CipherTrust Manager (formerly known as Next Generation KeySecure) offers the industry leading enterprise key management solution enabling organizations to centrally manage encryption keys, provide granular access control and configure security policies. CipherTrust Manager is the central management point for the CipherTrust Data Security Platform. It manages key lifecycle tasks including generation, rotation, destruction, import and export, provides role-based access control to keys and policies, supports robust auditing and reporting, and offers developer friendly REST API.
CipherTrust Manager is available in both virtual and physical appliances that integrates with FIPS 140-2 compliant Thales Luna or third-party Hardware Security Modules (HSMs) for securely storing keys with a highest root of trust. These appliances can be deployed on-premises in physical or virtualized infrastructures and in public cloud environments to efficiently address compliance requirements, regulatory mandates and industry best practices for data security. With a unified management console, it makes it easy to set policies, discover and classify data, and protect sensitive data wherever it resides using the CipherTrust Data Security Platform products.
Integrated solutions enable KMIP compliance
CipherTrust Manager provides a unified management console that enables you to discover and classify sensitive data, and protect data using integrated set of Thales Data Protection connectors across on-premises data stores and multi-cloud deployments. It offers advanced self-service licensing for improved visibility and control of licenses.
It offers users with additional hosting options, and can run as a native virtual machine on AWS, Microsoft Azure, Google Cloud, VMware, Microsoft HyperV, and more. Additionally, native support of CipherTrust Cloud Key Manager on CipherTrust Manager streamlines key management across multiple cloud infrastructures and SaaS applications.
It is available in both virtual and physical form factors and FIPS 140-2 levels. Flexible deployment options can easily scale to provide key management at remote facilities or in cloud infrastructures.
Simplifies management of encryption keys across their entire lifecycle, including secure key generation, backup/restore, clustering, deactivation and deletion. It unifies key management operations with role-based access control using existing Active Directory and LDAP credentials, and provides full audit log review.
Provides a single pane of glass for the CipherTrust Data Security Platform products, that enable organizations to discover, classify, and encrypt or tokenize data to reduce business risk and satisfy compliance regulations. It streamlines provisioning of connector licenses through a new self-service licensing for better visibility and control of licenses.
Offers new REST interfaces in addition to KMIP and NAE-XML APIs, for developers to simplify deployment of applications integrated with key management capabilities and automate testing and development of administrative operations.
Model Comparison |
k470 |
k570 |
|
|---|---|---|---|
|
Max Keys |
1,000,000 |
1,000,000 |
|
|
Max Concurrent Sessions |
1000 |
1000 |
|
|
Redundant hot-swap HDs and Power |
No |
No |
|
|
FIPS 140-2 Certification |
Integrates with external Level 3 certified Thales Luna and third-party HSMs |
Includes Level 3 certified HSM embedded in the appliance |
|
|
HSM Management |
Yes |
Yes |
|
|
Authentication |
Local User, LDAP and Active Directory |
||
|
Auditing and Logging |
|
||
|
Network Management |
|
||
|
API's Supported |
|
|
|
Hardware Specifications |
k470 |
k570 |
|---|---|---|
|
Dimensions |
19.0"(W) x 21"(D) x 1.75"(H) |
|
|
Weight |
12.7 Kgs. (28 lbs.) |
|
|
Processor |
Intel Xeon E3-1275v5 |
|
|
Network Interface Card (NIC) Options |
4x1GB interfaces 2x1GB / 2x10GB optional NICs NIC bonding support |
|
|
Hard Drive |
1 X 2TB SATA SE (spinning Disk) |
|
|
Mother Board |
AIC AntliaAIC Antlia |
|
|
Average Power |
0.7A @ 120V 84W |
|
|
Maximum Power |
100W |
|
|
Voltage |
100 – 240V 50-60 Hz |
|
|
Operating Ambient Temperature |
0 to 35 degree C (32 to 95 degree F) |
|
Model Comparison |
k170v |
k470v |
|---|---|---|
|
Max Keys |
25,000 |
1,000,000 |
|
Max Concurrent Sessions |
100 |
1000 |
|
FIPS 140-2 Certification |
|
|
|
Authentication |
Local User, LDAP and Active Directory |
|
|
Auditing and Logging |
|
|
|
Network Management |
|
|
|
APIs Supported |
|
|
Hardware Specifications |
k170v |
k470v |
|---|---|---|
|
Minimum System Requirements |
|
|
CipherTrust Manager enables organizations to centrally manage encryption keys for Thales CipherTrust Data Securiy Platform and third party products. It simplifies key lifecycle management tasks, including secure key generation, backup/restore, clustering, deactivation, and...
Learn about the major reasons for current KeySecure customers to migrate to the new CipherTrust™ Manager appliance now. Customers who have relied on the KeySecure platform over many years can now take advantage of the advanced capabilities in this next generation key...
Discover how organizations can centrally manage keys for third-party devices including Microsoft SQL TDE, Oracle TDE, and KMIP-compliant encryption products.
Today, every IT organization is striving to protect valuable digital assets of any enterprise from accidental exposure or intentional misuse by cyber criminals. Many organizations have deployed a variety of point encryption solutions as a primary method of protecting sensitive...
Review the capabilities of data discovery and classification of sensitive data, which is integrated with the CipherTrust Manager management console.
Many infrastructure-, platform-, and software-as-a-service providers offer data-at-rest encryption capabilities with encryption keys managed by the service provider. Meanwhile, many industry or internal data protection mandates, as well as industry best practices as defined by...
Thales offers CipherTrust Manager as the central enterprise key management solution for an expansive ecosystem of storage and archive infrastructure partners, as described in this Solution Brief