Zettaset Big Data Encryption Key Management

• V-EKM Virtual Enterprise Key Manager
• V-HSM Virtual Hardware Security Module
• S3 Basic Client
All Software-Based Approach Optimized for Big Data and Cloud

Zettaset delivers a software based encryption solution that can readily match the elasticity of virtual machines and cloud computing. As virtual machines running the database are provisioned (and de-provisioned) to balance capacity needs, no manual intervention is required at the management console. Deploying software-based key managers and HSMs is more cost-effective and less disruptive than traditional hardware approaches in highly elastic cloud environments, offering power users greater operational efficiencies.

The Zettaset Big Data Encryption Suite includes a virtual key manager, HSM, and encryption software that can be easily added to a virtual machine or cloud when and where needed.

  • Zettaset V-EKM™ (Virtual Enterprise Key Manager) is a software-based key manager that automates the management and control of policies that protect and control access to business-critical encryption keys.
  • Zettaset V-HSM™ (Virtual Hardware Security Module) is a software-based HSM that securely stores the master key and master hash key used to encrypt and hash the contents of the key manager database.

Zettaset encryption systems software includes BDEncrypt™ for high-performance disk encryption, and BDEncrypt Plus™ for file-level encryption plus data integrity protection against unauthorized data manipulation.

Efficiently and Securely Manage and Store Cryptographic Keys

Zettaset enables organizations to efficiently and securely manage and store cryptographic keys and policies throughout the key management lifecycle in the enterprise. Zettaset can deliver layered encryption for file, zone, directory and partition levels, depending on the granularity requirements of the data environment. Key management and encryption can be applied to Hadoop, NoSQL and Relational databases, as well as multiple file and object storage systems.

Full Compatibility with Enterprise Encryption Standards

Every component of the Zettaset Big Data Encryption Suite is fully-compatible with existing Key Management Interoperability Protocol (KMIP) key managers and Public Key Cryptography Standard (PKCS) #11 hardware security module (HSMs), and therefore can fit into any customer environment where these products already exist. The Zettaset V-EKM key manager keeps a database of encryption keys which are encrypted and protected using master keys in HSMs. The master keys are accessed through a PKCS#11-standard interface.

Zettaset V-EKM Key Manager Features and Benefits
  • Software-based encryption key management reduces hardware requirements, simplifies encryption deployment and on-going administration
  • Optimized for scalability and performance in dynamic Big Data distributed computing distributed systems in the cloud, or on-premises
  • Full key life-cycle support including key erasure, backup and restore
  • KMIP and PKCS#11 compliant – Can be used as part of any KMIP and PKCS#11-compliant solution
  • File metadata cryptographically protected and tied to data for complete file protection
  • Highly automated management
Zettaset V-HSM Hardware Security Modules Features and Benefits
  • Software-based hardware security module (HSM) reduces hardware requirements, simplifies encryption deployment and on-going administration
  • Securely stores keys and hash keys used to encrypt and hash contents of key manager database, enabling a caller to do crypto operations with keys while securely retaining them within the HSM process
  • Supports secure key exchange between HSMs to create backup HSMs for redundancy
  • Optimized for scalability and performance in dynamic Big Data distributed computing distributed systems in the cloud, or on-premises
  • Light weight, self-contained solution runs on UNIX OS
  • PKCS#11 compliant – Can be used as part of any PKCS#11 compliant solution
Zettaset S3 Basic Client Features and Benefits
  • Enables organizations to take total control of encryption key access and management while using Amazon cloud services
  • One key per S3 bucket
  • Manual key generation by the administrator
  • Highly efficient and secure AES GCM crypto from the client
  • Java API and command line management support
  • Utilizes the Zettaset V-EKM key manager and V-HSM hardware security module
Zettaset Encryption Key ManagementZettaset Encryption Key Management

Free Trial, Customized Demo, or Both!

Your choice.


Our
Resources
Corporate
FactSheet
Our Resources
Videos
Solution Briefs
White Papers