This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 47%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENP%3C/text%3E%3C/svg%3E)
Good morning,
i have a question regarding enabling Encryption at Host. Currently i have the option to enable it, but the VM must be offline, so i am wondering what is the time that machine has to be offline while this process is executing? What does it depend on, VM size, type?
Also is it possible to restore the machine to another region if i Encrypted it at Host successfully? Of course if i would be using CMK, i would have to have CMK in that region as well in Key Vault.
Is there a scenario where when i enable Encryption at Host i can't take backups or i can't restore the machine properly?
Thanks in advance.
@Nermin Pezerovic Thanks for raising this good question. I’m checking on your query
Any updates on this? @Sumarigo-MSFT
Hi Nermin,
i have a question regarding enabling Encryption at Host. Currently i have the option to enable it, but the VM must be offline, so i am wondering what is the time that machine has to be offline while this process is executing? What does it depend on, VM size, type?
A: Normally enabling Encryption at Host only takes a second or two to enable. So for the most part it is the time it takes to Deallocate the VM plus the time it takes for the VM to Start.
Also is it possible to restore the machine to another region if i Encrypted it at Host successfully? Of course if i would be using CMK, i would have to have CMK in that region as well in Key Vault.
A: Yes, you can restore VM using Cross Region Restore.
Is there a scenario where when i enable Encryption at Host i can't take backups or i can't restore the machine properly?
A: Not that I'm aware of.
You should test the different scenarios you care about so that you are familiar with the details. For example, if you've never used Cross Region Restore you may be surprised to learn that it can take 12 hours for backup data to replicate to the secondary region. The result of this is that the restore point that is available to restore in secondary region may not be as recent as you expected.
Please review document below for important information on restoring VMs:
https://learn.microsoft.com/en-us/azure/backup/backup-azure-arm-restore-vms
Please click Accept Answer if the above was helpful.
Thanks.
-TP
@Nermin Pezerovic Was my answer clear? Please click Accept Answer to close up this thread or add a comment if you still need assistance.
Thank you.
@Nermin Pezerovic Any update?
@Nermin Pezerovic Please click Accept Answer to close up this thread.
Thank you.