[[["わかりやすい","easyToUnderstand","thumb-up"],["問題の解決に役立った","solvedMyProblem","thumb-up"],["その他","otherUp","thumb-up"]],[["わかりにくい","hardToUnderstand","thumb-down"],["情報またはサンプルコードが不正確","incorrectInformationOrSampleCode","thumb-down"],["必要な情報 / サンプルがない","missingTheInformationSamplesINeed","thumb-down"],["翻訳に関する問題","translationIssue","thumb-down"],["その他","otherDown","thumb-down"]],["最終更新日 2025-07-30 UTC。"],[],[],null,["# VMware Engine shared responsibility model\n=========================================\n\nThis page describes what you, as a Google Cloud VMware Engine customer, are responsible\nfor and what Google is responsible for.\n\nIntroduction\n------------\n\nTrusted security in Google Cloud is achieved through the shared responsibilities\nof customers and Google as a service provider. This model is intended to provide higher security and eliminate single points of failure. The following sections list the responsibilities by role.\n\nGoogle's responsibilities\n-------------------------\n\nVMware Engine service elements:\n\n- Deploying and lifecycle management of hosts and management services in a private cloud\n- ESXi patch and upgrade\n- vCenter Server patch and upgrade\n- NSX patch and upgrade\n- vSAN patch and upgrade\n- HCX - initial installation, configuration, and monitoring of HCX\n- Backup and Restore of management services (does not include customer workloads)\n- Backup and Restore vCenter Server\n- Backup and Restore NSX Manager\n- Replacing failed hosts\n- Maintaining adequate capacity\n- Acquiring and maintaining industry and regulatory compliance certifications for Google-managed services and infrastructure\n\nPhysical infrastructure elements:\n\n- Physical infrastructure\n- Google Cloud regions\n- Compute, network, storage (deployment \\& lifecycle)\n- Rack and Power Bare Metal Hosts and network equipments\n- Acquiring and maintaining industry and regulatory compliance certifications for Google-managed services and infrastructure\n\nCustomer's responsibilities\n---------------------------\n\n- Deploying VMware Engine private clouds\n- Network range for management appliances and resources\n- Configuring private cloud networking and security\n- Configuring VMware Engine firewall, regional settings, client VPN, and external IP address allocations\n- Configuring NSX based firewalls, VPN, and NAT settings\n- Provisioning NSX segments\n- Deploying and managing Virtual Machines\n- Installing guest operating systems\n- Patching guest operating systems\n- Installing and managing antivirus software on customer environments and workloads\n- Installing and managing backup software on customer environments and workloads\n- Installing and managing any configuration management\n- Migrating Virtual Machines to VMware Engine\n- Migration tools\n- Capacity planning \\& reservations\n- vSAN KEK encryption key lifecycle (KEK rotation)\n- vCenter and NSX user management (identity, access control)\n- HCX - lifecycle management of HCX Cloud and service appliances like HCX-IX Interconnect\n- Acquiring and maintaining industry and regulatory compliance certifications for customer environments and workloads\n\nWhat's next\n-----------\n\n- [Security bulletins](/vmware-engine/docs/security-bulletins)."]]