Introduction to Volume Encryption
E2E Networks Volume Encryption enhances data security by encrypting block storage volumes at rest, ensuring that sensitive information remains protected from unauthorized access. This encryption layer safeguards data even in the event of a compromised instance or physical storage failure. Utilizing industry-standard encryption algorithms and integrated key management, E2E Networks delivers secure storage without disrupting performance. The encryption process is seamless and transparent, allowing applications to run without modification while maintaining optimal speed. By enabling Volume Encryption, organizations can bolster their data protection framework, adhere to compliance mandates, and confidently operate in secure cloud environments.
How E2E Networks Volume Encryption Works
-
E2E Networks empowers users to protect their critical data with Volume Encryption, ensuring robust security for block storage volumes used with virtual machines. When creating or attaching a volume through the MyAccount portal, users can easily enable encryption with a single click—by selecting the "Enable Encryption" checkbox. For added security, users may also specify an optional Passphrase, providing a second layer of protection.
-
Under the hood, E2E Networks leverages the trusted and widely adopted LUKS (Linux Unified Key Setup) standard for full volume encryption. LUKS offers powerful, transparent, block-level encryption, effectively safeguarding both system and data volumes without compromising performance. It’s designed for Linux-based environments, ensuring compatibility and security best practices across your infrastructure.
-
Encrypted volumes maintain their security integrity across the entire storage lifecycle:
1. Snapshots Remain Encrypted: Any snapshot created from an encrypted volume- whether manual or scheduled—retains full encryption. This ensures complete end-to-end data protection for your backups and restores.
2. Seamless Integration: Encryption is transparent to applications and workloads,requiring no changes to how you deploy or manage data.
3. Consistent Protection: Both newly created and attached volumes can be encrypted, making it easy to enforce secure storage policies organization-wide.
- With intuitive volume management and powerful encryption via LUKS, E2E Networks helps organizations:
1. Protect sensitive and regulated data
2. Ensure compliance with modern security standards
3. Safeguard their storage infrastructure from unauthorized access
Attaching Volumes to a Node on E2E Networks
Attaching a volume to a virtual machine on E2E Networks is a quick and seamless process—whether you’re expanding your application’s storage or connecting encrypted data volumes for added security. Our intuitive platform ensures that you can manage your storage architecture effortlessly, right from the MyAccount portal.
How to Attach a Volume to a Node
1. Login to the MyAccount Portal
• Access your dashboard at https://myaccount.e2enetworks.com and navigate to your list of virtual machines.
2. Click on Nodes and then select the Node.
• Click on Actions and then Poweroff the Node.
3. Go to the ‘Volumes’ Section.
• Select the volume that is in the Available state, then click on Actions and choose Attach Volume. Next, select the Node you want to attach it to and then click on "Attach".
The Node must be in the Powered Off state before attaching the volume.
How Volume Encryption Works for Snapshots on E2E Networks
- Snapshots taken from an encrypted volume are automatically encrypted on E2E Networks.
- The encryption is handled using LUKS at the disk level, ensuring that your data remains protected both at rest and during restoration.
- Whether the snapshot is taken manually or as part of a scheduled task, the encryption settings are preserved seamlessly, with no additional steps required.
- Once a snapshot is created from an encrypted volume, it can be used to generate a new volume. At this stage, encryption does not carry over by default. Instead, the user has full control—you can choose to enable or disable encryption on the new volume based on your data protection needs.
How E2E Networks Handles Snapshots from Unencrypted Volumes.
-
When a snapshot is taken from an unencrypted volume on E2E Networks, the snapshot itself remains unencrypted. No encryption is automatically applied during the snapshot creation process for unencrypted volumes.
-
Once the snapshot is created, users have the option to create a new volume from it. However, this new volume will also be unencrypted by default, unless encryption is explicitly enabled at the time of creation.
-
If you wish to create a new encrypted Volume from this unencrypted snapshot, the process involves the following steps:
• Click on Volumes.
• Click on Volume which has snapshot. And then click on Actions and then click on Create Volume.
• Enter the Volume Nameand then enable encryption by selecting the "Enable Encryption" checkbox and, optionally,providing a passphrase.
