It is costly and complex for IT organizations to protect data using multiple encryption technologies across disparate data silos, such as file-servers, databases, virtual environments, and cloud storage.

Enterprise Key Management solutions from Thales, enable organizations to centrally manage and store cryptographic keys and policies for third-party devices including a variety of KMIP Clients, TDE Agents on Oracle and Microsoft SQL Servers, and Linux Unified Key Setup (LUKS) Agents on Linux Servers. CipherTrust Enterprise Key Management delivers a robust, standards-based platform for managing encryption keys to protect data in disparate storage repositories across the enterprise. It simplifies the administrative challenges around encryption key management to ensure that keys are secure and always provisioned to authorized encryption services.

Enterprise Key Management System Diagram

Enterprise Key Management Introduction Video

Benefits
Features
Specifications

Unify Key and Certificate Management

Leverage CipherTrust Manager for managing keys for Thales data protection connectors and third-party applications including Microsoft SQL TDE, Oracle TDE, and KMIP-compliant encryption products.

Improve Operational Efficiency

Enterprise Key Management simplifies the process of managing cryptographic keys, enabling security teams to gradually consolidate the management of encryption across the enterprise that can reduce cost of ownership and minimize overall risks.

Prevent Unplanned Downtime

Minimize key availability and redundancy, leveraging secure replication of keys across multiple appliances with automated backups. Automated alerts help prevent unexpected key expiration.

CipherTrust Manager offers the following Enterprise Key Management solutions.

CipherTrust KMIP Clients:
Centrally manage keys across a variety of KMIP clients.

CipherTrust TDE Key Agents:
Protects data in databases using Transparent Data Encryption (TDE) Key Agents on Oracle and Microsoft SQL Servers.

CipherTrust LUKS Agents:
provides transparent data encryption on Linux servers using Linux Unified Key Setup (LUKS) Agents.

CipherTrust Cloud Key Manager:
Supports BYOK use-cases by centrally managing keys for multi-cloud environments, such as AWS, Microsoft Azure, Salesforce and more.

Secrets Management

Opaque Objects, Passwords, X.509 certificates
Symmetric and asymmetric encryption keys

Administration

Secure-web (CipherTrust Platform management console), CLI, REST API
Bulk import of digital certificates and encryption keys
Command line scripts

Key and Certificate Formats for Search, Alerts, and Reports

Symmetric encryption key algorithms: AES (default=128, 192, 256), ARIA), ARIA (default=128, 192, 256)
Asymmetric encryption key algorithms: RSA (512, default=1024, 2048, 3072, 4096)
Digital certificates (X.509): DER, PEM, PKCS#7, PKCS#8, PKCS#12
Go to Supported Key Algorithms for more details

Third-Party Encryption

Microsoft SQL TDE, Oracle TDE, IBM Security Guardium Data Encryption, KMIP-clients
Partner Categories: Tape Libraries, Enterprise Storage, Efficient Storage, Enterprise Servers, Database Servers, Virtual Environments, Cloud/SaaS, Backup & Recovery
Go to CipherTrust Manager Interoperability Overview for detailed list of partners

API Support

RESTful, Microsoft Crypto API (MS-CAPI), PKCS#11, OASIS KMIP

Key Availability and Redundancy

Secure replication of keys across multiple appliances with automated backups

How can you provide a clear path to comprehensive data security?

Total Economic Impact™ of Thales
CipherTrust Data Security Platform

Cost Savings and Business Benefits
Enabled by the CipherTrust Data Security Platform

Read the Study

Recommended Resources

Enterprise Key Management Solutions - Solution Brief

Discover how organizations can centrally manage keys for third-party devices including Microsoft SQL TDE, Oracle TDE, and KMIP-compliant encryption products.

TDE Key Management - Solution Brief

Microsoft SQL Server and Oracle Database solutions provide native transparent database encryption (TDE) that protects the data stored in their customers’ enterprise and cloud-hosted databases. And, as with any encryption-based security scheme, securing and managing the...

Thales Key Management – Simplify Data Security - White Paper

Simplify Data Security with Enterprise Key Management - White Paper

Today, every IT organization is striving to protect valuable digital assets from accidental exposure or intentional misuse. To meet various digital privacy regulations and compliance mandates, many organizations have deployed a variety of point encryption solutions as a...

CipherTrust EKM for Storage Infrastructure - Solution Brief

Thales offers CipherTrust Manager as the central enterprise key management solution for an expansive ecosystem of storage and archive infrastructure partners, as described in this Solution Brief

CipherTrust Transparent Encryption

Delivers high-performance encryption and least-privileged access controls for files, directories, and volumes.

Learn More

DevSecOps-friendly Data Protection

Delivers crypto functions such as key management, signing, hashing, and encryption services through APIs.

Learn More

CipherTrust Tokenization Solution

Quickly add tokenization and dynamic data masking to existing applications to protect data and meet regulations.

Learn More

CipherTrust Database Protection

Delivers comprehensive encryption and granular controls to secure the most sensitive data across your database environments.

Learn More

CipherTrust Manager

Offers industry leading enterprise key management solution to centrally manage encryption keys and configure security policies.

Learn More

CipherTrust Cloud Key Manager

Enables strong controls over encryption keys and policies for data encrypted by multiple cloud providers.

Learn More

Partners Resources Blogs Sentinel Drivers

Enterprise Key Management

Centralized key management for third-party devices, servers, databases, storage and virtual environments