KeySecure for Government is a centralized key management platform that supports a broad encryption ecosystem for the protection of sensitive data-at-rest across traditional or virtualized data centers and public cloud environments.
Derived from industry-leading technology, KeySecure for Government is available in either a hardware (G460) or virtual (G350v) appliance. KeySecure for Government supports a hardware root of trust utilizing a FIPS 140-2 Level 2 or 3 Luna for Government hardware security module (HSM) (embedded in hardware appliance or network-attached for virtual appliance) or the Amazon CloudHSM service (virtual appliance only).
KeySecure for Government is manufactured, sold, and supported exclusively in the United States by SafeNet Assured Technologies.
KeySecure for Government Use Cases
KeySecure for Government use cases for centralized key management cover SafeNet encryption products and third-party solutions for backup media and storage, virtual workload and application encryption.
- Backup Media: KeySecure for Government supports industry leading tape libraries, scalable backup and cloud archive solutions
- Storage: KeySecure for Government supports leading storage platforms and cloud storage services
- Data Encryption Solutions: KeySecure for Government provides encryption solutions for data in various formats – structured (such as databases) and unstructured (file level encryption, big data) – ensuring appropriate access to users requiring the information and IT teams providing infrastructure support
- Applications: KeySecure for Government supports application level encryption via SafeNet ProtectApp and integrations from cloud application partners
- Heterogeneous Key Management. Manage keys for SafeNet encryption products as well as a large variety of third-party encryption solutions through an industry standard interface
- Multiple Key Types. Centrally manage Symmetric and Asymmetric Keys, secret data, and X.509 certificates along with associated policies.
- Full Lifecycle Key Support and Automated Operations. Simplify the management of encryption keys across the entire lifecycle including secure key generation, storage and backup, key distribution, deactivation and deletion. Automated, policy driven operations simplify key expiry and rotation tasks.
- Centralized Administration of Granular Access, Authorization Controls and Separation of Duties. Unify key management operations across multiple encryption deployments and products, while ensuring administrators are restricted to roles defined for their scope of responsibilities, from a centralized management console. Also, KeySecure for Government can utilize existing LDAP or AD directories to map administrative and key access for applications and end users.
- High-Availability and Intelligent Key Sharing. Deploy in flexible, high-availability configurations within an operations center and across geographically dispersed centers or service provider environments using an active-active mode of clustering.
- Auditing and Logging. Detailed logging and audit tracking of all key state changes, administrator access and policy changes. Audit trails are securely stored and signed for non- repudiation and can be consumed by leading 3rd party SIEM tools.
- Next-Generation Storage and Archive Solution. Simplify secure storage and efficiently scale data centers while reducing costs and complexity.
- Cryptographic Erase. Securely sanitize target media in compliance with NIST SP 800-88 Rev 1 by centrally managing key lifecycle.
KeySecure for Government Model Comparison
||AWS AMI or VMWare OVA
|Max concurrent clients per cluster
|Redundant hot-swap HDs & Power
||FIPS 140-2 Level 3
||FIPS 140-2 Level 1 Level 2 or 3 via HSM Integration Option
||Optional via Network Attached HSM