Skip Navigation
  • Overview

    KeySecure G160 is a tactical cryptographic key management platform that protects and manages cryptographic keys and associated policies used to encrypt the most sensitive data-at-rest in remote and tactical environments. This cost-effective solution is conducive for deployments ranging from small enclaves to a large disconnected environments.

    KeySecure G160’s small form factor enables it to be easily deployed across bandwith-limited mobile data centers. It enables rapid tactical key destruction and recovery to keep mission-critical data safe even in the most hazardous environments.

    KeySecure G160 is manufactured, sold, and supported exclusively in the United States by SafeNet Assured Technologies.

    KeySecure G160 Use Cases

    KeySecure G160 brings the same-level of cryptographic key management found in traditional data centers to tactical environments such as:

    • Forward Deployed Environments
    • Disconnected Environments
    • Forward Operating Bases
    • Mobile Command Centers
    • Forward Mission Operations
    • Disaster Recovery Centers

    KeySecure G160 integrates with SafeNet encryption products and third-party solutions for data, storage, virtual workload, and application encryption.

    • Storage: supports leading storage platforms and cloud storage services
    • Virtual Machine Encryption Provides a “keys in hardware” solution for virtual machine encryption
    • Data Encryption Solutions:Provides encryption solutions for data in various formats including structured, unstructured and Self Encrypting Drives with SafeNet AT ProtectSED
    • Applications:Supports application level encryption via SafeNet ProtectApp and integrations from cloud application partners

    Highlighted Capabilities

    • Heterogeneous Key Management. Manage keys for SafeNet encryption products as well as a large variety of third-party encryption solutions through an industry standard interface 
    • Key Types. Centrally manage Symmetric Keys, secret data, and X.509 certificates along with associated policies.
    • HSM Integration. The eToken 5110 or HA token provides on-board cryptographic processing capabilities through its embedded hardware security module. The token leveraged by KeySecure G160 is used as a secure root of trust for key generation, secure key storage, and encryption/decryption. The token is capable of performing all private and public key cryptographic functions inside the token.
    • Full Lifecycle Key Support and Automated Operations. Simplify the management of encryption keys across the entire lifecycle including secure key generation, storage and backup, key distribution, deactivation and deletion. Automated, policy driven operations simplify key expiry and rotation tasks.
    • Centralized Administration of Granular Access, Authorization Controls and Separation of Duties. Unify key management operations across multiple encryption deployments and products, while ensuring administrators are restricted to roles defined for their scope of responsibilities, from a centralized management console.
    • High-Availability and Intelligent Key Sharing.Deploy in flexible, high-availability configurations within an operations center and across geographically dispersed centers or service provider environments using an active-active mode of clustering.
    • Auditing and Logging. Detailed logging and audit tracking of all key state changes, administrator access and policy changes. Audit trails are securely stored and signed for non- repudiation and can be consumed by leading 3rd party SIEM tools.
    • Next-Generation Storage and Archive Solution.Simplify secure storage and efficiently scale data centers while reducing costs and complexity.
    • Cryptographic Erase.Securely sanitize target media in compliance with NIST SP 800-88 Rev 1 by centrally managing key lifecycle.
  • Features & Benefits
    • Leverages eToken 5110 or HA Token for HSM
    • Small form factor
    • Lightweight
    • Low power consumption
    • Mobile vehicle, tactical networks
    • Deny access to crypto-ignition
    • Secure wipe/erase (data)
    • Secure zeroization (keys)
    • HSM/Keystore removal
    • 1G Ethernet interface
    • CLI and web user interface
  • Technical Specs
    • KeySecure G160 Dimensions: 4” x 8” x 1”
    • Operating Temperatures: 0C - +40C
  • Model Comparison

    KeySecure for Government Model Comparison

    Feature G160  G460 G350v
    Form Factor Mini Appliance 1u Appliance AWS AMI or VMWare OVA
    Max keys 1,000 1,000,000 1,000,000
    Max concurrent clients per cluster 100 1,000 1,000
    Redundant hot-swap HDs & Power No Yes N/A
    Certification FIPS 140-2 Level 3 or HA Token FIPS 140-2 Level 3 FIPS 140-2 Level 1 Level 2 or 3 via HSM Integration Option
    HSM Integration eToken 5110 or HA Token Embedded Optional via Network Attached HSM