KeySecure for Government is a centralized key management platform that supports a broad encryption ecosystem for the protection of sensitive data-at-rest across traditional or virtualized data centers and public cloud environments.
Skip Navigation
  • Overview

    Enterprise-level Centralized Cryptographic Key Management Platform

    KeySecure for Government G460 (KeySecure G460) is a centralized cryptographic key management platform that supports a broad encryption ecosystem for the protection of sensitive data-at-rest across enterprise-level data centers. KeySecure G460 supports an embedded hardware root of trust utilizing a FIPS 140-2 3 Luna for Government hardware security module.

    Developed for U.S. Government use, KeySecure G460 is manufactured, sold, and supported in the U.S. exclusively by SafeNet Assured Technologies.

    KeySecure for Government Use Cases

    KeySecure for Government use cases for centralized key management cover SafeNet encryption products and third-party solutions for backup media and storage, virtual workload and application encryption.

    • Backup Media: KeySecure for Government supports industry leading tape libraries, scalable backup and cloud archive solutions
    • Storage: KeySecure for Government supports leading storage platforms and cloud storage services 
    • Data Encryption Solutions: KeySecure for Government provides encryption solutions for data in various formats – structured (such as databases) and unstructured (file level encryption, big data) – ensuring appropriate access to users requiring the information and IT teams providing infrastructure support
    • Applications: KeySecure for Government supports application level encryption via SafeNet ProtectApp and integrations from cloud application partners

  • Highlighted Capabilities
    • Heterogeneous Key Management. Manage keys for SafeNet encryption products as well as a large variety of third-party encryption solutions through an industry standard interface 
    • Multiple Key Types. Centrally manage Symmetric and Asymmetric Keys, secret data, and X.509 certificates along with associated policies.
    • Full Lifecycle Key Support and Automated Operations. Simplify the management of encryption keys across the entire lifecycle including secure key generation, storage and backup, key distribution, deactivation and deletion. Automated, policy driven operations simplify key expiry and rotation tasks.
    • Centralized Administration of Granular Access, Authorization Controls and Separation of Duties. Unify key management operations across multiple encryption deployments and products, while ensuring administrators are restricted to roles defined for their scope of responsibilities, from a centralized management console. Also, KeySecure G460 can utilize existing LDAP or AD directories to map administrative and key access for applications and end users.
    • High-Availability and Intelligent Key Sharing. Deploy in flexible, high-availability configurations within an operations center and across geographically dispersed centers or service provider environments using an active-active mode of clustering.
    • Auditing and Logging. Detailed logging and audit tracking of all key state changes, administrator access and policy changes. Audit trails are securely stored and signed for non- repudiation and can be consumed by leading 3rd party SIEM tools.
    • Next-Generation Storage and Archive Solution. Simplify secure storage and efficiently scale data centers while reducing costs and complexity.
    • Cryptographic Erase. Securely sanitize target media in compliance with NIST SP 800-88 Rev 1 by centrally managing key lifecycle.
  • Features & Benefits
    • Single, centralized platform for  managing cryptographic content (keys and related data) and applications including the ability to perform high speed encryption/decryption operations
    • Use Case Expansion: Transform your key management appliance into a server that includes support for SafeNet encryption products
    • Simplify Compliance. Efficiently audit key management practices, save staff time, and simplify attainment of compliance mandates with efficient, centralized auditing of key management practices such as FIPS 140-2, PCI-DSS, HIPAA
    • Environment Independent Key Management. Key management policies and procedures are consistent
    • Risk Mitigation with Maximum Key Security. Tamper-proof hardware options supporting an embedded hardware root of trust with a FIPS 140-2 Level 3  Luna for Government hardware security module 
    • Lower Total Cost of Ownership. Leverage a continuously growing list of 3rd party technologies leveraging SafeNet encryption products and the OASIS KMIP standard
    • Multi-Tenant Solution. Includes a breadth of features to optimize performance, security, and usability in a multi-tenant environment offering numerous capabilities used to ensure separation of tenant keys and administrative capabilities.
  • Supported Technologies

    API Support

    • Java, C/C++, .NET, XML open interface, KMIP standard

    Network Management

    • SNMP (v1, v2, and v3), NTP, URL health check, signed secure logs & syslog, automatic log rotation, secured encrypted and integrity checked backups and upgrades, extensive statistics

    Appliance Administration

    • Secure Web-based GUI, Command Line Interface

    Authentication

    • LDAP and Active Directory
    • Common Access Card Authentication