KeySecure for Government G160 (KeySecure G160) is a compact cryptographic key management platform that protects and manages cryptographic keys and associated policies used to encrypt the most sensitive data-at-rest. This cost-effective solution is ideal for small to medium sized deployments commonly found in small offices, remote sites, and tactical environments. KeySecure G160’s small form factor allows it to be easily deployed in any environment while still providing the best in class security features customers are accustomed to finding in the KeySecure for Government product family.
KeySecure G160 includes a FIPS 140-2 Level 3 token or a high assurance cryptographic token as its hardware root of trust. The token hardware security module (HSM) operates as a secure root of trust by encrypting all sensitive objects (e.g. keys, certificates, etc.) in KeySecure with keys that are generated by, and reside in, the token HSM. The removable token HSM provides an easy to use method to support common key management scenarios such as rapid key delivery disablement, key destruction, cryptographic erase, and time of use restrictions. By simply removing the detachable token you can keep mission-critical data safe, whether in the most hazardous environment or a remote branch office.
Rightsizing Cryptographic Key Management for the Field
Originally developed for the tactical market segment, the G160 has evolved into a cost-effective key management solution that is well suited for many small to medium size deployments of encrypting endpoints (e.g. storage arrays, virtual machines, file servers, etc.). Regardless of the specific use case, all KeySecure G160 deployments benefit from the following characteristics of the G160 platform:
- Measuring only 6.5”x4.0”x1.5”, the G160 fits well in space-constrained environments in which the customer has low size, weight, and power (SWaP) needs.
- G160 is easy to operate by someone with basic computer skills.
- Removable token HSM to quickly disable key delivery.
- Broad partner ecosystem. KeySecure is proven interoperable with industry’s leading vendors in the storage (NetApp, Tintri, HPE, Dell EMC, Cohesity, etc.), virtualization (VMware, AWS, etc.), hyper-converged infrastructure (Nutanix, Klas Telecom, etc.), file encryption (Windows, Linux), and application encryption (Enveil, MarkLogic, etc.) markets.
Common KeySecure G160 Deployments
KeySecure G160 can be used in conjunction with the KeySecure G460 and G350v models as part of an enterprise-wide key management strategy. With common security features, user interfaces, and reporting mechanisms across the entire KeySecure for Government product family, customers can leverage their investment in training, security evaluations, and compliance procedures to deploy core-level cryptographic key management capabilities to the edge using the KeySecure G160. The G160 is commonly deployed as a cost-effective solution in the following environments:
- Small data storage deployments
- Branch and remote offices
- Tactical deployments including forward deployed environments, forward operating bases, mobile command centers, forward mission operations
- Disaster recovery centers
- Remote, lights-out, non-managed facilities
- Lab or proof of concept deployments