You can enable or disable data encryption when deploying the Avaya Aura® Device Services OVA. When data encryption is enabled, all operational data and log files are encrypted.
You can only enable data encryption on Avaya Aura® Device Services if you use Avaya Solutions Platform or a VMware Virtualized Environment. For software-only deployments, you must enable data encryption on the virtualization platform itself. For more information about enabling data encryption on Amazon Web Services, see How to Protect Data at Rest with Amazon EC2 Instance Store Encryption.
Once data encryption is enabled, you cannot disable it using the configuration utility or the Avaya Aura® Device Services administration portal. To disable data encryption, you must redeploy the Avaya Aura® Device Services OVA.
If you enabled data encryption and selected the Require Encryption Pass-Phrase at Boot-Time option, then you will need to enter the data encryption passphrase after every Avaya Aura® Device Services reboot. If you do not select this option, Avaya Aura® Device Services enables the local key store to store encryption keys, so you do not need to enter the passphrase manually. However, this is a less secure solution. Alternatively, you can set up a remote key server to store encryption keys.
