1. AOMEI Cyber Backup >
  2. Enterprise Backup Solutions >
  3. What is VMware TPM and How to Add vTPM to vSphere VM

What is VMware TPM and How to Add vTPM to vSphere VM

TPM technology provides hardware-based, security-related functions. This guide should help you use TPM secure your virtual machines in vSphere.

Crystal

By Crystal / Updated on March 8, 2023

Share this: instagram reddit
Table of Contents

What is TPM in vSphere

TPM is an industry-wide standard for secure cryptoprocessors. TPM chips are found in most of today's computers, from laptops, to desktops, to servers. TPM 2.0 was only supported in vSphere 6.7 and later version.

A TPM module is a discrete security device that provides a secure location for storing sensitive information such as encryption keys. A TPM chip has hardcoded cryptographic keys that make it relatively impossible for a hacker to modify or alter in some way.

add vTPM to vSphere VM

Prerequisites

To add vTPM to virtual machine, your vSphere environment must meet these requirements:

  • Ensure that your vSphere environment is configured with a key provider.
  • For Windows guests, you must be running ESXi 6.7 or later and 7.0 Update 2 for Linux .
  • The guest OS must be Windows Server 2008 or Windows 7 and later, or Linux.
  • The guest VM must be configured to use EFI firmware.
  • UEFI Secure Boot enabled.

How to Add a Virtual Trusted Platform Module to a Virtual Machine

According to VMware, you can add a virtual cryptoprocessor that uses Trusted Platform Module (TPM) technology to an encrypted virtual machine, which enhances the security to the guest operating system.

Here are the steps to add a vTPM to a virtual machine in vSphere Client.

Step 1. Create a Key Provider

First, you must create a key provider before you can add a vTPM.

1. In vSphere Client, select Add Native Key Provider, then enter a name for the key provider and click Add Key Provider.

Add Key Provider

2. Click the Back Up button to back up the key provider to become active.

Backup Key Provider

3. You will be asked if you want to protect the backup with a password. After selecting a password configuration, the key will download in the browser as a .p12 file.

download backup file

The native key provider is configured and please go to create an encrypted virtual machine.

Step 2. Create a New Encrypted Virtual Machine with vTPM

1. Navigate to the virtual machine in the vSphere Client inventory, and click New Virtual Machine. On the Select storage page, you should enable Encrypt this virtual machine.

encrypt vm

2. On Select compatibility screen, select at least ESXi 6.7 and later for Windows guest OS, or ESXi 7.0 U2 and later for Linux guest OS to allow using the vTPM feature.

select compatibility

3. Select Windows or Linux for use as the guest OS.

4. Now, ready to add a vTPM to the encrypted VM.

Click Add New Device and select Trusted Platform Module. You can further customize the hardware, for example, by changing disk size or CPU.

add tpm device to vm

5. Review the settings and click Finish.

The importance of data security needs no further elaboration, especially when you have a lot of virtual machines with critical data. An effective vSphere backup solution protects virtual machine data from human errors, hard drive failures, outages, fire and natural disasters.

Secure Data Protection for vSphere Virtual Machine

An ideal vSphere backup software protects data and keep business continuity. AOMEI Cyber Backup is a professional and easy-to-use tool that is designed to protect virtual machines from security threats. It offers image-based backup to automate multiple virtual machines protection while running, and it allows you to perform fast disaster recovery, which reduces business downtime and financial loss.

It simplifies the backup process and present the steps with intuitive GUI interface. In addition, it offers you the following benefits.

Agentless Backup: create complete and independent image-level backup for VMware ESXi and Hyper-V VMs.
Support Free ESXi: AOMEI Cyber Backup support both paid and free versions of VMware ESXi.
Flexible vSphere Backup: batch backup large numbers of VMs managed by vCenter Server, or multiple VMs on a standalone ESXi host.
Multiple Storage Destinations: backup to local drive, or network destinations like Windows share or NAS.
Automated Execution: create backup schedules to automate backups daily, weekly, monthly.
Email Notification: send email notification when the task is completed or abnormal.
Role Assignment: allows one administrator to create sub-accounts with limited privileges.

As for VMware vSphere, AOMEI Cyber Backup supports VMware ESXi 6.0 and later versions. Next, I will show you how to perform vSphere VM backup and restore via AOMEI Cyber Backup. You can click the following button to download the free trial for 30-day.

Download Free TrialVMware ESXi & Hyper-V
Secure Download

Steps to Perform vSphere Backup and Restore With AOMEI Cyber Backup

Backup Multiple Virtual Machines:

1. Bind Devices: Access to AOMEI Cyber Backup web client, navigate to Source Device > VMware > + Add VMware Device to Add vCenter or Standalone ESXi host. And then click > Bind Device.

bind device

2. Create Backup Task: Navigate to Backup Task > + Create New Task, and select VMware ESXi Backup as the Backup Type.

select backup type

3. Set the Task Name, Device, Target, Schedule and Cleanup as needed.

  • Task Name: you can change the task name or use the default name with an ordinal.
  • Device: batch backup multiple VMs on vCenter or standalone host within one backup task.
  • Target: select to back up to a local path, or to a network path like NAS.
  • Schedule (optional): perform full, differential, or incremental backup, and automate execution according to the frequency you specified.
  • Cleanup (optional): automatically delete the old backup copies that exceed the retention period you specified.

set backup cleanup plan

4. Run Backup: Now you can click Start Backup and select Add the schedule and start backup now, or Add the schedule only.

start backup

Created backup tasks will be listed and monitored separately for restoring, progress checking and schedule changing.

Restore VM from Backup:

5. Select the backup task you want to restore, and click ... > Restore to open the wizard.

Or you can click Backup Management > History Versions. Specify a VM and select a restore point from the left list.

restore vm

6. Start Restore: Choose to Restore to original location or Restore to new location. And click Start Restore to recover the virtual machine in place.

  • Restore to new location: Create a new VM in the same or another datastore/host directly from the backup to perform out-of-spacre recovery, saves the trouble of re-configuring the new VM.

restore vm to new location

Summary

TPM enhances computer security and privacy and protects data through encryption and decryption, protecting authentication credentials, and proving which software is running on the system. This article shares the procedures to add a vTPM to a vSphere virtual machine.

Crystal
Crystal · Editor
Crystal is an editor from AOMEI Technology. She mainly writes articles about virtual machine. She is a positive young lady likes to share articles with peolpe. Off work she loves travelling and cooking which is wonderful for life.

Related Articles

What Is vSphere Distributed Switch and How to Create It Easily

vSphere distributed switches simplify network operation. You can create and configure distributed switches on a vCenter Server system, and here are the steps in this article.

What Is vSphere Update Manager and How to Upgrade It

Updating ESXi patches helps get rid of security loopholes that hackers could exploit. vSphere Update Manager simplifies the upgrade and patch of ESXi hosts in a vSphere environment.

Configure vSphere Replication to Protect VM – Best Practices

To avoid data loss in disaster events, VMware vSphere Replication creates a copy to protect virtual machine simultaneously at the target site. This article demonstrates the VMware vSphere Replication best practices in deploying, configuration and recovery.

VMware vSphere Edition Comparison and Features Introduction

With the growing popularity of VMware vSphere in the virtualization industry, you may also want to give it a try, but are confused by its complex features and multiple editions. This article presents you with a VMware vSphere edition comparison table.