#VCP vSpheres own keyprovider. Is not a full blown KMS server, as the NKP can only talk to vSphere and can't be pointed to other systems. Traditional KMS servers are usually paid and offer much more features. They usually provide certifications and compliance guarantees. If you only want to protect your vSphere environment you can use NKP. Can be used for vSAN ecnryption aswell as vSphere VM encryption. ## Setup Can be set up inside vSphere client on vCenter. Configure -> Key mangement Servers -> Add native key provider. You must backup your NKP before you can use it, will be saved inside a p12 file. You may place that inside a USB stick or upload it to a secure cloud location. ## 🔗Resources