Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
avinash_v
Staff
Staff

Created on ‎08-27-2024 01:14 AM Edited on ‎09-16-2024 08:22 AM By Moderator

Article Id 336660

Technical Tip: Enabling disk encryption on Azure with FortiGate VM

Description The article describes how to enable disk encryption on Azure with FortiGate VM.
Scope FortiGate VM on Azure.
Solution

Execute the below command on Azure Powershell to register the encryption feature for the resource/subscription:

 

Register-AzProviderFeature -FeatureName "EncryptionAtHost" -ProviderNamespace "Microsoft.Compute"

 

Check whether the registration state is 'registered', takes a few minutes:

 

Get-AzProviderFeature -FeatureName "EncryptionAtHost" -ProviderNamespace "Microsoft.Compute"

 

Then launch the VM, and select 'encryption at host' in the 'disks' section of 'create a VM'.
As shown in the Azure documentation, there are specific restrictions on when Azure Disc Encryption can be enabled, for example, only new VMs deployed after enabling this feature will be automatically encrypted. For a full list of the restrictions, refer to the Azure document at the end of this article.

 

On an existing VM, additional steps as mentioned below, should be followed to enable encryption:

 

  1. Take a backup of the configuration file and take a VM snapshot. See [2].
  2. Shut down the VM.
  3. Apply encryption settings.
  4. And then bring up the VM.

Related document:
1213
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.