checkmark icon

Zero downtime workload encryption and rekeying

plum checkmark icon

Integrated Key Management Server (KMS)

plum checkmark icon

Encryptions travels with VM

plum checkmark icon

Compatible with Windows and Linux operating systems

KeyControl Vault for VM Encryption Capabilities

eye with slash icon

Access Controls

Access controls on encrypted volumes prevent root users/system administrators from accessing sensitive data.

duplicate with slash icon

Deduplication Support

Encryption and deduplication of storage platforms, including VMware vSAN, deliver security and cost savings.

file lock icon

Strong Encryption

KeyControl Vault for VM Encryption protects data at rest using FIPS-approved AES-128/256 encryption for high assurance.

screwdriver crossing wrench icon

Portable and Transparent

KeyControl Vault for VM Encryption travels with the VM and runs in any environment (DAS, NAS, or SAN storage).


Simplified Key Management

Secure, hardened, multi-tenant key management with Entrust KeyControl Vault for VM Encryption.

desktop with checkmark icon

Online Encryption and Dynamic Re-key

NIST-approved, zero-downtime AES 256-bit encryption protects data at rest.

platform icon


Support least privilege principal including logical separation of duties.

microchip icon

Hardware Acceleration

AES-NI hardware acceleration in Intel and AMD chipsets deliver transparent operation and high performance.

Secure Virtual Workloads with KeyControl Vault for VM Encryption

Entrust can help you expand your private cloud with enhanced security. Entrust KeyControl Vault for VM Encryption offers strong encryption with integrated key management to secure workloads throughout their lifecycle. It is easy to deploy and is uniquely able to encrypt or re-key data without taking applications offline. Entrust KeyControl Vault for VM Encryption is FIPS 140-2 Level 1 certified to facilitate compliance with government and industry data security regulations. Optional seamless integration available with FIPS 140-2 Level 3 nShield® HSM for highest assurance deployments.

2 smiling men walking on sidewalk outside building

Request Demo

Our experts will contact you to discuss how our solution can meet your needs.