Migration considerations

An advantage of a VTPM over a physical TPM is that it allows the partition to move between systems while retaining the VTPM. To securely migrate the logical partition, the firmware encrypts the VTPM data before transmission. To ensure a secure migration, the following security measures must be implemented before migration:

• Enable IPSEC between the Virtual I/O Server > (VIOS ) that is performing the migration.
• Set the trusted system key through the Hardware Management Console (HMC) to control the managed systems that are capable of decrypting the VTPM data after migration. The migration destination system must have the same key as that of the source system to successfully migrate the data.