Vormetric Data Security Manager

Centrally manage your organization’s encryption keys

The Vormetric Data Security Manager (DSM) is at the heart of the Thales e-Security product line. The DSM provisions and manages keys for the Vormetric Data Security Platform and manages keys and certificates for third-party devices.




  • Unified, Simplified Management. The DSM enables centralized management of data security policies and key management, simplifying training, deployment and operations.
  • Flexible Form Factors. The DSM is available in different form factors and FIPS 140-2 levels. Deploy virtual appliances on-premises, in private and public clouds or select high-assurance hardware.
  • Centralize Key and Policy Management. Provision and manage keys for all Thales e-Security products, and manage keys and certificates for third-party devices.




  • Flexible Deployment Form Factors. The DSM is offered as a FIPS 140-2 Level 1 virtual appliance, as well as two hardware appliances: The V6000, which is FIPS 140-2 Level 2 certified, and the V6100, which is FIPS 140-2 Level 3 certified. The platform is also available on the Amazon Web Services (AWS) Marketplace and the Microsoft Azure Marketplace.
  • Unified Management and Administration. The DSM provides central management and secure storage of encryption keys, including those generated by Thales e-Security products, KMIP-compliant devices, Microsoft SQL Server TDE, Oracle TDE and IBM Guardium Data Encryption. Its intuitive Web-based console, CLI, or APIs are used for managing encryption keys and policies.
  • Maximum Security and Reliability. To maximize uptime and security, the DSM features redundant components and the ability to cluster appliances for fault tolerance and high availability. Strong separation-of-duties policies can be enforced to ensure that one administrator does not have complete control over data security activities, encryption keys or administration. In addition, the DSM supports two-factor authentication for administrative access as well as nShield Remote Administration with smart card access in the V6100.




Administrative interfaces: Secure Web, CLI, SOAP, RESTAPI support: PKCS #11, Microsoft Extensible Key Management (EKM), SOAP, REST

Security authentication: Username/password, RSA two-factor authentication (optional)Backup: Manual and scheduled secure backups. M of N key restoration.

Network management: SNMP, NTP, Syslog-TCPCertifications: FIPS 140-2 Level 1, FIPS 140-2 Level 2, FIPS 140-2 Level 3, Common Criteria (ESM PP PM V2.1)



Original: https://www.thalesesecurity.ru/products/data-encryption/vormetric-data-security-manager