SOLUTIONS OVERVIEW
Boot and Data Volume Encryption for Virtual Machines
Running in VMware vCloud Air
Control, monitor and encrypt VMs with ease and confidence using native OS encryption
AT A GLANCE
controls no longer apply in the cloud, yet sensitive data must be secure to address
VMware vCloud Air is a
secure, dedicated hybrid
cloud service operated by
VMware and built on the
trusted foundation of
VMware vSphere .
The service supports existing
workloads and third-party
applications as well as new
application development,
giving IT a common platform
for seamlessly extending its
data center to the cloud.
CloudLink SecureVM
provides pre-boot
authorization, image
integrity validation and
encrypts boot volume and
data volumes with a
centralized management
approach that allows IT
departments to have full
control over data security
in the cloud.
Rather than introducing new
technologies and tools,
SecureVM provides data
security management that
leverages existing native OS
encryption and provides
flexible key control, enabling
customers to determine
where and how keys are
stored and made accessible
in their hybrid cloud.
Securing Cloud Workloads can be Complex
Moving to the cloud offers enterprises significant benefits in terms of business agility
and IT cost management; however, there are security and deployment challenges.
Cloud computing is based on a shared, multi-tenant architecture. Traditional security
privacy, regulatory, and data remanence (residual data) requirements, while virtual
machine images themselves must be verified to protect against malicious or accidental
tampering. As workloads are often distributed across both public and private clouds,
data security must be easy to deploy and manage without having to re-architect
applications. It must also provide the flexibility to support a variety of encryption
approaches to address a variety of use cases.
Organizations need a way to address cloud security by extending existing, proven
tools, rather than introducing new methods that add to deployment complexity and
operational risk all while ensuring security control remains in their hands.
Boot and Data Volume Security for vCloud Air VMs
CloudLink SecureVM allows you to
implement your own data security so that
you can protect access to your VMs and
sensitive data residing in your VMware
vCloud Air virtual data center.
SecureVM unlocks native Windows
BitLocker and Linux OS encryption features
with a centralized management approach,
giving you visibility and control over when
and where VMs and data are run and
accessed while retaining full control of the
encryption keys. With SecureVM, cloud
encryption becomes easy to deploy, relying
on encryption tools already provided by the
OS vendors, rather than introducing proprietary technologies that must be integrated
and proven with each new OS release. With SecureVM, organizations can confidently
embrace the cloud knowing that VM data security, regulatory compliance and data
remanence requirements are met.
Deploy with Ease. Secure with Confidence.
With the vCloud Air and SecureVM solution you:
Use native OS encryption tools to reduce cost and complexity
Protect the entire VM, including boot and data volumes, without re-architecting
how your applications store data
Benefit from full key lifecycle management offered by CloudLink Center, or
leverage existing tools, like Microsoft AD, to hold keys on premise or in the
cloudplus, customer-controlled encryption keys ensure that third parties wont
have access to your data
Manage and monitor security and performance across the hybrid cloud
CLOUDLINK SECUREVM FOR VCLOUD AIR / 1

Data Encryption for
your VMs
VMware and CloudLink enable
you to seamlessly extend to
the cloud, and ensure your
virtual machines and data
remains secured and under your
control.
Cloud security is a top priority
for many enterprises. Cloud
security solutions must leverage
the enterprises existing data
security technology and
operational expertise. CloudLink
SecureVM unlocks native OS
encryption with a centralized
management approach that
allows IT management, cloud
architects, security teams and
CISOs to have control over
when and where their VMs and
data are run and accessed.
Together, VMware and
CloudLink enable you to
confidently adopt vCloud Air
knowing that your data will
remain secure and regulatory
compliance requirements will be
met.
Alex Berlin, CEO of CloudLink
Bring Your Own Data Security to vCloud Air
SecureVM provides you with the security controls necessary to move forward with server
and desktop cloud initiatives by extending security protection beyond the data to the VM
itself. SecureVM enables encryption of the entire VM running in the vCloud Air. This
enables you to define the security policy that must be adhered to for a VM to start,
including the ability to verify the integrity of the VM, offering protection against
unauthorized modifications. SecureVM ensures that only trusted and verified VMs have
the ability to run and access sensitive data residing in the cloud.
Native authentication mechanisms typically found in hardware environments are not
supported in cloud environments; however, SecureVMs proven encryption key policy
management unlocks native OS encryption such as Microsoft BitLocker, and allows it to
be used for automated
encryption of boot
volumes in the cloud
while enabling enterprise
administrators to control
security policy and
encryption keys.
SecureVM also supports
encryption of Linux root
partitions and mount
points.
SecureVM includes a
comprehensive suite of
auditing, SIEM
integration and key management options to ensure your hybrid cloud workloads can be
monitored and secured wherever they reside.
Embrace the Cloud with Confidence
CloudLink SecureVM enables you to embrace the cloud with confidence. To learn more
about how vCloud Air and SecureVM provides unmatched ease of deployment and
management of data encryption for your hybrid cloud, visit the CloudLink SecureVM
listing in the vCloud Air Marketplace and get started with SecureVM today!

www.cloudlinktech.com/vcloudair

CloudLink Technologies. 2680 Queensview Drive Suite 150, Ottawa, ON, Canada K2B 8J9. Tel 866-356-4060. Fax 613-224-5410. www.cloudlinktech.com.
Copyright 2015 All Rights Reserved. CloudLink is a registered trademark of CloudLink Technologies (formerly AFORE Solutions, Inc.). All other trademarks, trade names, service
marks and logos referenced herein belong to their respective companies.

VMware, Inc. 3401 Hillview Avenue Palo Alto CA 94304 USA Tel 877-486-9273 Fax 650-427-5001 www.vmware.com
Copyright 2015 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. VMware products are covered by one or more
patents listed at http://www.vmware.com/go/patents. VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All other marks and names
mentioned herein may be trademarks of their respective companies.