Virtualization Storage

Whitepaper on vSphere Virtual Machine Encryption Performance

vSphere 6.5 introduces a feature called vSphere VM encryption.  When this feature is enabled for a VM, vSphere protects the VM data by encrypting all its contents.  Encryption is done both for already existing data and for newly written data. Whenever the VM data is read, it is decrypted within ESXi before being served to the VM.  Because of this, vSphere VM encryption can have a performance impact on application I/O and the ESXi host CPU usage.

We have published a whitepaper, VMware vSphere Virtual Machine Encryption Performance, to quantify this performance impact.  We focus on synthetic I/O performance on VMs, as well as VM provisioning operations like clone, snapshot creation, and power on.  From analysis of our experiment results, we see that while VM encryption consumes more CPU resources for encryption and decryption, its impact on I/O performance is minimal when using enterprise-class SSD or VMware vSAN storage.  However, when using ultra-high performance storage like locally attached NVMe drives capable of handling up to 750,000 IOPS, the minor increase in per-I/O latency due to encryption or decryption adds up quickly to have an impact on IOPS.

For more detailed information and data, please refer to the whitepaper


2 comments have been added so far

  1. VMware Certified Advanced Professional 6 (Desktop and Mobility Deployment) – The industry-recognized VCAP6-DTM Deploy certification validates that you know how to deploy and optimize VMware Horizon 6 (with View) environments. It demonstrates that you have the understanding and abilities necessary to leverage best practices to provide a scalable and dependable Business Mobility platform for your company. Some of the subjects involve: Configuring and managing Horizon View components, configuring cloud pod archituecture, configuring Group Policy settings related to Horizon View, Configuring and optimizing desktop images for Horizon View & Mirage, Configuring and managing App Volumes AppStacks, Configuring desktop pools, Configuring and deploying ThinApp packaged applications, Configuring VMWare Identity Manager, was designed by Sebastian to spread his interest for PowerShell & VMWare. Sebastian is an IT qualified professional working in Singapore for more that fifteen years who’s regularly in search of new technology to hone his technical expertise & understanding. Since then, Sebastian has joined PowerShell User Group & VMWare VMug group, and has also been participating most of the events held in Singapore. This blog will show you just how Sebastian are able to automate his everyday works employing PowerShell. You can get study courses available for the VCAP6-DTM exam, which were professionally compiled by Sebastian. Sebastian is certified with VCAP6-DTM, and is professional with virtualization & server maintenance from four years experience of automation. The call for VMWare prepared admins and engineers are ever-increasing in the current tech market place. Get to know more details on PowerShell & VMWare at!

Leave a Reply

Your email address will not be published. Required fields are marked *