The Vormetric Transparent Encryption solution protects data with file and volume level data-at-rest encryption, access controls, and data access audit logging without re-engineering applications, databases or infrastructure. Deployment of the transparent file encryption software is simple, scalable and fast, with agents installed above the file system on servers or virtual machines to enforce data security and compliance policies. Policy and encryption key management are provided by the Vormetric Data Security Manager.
Transparent. Implement data-at-rest encryption and access controls without changes to applications and business processes—significantly reducing the cost of encryption deployment and operation.
Scalable. Scaling to deployments of 10’s of thousands of servers, the Vormetric Transparent Encryption solution is available for Windows, Linux, and Unix platforms, and can be used across physical, cloud, container and big data environments.
Meet Compliance and Best Practice Requirements. Encryption, access controls and data access logging are basic requirements or recommended best practices for almost all compliance and data privacy standards and mandates, including PCI DSS, HIPAA/Hitech, GDPR and many others.
- Granular Access Controls. Role-based access policies control who, what, where, when and how data can be accessed. Controls support both system level accounts as well as Enterprise roles and groups. Active Directory (AD) and other directory services environments are supported through Lightweight Directory Access Protocol (LDAP). Available controls enable root and other privileged users to perform their work without access to clear-text data that might result in a compliance violation or theft.
- High-Performance Encryption. Vormetric Transparent Encryption features enhanced encryption performance using the AES hardware encryption algorithms built into system CPUs. In addition, file-system optimization techniques such as multi-threading, look ahead caching, and pipelining further enhance performance. The result is encryption without impact to SLAs or the requirement for additional compute resources. A distributed agent-based deployment model eliminates the bottlenecks and latency that plague legacy proxy-based encryption solutions.
- Broad Operating System and Environment Support. Secure structured databases and unstructured files across data centers, cloud and big data environments on Linux, Windows and Unix with a single infrastructure and management environment. Encryption, access control and data access audit logging are available without changes to infrastructure, applications or workflow for maximum control with minimal costs and resource requirements.
Platform support: Microsoft—Windows Server 2008 and 2012; Linux—Red Hat Enterprise Linux (RHEL), SuSE Linux Enterprise Server, and Ubuntu; UNIX—IBM AIX.
Database support: IBM DB2, MySQL, NoSQL, Oracle, SQL Server, Sybase, and others
Application support: Transparent to all applications, including Microsoft, Documentum, SAP, SharePoint, custom applications, and more
Big data support: Hadoop—Cloudera, Hortonworks, IBM; NoSQL—Couchbase, DataStax, MongoDB; SAP HANA; Teradata
Encryption hardware acceleration: AMD and Intel AES-NI, IBM P8 cryptographic coprocessor, SPARC encryption
Agent certification: FIPS 140-2 Level 1
Container support: Docker