Simplify Key Management and Certificate Vaulting

Enterprise encryption key management centralizes management of keys for Vormetric Data Security Platform products, Microsoft SQL TDE, Oracle TDE, KMIP-compliant encryption products, and more

Enterprise Key Management

With Vormetric Key Management, you can centrally manage keys from all Vormetric Data Security Platform products, and securely store and inventory keys and certificates for third-party devices—including IBM Security Guardium Data Encryption, Microsoft SQL TDE, Oracle TDE, and KMIP-compliant encryption products. By consolidating key management, Thales' Vormetric Key Management fosters consistent policy implementation across multiple systems and reduces training and maintenance costs.

Key Management
Unify Key and Certificate Management

Leverage a single platform for managing keys from Vormetric Data Security Platform products and third-party applications including Microsoft SQL TDE, Oracle TDE, and KMIP-compliant encryption products.

Securely Vault Keys

Securely store keys in the Vormetric Data Security Manager (DSM), which is available as a virtual appliance and FIPS 140-2 Level 3-certified hardware appliance.

Prevent Unplanned Downtime

Maximize key availability and redundancy, leveraging secure replication of keys across multiple appliances with automated backups. Automated alerts help prevent unexpected key expiration.

Deployment Flexibility

Vormetric Key Management is a capability offered through the Vormetric Data Security Platform, which delivers a variety of data security services from a single deployment. At the heart of the Vormetric Data Security Platform is the Vormetric Data Security Module (DSM), which is available in multiple form factors to suit different environments. The DSM is offered as a virtual appliance and two hardware appliances, the V6000 and the V6100. The V6100 is a FIPS 140-2 Level 3-certified appliance that is equipped with a hardware security module (HSM).

Strong, Auditable Controls

The DSM enforces strong separation-of-duties policies to ensure that no single administrator can gain complete control over data security activities, encryption keys, or administration. In addition, the DSM supports two-factor authentication for administrative access.

Efficient Operations

The DSM minimizes costs by providing central key management of heterogeneous encryption platforms, including Vormetric Data Security Platform products, third-party database TDE and KMIP-compliant encryption products. The DSM features an intuitive web-based console and APIs for managing encryption keys, policies, and auditing across the enterprise.

The V6100 hardware appliance also includes a remote administration feature, which enables efficient management of distributed environments. The DSM also centralizes log collection.

Manage Security Objects
  • X.509 certificates
  • Symmetric and asymmetric encryption keys
Administration
  • Secure-web, CLI, API
  • Bulk import of digital certificates and encryption keys
    • Validates on import
  • Command line scripts
Key and Certificate Formats for Search, Alerts, and Reports
  • Symmetric encryption key algorithms: 3DES, AES128, AES256, ARIA128, ARIA256
  • Asymmetric encryption key algorithms: RSA1024, RSA2048, RSA4096
  • Digital certificates (X.509): DER, PEM, PKCS#7, PKCS#8, PKCS#12
Third-Party Encryption
  • Microsoft SQL TDE, Oracle TDE, IBM Security Guardium Data Encryption, KMIP-clients
  • Example partners: Nutanix, Linoma, NetApp, Cisco, MongoDB, DataStax, Huawei
API Support
  • PKCS#11, Microsoft Extensible Key Management (EKM), OASIS KMIP
Key Availability and Redundancy
  • Secure replication of keys across multiple appliances with automated backups
Assista nosso vídeo demonstrativo interativo Explore
Agende uma demonstração ao vivo Agendar
Entre em contato com um especialista Entre em contato