Zettaset XCrypt – Key Management and Administration
- XCrypt Virtual Enterprise Key Manager
- XCrypt Virtual Hardware Security Module
Integrated Encryption Key Management for Easy Deployment and Low Cost
Enterprises that are serious about protecting the integrity of their data, their customers’ data, and complying with regulations know the value of encryption. The challenge for many is how to control costs and easily manage this critical security control in today’s big data environments. Specifically, key management – many admins are not encryption experts and may be hesitant to move from managing keys with Microsoft Excel or pen and paper to a full-fledged key manager due to the steep learning curve. The solution is Zettaset’s software-based encryption key management.
Simplified Key Management
Zettaset is a software-based encryption key management solution built around OASIS industry compatibility standards that bridges the gap between manual, insecure ways to manage encryption keys (such as writing them down) and a complex key management system with a large number of options and settings. Zettaset’s key manager does everything you need for securing your data across physical, virtual, and cloud instances, without the complexity of many other available key management systems.
Virtual and Cloud Ready
Zettaset’s key manager is designed for today’s cloud and virtual environments and can readily match the elasticity of virtual machines and cloud computing. As virtual machines running the database are provisioned (and de-provisioned) to balance capacity needs, Zettaset requires no manual intervention at the management console. Deploying software-based key managers and HSMs (hardware security modules) is more cost-effective and less disruptive than traditional appliance approaches in highly elastic cloud environments, offering much greater operational efficiencies.
The Zettaset XCrypt™ Data Encryption Platform is a comprehensive encryption solution for the enterprise that includes encryption software plus an integrated virtual key manager and virtual hardware security module. Zettaset XCrypt can also work with existing key managers and hardware security modules if either are already in place.
- XCrypt Virtual Enterprise Key Manager is a software-based key manager that automates the management of policies that protect and control access to business-critical encryption keys.
- XCrypt Virtual Hardware Security Module is a software-based HSM that securely stores the master key and master hash key used to encrypt and hash the contents of the key manager database.
The XCrypt Data Encryption Platform offers you a choice of different encryption solutions, depending on the needs of your data environment. Each one includes the integrated Virtual Enterprise Key Manager and Virtual Hardware Security Module.
- XCrypt Full Disk – High-performance full disk encryption for any structured or unstructured data
- XCrypt Archive – Encrypted enterprise backup and restore with key management integration
- XCrypt Object – Granular, next-generation encryption and data integrity protection for object data stores
Efficiently and Securely Manage and Store Cryptographic Keys
Zettaset enables organizations to efficiently and securely manage and store cryptographic keys and policies, keeping them safely separated from the encrypted data. Key management and encryption can be applied to NoSQL, Object, and Hadoop, databases, as well as multiple file and object storage systems. The XCrypt Virtual key manager keeps a database of encryption keys which are encrypted and protected using master keys in HSMs. The master keys are accessed through a PKCS#11-standard interface.
Full Compatibility with Enterprise Encryption Standards for Investment Protection
For enterprises that already have existing key management and HSM infrastructure in place, every component of the Zettaset XCrypt Data Encryption Platform is fully-compatible with OASIS-standard Key Management Interoperability Protocol (KMIP) key managers and Public Key Cryptography Standard (PKCS) #11 hardware security module (HSMs), and therefore can fit into any environment where these products already exist.
- Highly-automated, software-based encryption key management reduces hardware requirements, simplifies encryption deployment and on-going administration
- Optimized for high performance in large-scale distributed and virtualized computing systems in the cloud or on-premises
- Full key life-cycle support including key erasure, backup, and restore
- KMIP compatible – interoperable with all major key managers
- File metadata cryptographically protected and tied to data for complete file protection
- Highly-automated, software-based hardware security module (HSM) reduces hardware requirements, simplifies encryption deployment and on-going administration
- Securely stores keys and hash keys used to encrypt and hash contents of key manager database, enabling a caller to do crypto operations with keys while securely retaining them within the HSM process
- Supports secure key exchange between HSMs to create backup HSMs for redundancy
- Optimized for scalability and performance in dynamic big data distributed computing distributed systems in the cloud or on-premises
- Light weight, self-contained solution runs on UNIX OS
- PKCS#11 compliant – interoperable with all major hardware security modules