Learn about the major reasons for current KeySecure customers to migrate to the new CipherTrust Manager appliance now. Customers who have relied on the KeySecure platform over many years can now take advantage of the advanced capabilities in this next-generation key management product from Thales.
1. New Data Discovery and Classification
CipherTrust Manager enables organizations to discover and classify sensitive data wherever they reside across their on-premises, big data, and cloud environments, and take remediation actions using a variety of data protection connectors to reduce business risks.
2. New Self-service Licensing
A new customer-facing licensing portal streamlines the provisioning of connector licenses and the new management console in CipherTrust Manager enables organizations to gain better visibility and control of their data protection connector licenses in use.
3. Improved Monitoring and Alerting
It includes tracking of all administrator access, encryption key state, and policy changes in multiple log formats (RFC-5424, CEF, LEEF) for easy integration with SIEM tools. In addition, customers can generate pre-configured and customizable email alerts (SNMP v1, v2c, v3).
4. Developer Friendly REST APIs
CipherTrust Manager offers new REST interfaces, in addition to KMIP and NAE-XML APIs, for developers to simplify the deployment of applications integrated with key management capabilities and automate the development and testing of administrative functions. Physical Appliance Improvements
5. High-speed Interfaces and NIC Bonding
The new CipherTrust Manager appliances (k470 and k570) provide optional 2x1GB/2x10GB network interface cards (NIC) as well as NIC bonding to increase available bandwidth.
6. Password and PED Authentication
The k570 appliance now offers customers the choice of Password or PIN Entry Device (PED) authentication, allowing customers options for stronger authentication. Flexible Deployment Options
7. Cloud-Friendly Deployments
CipherTrust Manager offers several options to securely migrate applications to multiple cloud environments.
• Offers support for AWS, Azure, Google Cloud, VMware, HyperV, Oracle VM, and more.
• Integration with CipherTrust Cloud Key Manager to support bringing your own key (BYOK) across multiple cloud infrastructures and SaaS applications
8. Hybrid High-Availability Clustering
It offers a choice of clustering a physical with a virtual appliance for high-availability environments to ensure optimum processing regardless of the workload location (data center or cloud).
9. Multi-tenancy Support
It provides capabilities required to create multiple domains with separation of duties to support large organizations with distributed locations or multiple companies hosted by Managed Service Providers (MSP) Expanded HSM Options
10. FIPS 140-2 Validated HSMs
CipherTrust Manager provides several options to integrate with a FIPS 140-2 validated physical or virtual HSMs as a secure root of trust for better key entropy.
• Built-in HSM crypto accelerator card on a CM k570 appliance.
• Network attached Luna HSM with HA clustering
• Cloud HSM (Data Protection on Demand service) for several major cloud service providers
