Hi All,
I am looking to encrypt VM's for a few clients of mine. I see I need a KMS server on premise. I don't currently have a need for KMS outside of VM Encryption.
What I'm wondering is what are the implications of installing KMS role on one of the VM's that will be encrypted? If the VM crashes out will I be able to restore from backup considering the KMS service is on the Crashed Machine??
Is it best practice to have a small, dedicated KMS VM running on the host and leaving that unencrypted?
Also a question in a crash scenario..say my host dies and I need to restore the VM to new hardware, what is the restore process like with an encrypted VM?
Thanks in advance!
Dan