Skip Navigation
Posted by: Alison Maine

As cloud service providers such as Microsoft roll out new services at a staggering rate, customers must take advantage of these capabilities while still fulfilling their obligation to “own the data” by securing the data with encryption and cloud independent key management. Now, customers can leverage the encryption capabilities built into the Microsoft cloud while using SafeNet AT KeySecure for Government to manage and maintain ownership of their encryption keys.

Using the ProtectApp APIs supported by KeySecure for Government and Azure Key Vault, SafeNet AT has developed a reference tool called SafeNet AT ManageAKV that implements the integration between KeySecure for Government and Azure Key Vault. The ManageAKV tool securely authenticates to KeySecure for Government (using the ProtectApp Java/JCE SDK) and Azure (using the Azure APIs) and is used as the secure conduit to issue commands to KeySecure for Government and Azure Key Vault related to the management of customer managed keys.

The ManageAKV tool is provided as part of ProtectApp JCE. For more information, download the Azure Key Vault and KeySecure for Government Solution Brief

Posted by: Alison Maine

The ProtectV release 4.7.3 is a minor release that specifically addresses two high severity issues found in release 4.7.0. Refer to the ProtectV 4.7.3 Customer Release Notes for details. Details on release 4.7.0 are included below.

ProtectV 4.7.0 Release Summary (Released released 30 January 2019)

SafeNet ProtectV 4.7.0 release also supports ProtectV clients for Ubuntu 18.04 LTS and RHEL 7.6, and enable either automatic or manual control of disk encryption in Windows servers.

Feature Details:

  • Password Expiration Policy – SafeNet ProtectV 4.7.0 incorporates a password expiration policy for SafeNet ProtectV users. Passwords of the users (including the SafeNet ProtectV administrators) now have an expiration period of 90 days.
  • Password Complexity Validation – Complexity of the passwords of SafeNet ProtectV users and the SafeNet ProtectV Manager Database (SPVMDB) is now validated. The new passwords must be at least ten characters, contain at least one upper case letter, one lower case letter, one digit, and one special character.
  • Enhanced Account Lockout – The account lockout feature has been enhanced. A user’s account will be locked for 10 minutes after three failed login attempts instead of five. The remaining time until the account is locked will be displayed on the login screen.
  • Windows Auto Protection – A new option, Windows Auto Protection, is provided on the ProtectV Manager Console. This can be used to configure automatic encryption behavior of Windows client instances on registration. By default, encryption of a Windows client instance starts as soon as it is registered with SafeNet ProtectV Manager.
  • Support for Oracle Cloud Infrastructure – SafeNet ProtectV 4.7.0 extends support for ProtectV Manager on Oracle Cloud Infrastructure. You can launch your ProtectV Manager virtual machine on Oracle Cloud Infrastructure.
  • Improved User Name Conventions – SafeNet ProtectV now validates values entered in the Username and Display Name fields on the ProtectV Manager Console. These fields allow alphabets and numbers only; special characters are not allowed. If a special character is entered, the message “Username and Display Name should contain alphabets and numbers only.” is displayed.
Posted by: Alison Maine

KeySecure for Government 8.12.1 is now available. This release specifically addresses an issue found in release 8.12.0 concerning the SafeNet Virtual KeySecure G350v connected to a Remote HSM, both VMWare and AWS. It was discovered that after successfully registering a G350v to a remote HSM, object such as Keys, Local CAs, Certificates and Cluster Keys cannot be created. SafeNet AT strongly recommends implementing release 8.12.1 for VMWare instead of release 8.12.0 to forestall any possible issues with remote HSM functionality. Customers who use G350v on AWS should remain on version 8.11.0. This ONLY effects Virtual KeySecure G350vs that are registered to a Remote HSM. All other KeySecure platforms (G460 and G160) are NOT affected, nor are G350vs that do not register to a Remote HSM. If you are NOT using a Remote HSM then release 8.12.0 may be used for G350v (VMWare or AWS).

Posted by: Alison Maine

The SafeNet Ethernet Encryptor CN6140 is now available for sale to the U.S. Federal Government. The CN6140 is a multi-port (1 or 10 Gbps), high-assurance encryptor designed to provide up to 40 Gbps (4x10), full line rate transparent encryption for all voice, video, and data communications moving across dark fiber, and metro or wide area Ethernet networks (MAN or WAN).
 
CN6140 Highlights:

  • 8 x SFP+ physical ports 
  • Supports 1/10 Gbps interfacing
  • Up to 40Gbps total throughput (4x10G)
  • Industry Low Overhead
  • Ultra-low Latency
  • Crypto Agile Platform
  • Supports Future Security Requirements

5.0.1 Firmware Release

In addition to the new hardware appliance, a firmware update is available for all HSE appliances and includes the following new features and enhancements:

  • KeySecure for Government integration now available for all hardware platforms
  • Meets NIST SP800-131A Key transition requirements
  • FIPS 140-2 Level 3 certification in process. 
  • DODIN APL certification to begin post-FIPS certification
  • Forward Error Correction (FEC) on CN9120 devices

Note: Firmware is not backwards compatible due to changes in support of new NIST requirements.

Download the resources below to learn more about the SafeNet Ethernet Encryptor CN6140

Posted by: Alison Maine

SafeNet AT announces the End-of-Support (EOS) and End-of-Life (EOL) dates for the MDeX System. While SafeNet AT will no longer accept orders for MDeX units, support for existing fielded units will continue through the End-of-Support date noted below.

SafeNet AT will maintain limited spares and support capability throughout the life of all contracts currently in place. For customers with active and paid service and support contracts, support will be available until the termination date of the contract, even if this date exceeds the Last Date of Support shown in the Milestone Dates table below.

Milestone Dates

  • End-of-Support: June 30, 2020. Technical support, security updates, and software/firmware maintenance cease. 
  • Start of Good Faith Support: July 1, 2020. Best effort support of RMAs or equipment repairs for customers with existing maintenance.
  • End-of-Life: July 1, 2021. The MDeX System product family is no longer supported.