CipherTrust Manager - Product Brief
CipherTrust Manager provides the detailed set of features, specifications and benefits offered by this next generation key and policy management product from Thales
CipherTrust Manager
CipherTrust Manager (formerly known as Next Generation KeySecure) offers the industry leading enterprise key management solution enabling organizations to centrally manage encryption keys, provide granular access control and configure security policies. CipherTrust Manager is the central management point for the CipherTrust Data Security Platform. It manages key lifecycle tasks including generation, rotation, destruction, import and export, provides role-based access control to keys and policies, supports robust auditing and reporting, and offers developer friendly REST API.
CipherTrust Manager is available in both virtual and physical appliances that integrates with FIPS 140-2 compliant Thales Luna or third-party Hardware Security Modules (HSMs) for securely storing keys with a highest root of trust. These appliances can be deployed on-premises in physical or virtualized infrastructures and in public cloud environments to efficiently address compliance requirements, regulatory mandates and industry best practices for data security. With a unified management console, it makes it easy to set policies, discover and classify data, and protect sensitive data wherever it resides using the CipherTrust Data Security Platform products.
How do you handle the challenges around Enterprise key management systems?
Integrated solutions enable KMIP compliance
- Benefits
- Features
- Specifications
Simplified Management
CipherTrust Manager provides a unified management console that enables you to discover and classify sensitive data, and protect data using integrated set of Thales Data Protection connectors across on-premises data stores and multi-cloud deployments. It offers advanced self-service licensing for improved visibility and control of licenses.
Cloud Friendly Deployment
It offers users with additional hosting options, and can run as a native virtual machine on AWS, Microsoft Azure, Google Cloud, VMware, Microsoft HyperV, and more. Additionally, native support of CipherTrust Cloud Key Manager on CipherTrust Manager streamlines key management across multiple cloud infrastructures and SaaS applications.
Flexible Form Factors
It is available in both virtual and physical form factors and FIPS 140-2 levels. Flexible deployment options can easily scale to provide key management at remote facilities or in cloud infrastructures.
Centralized Key Lifecycle Management
Simplifies management of encryption keys across their entire lifecycle, including secure key generation, backup/restore, clustering, deactivation and deletion. It unifies key management operations with role-based access control using existing Active Directory and LDAP credentials, and provides full audit log review.
Unified Management Console
Provides a single pane of glass for the CipherTrust Data Security Platform products, that enable organizations to discover, classify, and encrypt or tokenize data to reduce business risk and satisfy compliance regulations. It streamlines provisioning of connector licenses through a new self-service licensing for better visibility and control of licenses.
Developer Friendly REST APIs
Offers new REST interfaces in addition to KMIP and NAE-XML APIs, for developers to simplify deployment of applications integrated with key management capabilities and automate testing and development of administrative operations.
CipherTrust Manager Physical Appliance
Model Comparison |
k470 |
k570 |
|
|---|---|---|---|
|
Max Keys |
1,000,000 |
1,000,000 |
|
|
Max Concurrent Sessions |
1000 |
1000 |
|
|
Redundant hot-swap HDs and Power |
No |
No |
|
|
FIPS 140-2 Certification |
Integrates with external Level 3 certified Thales Luna and third-party HSMs |
Includes Level 3 certified HSM embedded in the appliance |
|
|
HSM Management |
Yes |
Yes |
|
|
Authentication |
Local User, LDAP and Active Directory |
||
|
Auditing and Logging |
|
||
|
Network Management |
|
||
|
API's Supported |
|
|
|
Hardware Specifications |
k470 |
k570 |
|---|---|---|
|
Dimensions |
19.0"(W) x 21"(D) x 1.75"(H) |
|
|
Weight |
12.7 Kgs. (28 lbs.) |
|
|
Processor |
Intel Xeon E3-1275v5 |
|
|
Network Interface Card (NIC) Options |
4x1GB interfaces 2x1GB / 2x10GB optional NICs NIC bonding support |
|
|
Hard Drive |
1 X 2TB SATA SE (spinning Disk) |
|
|
Mother Board |
AIC AntliaAIC Antlia |
|
|
Average Power |
0.7A @ 120V 84W |
|
|
Maximum Power |
100W |
|
|
Voltage |
100 – 240V 50-60 Hz |
|
|
Operating Ambient Temperature |
0 to 35 degree C (32 to 95 degree F) |
|
CipherTrust Manager Virtual Appliance
Model Comparison |
k170v |
k470v |
|---|---|---|
|
Max Keys |
25,000 |
1,000,000 |
|
Max Concurrent Sessions |
100 |
1000 |
|
FIPS 140-2 Certification |
|
|
|
Authentication |
Local User, LDAP and Active Directory |
|
|
Auditing and Logging |
|
|
|
Network Management |
|
|
|
APIs Supported |
|
|
Hardware Specifications |
k170v |
k470v |
|---|---|---|
|
Minimum System Requirements |
|
|
Related Resources
Top 10 reasons for Migrating to CipherTrust Manager - Data Sheet
Learn about the major reasons for current KeySecure customers to migrate to the new CipherTrust™ Manager appliance now. Customers who have relied on the KeySecure platform over many years can now take advantage of the advanced capabilities in this next generation key...
Enterprise Key Management Solutions - Solution Brief
Discover how organizations can centrally manage keys for third-party devices including Microsoft SQL TDE, Oracle TDE, and KMIP-compliant encryption products.
Key Management – Simplify Data Security - White Paper
Today, every IT organization is striving to protect valuable digital assets of any enterprise from accidental exposure or intentional misuse by cyber criminals. Many organizations have deployed a variety of point encryption solutions as a primary method of protecting sensitive...
Thales CipherTrust Data Discovery and Classification - Product Brief
Review the capabilities of data discovery and classification of sensitive data, which is integrated with the CipherTrust Manager management console.
CipherTrust Cloud Key Manager - Product Brief
Many infrastructure-, platform-, and software-as-a-service providers offer data-at-rest encryption capabilities with encryption keys managed by the service provider. Meanwhile, many industry or internal data protection mandates, as well as industry best practices as defined by...