Thales Blog

New Tools For Defenders Of Data – The Vormetric Data Security Platform 5.2.1 Release

May 30, 2014

Yesterday, we announced the general availability of Vormetric Data Security Release 5, Version 5.2.1.  This is a full release for our set of Data Security Platform products, including extensive enhancements to our flagship Vormetric Transparent Encryption product, our new Vormetric Application Encryption offering, updates to our Data Security Manager appliance, encryption agents, key management and more.  The release is the culmination of significant work by Vormetric product development, product management and product marketing teams and further extends our platform to support more solutions and the enterprise ecosystem.

To our customers, I’d like to say “Thank You – We Listened” because this release is driven by your clearly expressed needs.  “Yes” we added additional platforms to our supported list.  “Yes” we’ve enhanced the security of our communications (with Suite B encrypted communications within our infrastructure).  “Yes” we’ve added application encryption to the platform as 80% of you requested.   Take a look at just our top level items below and you’ll see that the release is packed with new features you requested, as well as offering enhanced security, certifications and enhancements for cloud enablement and big data. If you are a “Defender of Data” we’ve given you some distinctly enhanced tools for your work:

  1. Vormetric Application Encryption :This is the first release in which we are bringing our application encryption solution to market. Based on the PKCS#11 standard for cryptography and key management, the application encryption library of APIs enables field or column level protection of sensitive data. This provides the highest level of security for protecting data at a granular level. All managed by our Data Security Manager.
  2. Vormetric Transparent Encryption: With several usability and performance enhancements we released our popular agents for AIX, HPUX, Solaris, Windows and Linux (Red Hat, SuSe, Ubuntu).  Releasing these agents on multiple operating systems and operating system versions speaks to our operational efficiency!
  3. Enhanced Security:We advanced the state of security by supporting a suite of advanced cryptographic algorithms such as Elliptic Curve Cryptography (ECC). ECC is the latest generation public key cryptography and provides a significantly more secure foundation than first-generation public key cryptography systems like RSA. Using ECC the Vormetric Encryption agents and the Data Security Manager communicate with each other using the highest levels of security.
  4. Usability: The Data Security Manager has a new policy composer that obsoletes the previous  applet based policy composer that had a dependence on Java Runtime Environment (JREs). Arguably, this usability enhancement also is more secure by eliminating the dependency on Java and the security vulnerabilities.
  5. Cloud and MSP/MSSP Enablement: We offer a new communication model between our agents and the DSM, which we call “1-way” communication. To put it very simply, the agents can now initiate the communication with DSM and query for policy and status updates. This communication model allows encryption agents deployed in a  cloud service provider environment to get its policies from a DSM deployed on the customer’s premise. Having customers be the custodians of keys makes the cloud more secure and trusted!  It’s also a great feature to have for those who remotely support customer environments such as Managed Service Providers and Managed Security Service Providers.  Now you can much more easily manage and maintain data security within your customer’s data centers.
  6. HADOOP Big Data:And as we make a further foray into the world of HADOOP we certified our release again with Cloudera HADOOP Version 5.
  7. Key Management Interoperability Protocol (KMIP): The Data Security Manager now offers s key management for 3rd party encryption using the KMIP protocol. With this protocol it is now possible to secure storage systems that use self encrypting drives with the DSM providing the key management. And KMIP enables many secure applications to use a centralized enterprise class key manager.
  8. APIs:  We offer a rich set of APIs (PKCS #11, WSDL) and tool kits such as our vmssc that enable our enterprise customers to automate deployment, create policies, administer the DSM and write secure applications. We offer a platform to build upon!
  9. Security Intelligence: In addition to the RFC5424 format. We added two new log formats i.e. CEF and LEEF for our audit logs With these additional log formats our products are now well integrated with these Security Intelligence Event Management (SIEM) tools: Splunk, IBM’s QRadar and HP ArcSight. Using analytics and anomaly detection capabilities of these tools, customers can analyze the Vormetric Data Security audit logs
  10. Compatibility, Compatibility,Compatibility: We live and die ensuring compatibility between the various versions of our software, so our enterprises customers can upgrade either the agent or the DSM at their convenience. Older version agents work with the latest version of the DSM and vice versa.

With this enhanced feature set to protect data-at-rest, we now address a broader range of the security and compliance requirements of enterprises, cloud service providers and others –  With our single, secure platform.