SafeNet KeySecure from Gemalto is the industry’s leading centralized key management platform, and is available as a hardware appliance or hardened virtual security appliance. By utilizing SafeNet KeySecure, organizations benefit from its flexible options for secure and centralized key management – deployed in physical, virtualized infrastructure, and public cloud environments.
Only Gemalto can deliver key management appliances across FIPS-validated hardware or a virtual appliance with a hardware root of trust using SafeNet Hardware Security Modules or Amazon Cloud HSM service.
Highlighted Key Management Features:
- Heterogeneous Key Management: Manages keys for a variety of encryption products including databases, file servers, tokenization and applications through Crypto Pack and self-encrypting drives, tape archives, Storage Area Networks, virtual workloads, and a growing list of vendors supporting the OASIS Key Management Interoperability Protocol (KMIP) standard.
- Multiple Key Types: Centrally manages symmetric, asymmetric, secret data, and X.509 certificates along with their associated polices.
- Full Lifecycle Key Support and Automated Operations: Simplifies the management of encryption keys across the entire lifecycle including secure key generation, storage and backup, key distribution and key deactivation and deletion. SafeNet KeySecure makes automated, policy driven operations easy for tasks such as key expiry and key rotation.
- Centralized Administration of Granular Access, Authorization Controls and Separation of Duties: Management console unifies key management operations across multiple encryption deployments and products while ensuring administrators are restricted roles defined for their scope of responsibilities.
- High-Availability and Intelligent Key Sharing: Deploys in flexible high-availability configurations within an operations center and across geographically dispersed centers or service provider environments using an active-active mode of clustering.
- Auditing and Logging: Centralized management includes detailed logging and audit tracking of all key state changes, administrator access and policy changes. Audit trails are securely stored and signed for non-repudiation and can be consumed by leading 3rd party SIEM tools.
- Next-Generation Solution for NetApp Storage: The official upgrade for existing NetApp DataFort Encryption Appliance and NetApp Storage Encryption deployed with the NetApp Lifetime Key Manager.
- Format Preserving Encryption (FPE): Securely encrypts structured data such as credit cards or social security numbers.
- Infield Software Updates: Ensures easy installation of new features, core software updates and security patches. Additionally you can run older appliances in cluster with new appliances.