Posted On: Dec 5, 2022
Starting today, Amazon FSx for NetApp ONTAP provides automatic encryption of data in transit between Nitro-based compute instances and new FSx for ONTAP file systems.
With FSx for ONTAP, until today, you needed to configure Kerberos to encrypt data in transit over the SMB 3.0+ and NFSv3+ protocols. Starting today, FSx for ONTAP supports automatic, Nitro-based encryption of data in transit that doesn’t rely on Kerberos. This new feature is designed to leverage Nitro-based offload capabilities to automatically encrypt in-transit traffic with no impact on network performance. With Nitro-based encryption, data is encrypted in transit when accessed directly from supported instance types in the same VPC (or peered VPC).
Automatic encryption of data in transit is supported between new FSx for ONTAP file systems and Nitro-based compute instances in these AWS Regions: US East (Ohio), US East (N. Virginia), US West (Oregon), and Europe (Ireland). For more information, please visit the FSx for ONTAP documentation and the FSx for ONTAP product page.