CipherTrust Manager

Next Generation Enterprise Key Management

Centralize and simplify data security policies and key management anywhere

CipherTrust Manager

CipherTrust Manager (formerly known as Next Generation KeySecure) offers the industry leading enterprise key management solution enabling organizations to centrally manage encryption keys, provide granular access control and configure security policies. It manages key lifecycle tasks including generation, rotation, destruction, import and export, provides role-based access control to keys and policies, supports robust auditing and reporting, and offers developer friendly REST API.

CipherTrust Manager is available in both virtual and physical appliances that are FIPS 140-2 compliant for securely storing keys with the highest root of trust. These appliances can be deployed on-premises in physical or virtualized infrastructures and in public cloud environments to efficiently address compliance requirements, regulatory mandates and industry best practices for data security. With a unified management console, it makes it easy to set policies, discover and classify data, and protect sensitive data wherever it resides using an integrated set of Thales data protection connectors.

CipherTrust Manager

  • Benefits
  • Features
  • Specifications

Simplified Management

CipherTrust Manager provides a unified management console that enables you to discover and classify sensitive data, and protect data using integrated set of Thales Data Protection connectors across on-premises data stores and multi-cloud deployments. It offers advanced self-service licensing for improved visibility and control of licenses.

Cloud Friendly Deployment

It offers users with additional hosting options, and can run as a native virtual machine on AWS, Microsoft Azure, Google Cloud, VMware, Microsoft HyperV, and more. Additionally, native support of CipherTrust Cloud Key Manager on CipherTrust Manager streamlines key management across multiple cloud infrastructures and SaaS applications.

Flexible Form Factors

It is available in both virtual and physical form factors and FIPS 140-2 levels. Flexible deployment options can easily scale to provide key management at remote facilities or in cloud infrastructures.

Centralized Key Lifecycle Management

Simplifies management of encryption keys across their entire lifecycle, including secure key generation, backup/restore, clustering, deactivation and deletion. It unifies key management operations with role-based access control using existing Active Directory and LDAP credentials, and provides full audit log review.

Unified Management Console

Provides a single pane of glass for discovering and classifying sensitive data and an integrated set of Thales Data Protection Connectors to encrypt or tokenize data to reduce business risk and satisfy compliance regulations. It streamlines provisioning of connector licenses through a new self-service licensing for better visibility and control of licenses.

Developer Friendly REST APIs

Offers new REST interfaces in addition to KMIP and NAE-XML APIs, for developers to simplify deployment of applications integrated with key management capabilities and automate testing and development of administrative operations.

CipherTrust Manager Physical Appliance

Model Comparison

k470

k570

Max Keys

1,000,000

1,000,000

Max Concurrent Sessions

1000

1000

Redundant hot-swap HDs and Power

Yes

Yes

FIPS 140-2 Certification

Level 2 chassis

  • Level 2 chassis

  • Level 3 w/ built-in HSM

HSM Management

Yes

Yes

Authentication

LDAP and Active Directory

Auditing and Logging

  • Signed secure logs/syslogs

  • Automatic log rotation

  • Secured encryption and integrity checks

  • Backup and restore

  • Extensive Statistics

Network Management

  • SNMP v1, v2c and v3

  • NTP, URL health check

API's Supported

  • REST

  • KMIP 1.1

  • PKCS#11

  • JCE, .NET, MS-CAPI, MS CNG, NAE-XML

 

Hardware Specifications

k470

k570

Dimensions

19.0"(W) x 21"(D) x 1.75"(H)

Weight

12.7 Kgs. (28 lbs.)

Processor

Intel Xeon E3-1275v5

Network Interface Card (NIC) Options

4x1GB interfaces

2x1GB / 2x10GB optional NICs

NIC bonding support

Hard Drive

1 X 2TB SATA SE (spinning Disk)

Mother Board

AIC AntliaAIC Antlia

Average Power

0.7A @ 120V 84W

Maximum Power

100W

Voltage

100 – 240V 50-60 Hz

Operating Ambient Temperature

0 to 35 degree C (32 to 95 degree F)

 

CipherTrust Manager Virtual Appliance

Model Comparison

k170v

k470v

Max Keys

25,000

1,000,000

Max Concurrent Sessions

100

1000

FIPS 140-2 Certification

  • Level 1 virtual appliance
  • Level 3 with external HSM

API's Supported

  • REST

  • KMIP

  • PKCS#11

  • JCE,.NET,MSCAPI, MS CNG, NAE-XML

Authentication

LDAP and Active Directory

Auditing and Logging

  • Signed secure logs/syslogs

  • Automatic log rotation

  • Secured encryption and integrity checks

  • Backup and restore

Extensive Statistics

Network Management

  • SNMP v1, v2c and v3

  • NTP, URL health check

API's Supported

  • REST

  • KMIP 1.1

  • PKCS#11

JCE, .NET, MS-CAPI, MS CNG, NAE-XML

 

Hardware Specifications

k470

k570

System Requirements

  • HD: 100GB

  • RAM: 4-8 GB

  • NICs: 1 -2

  • CPUs: 2 or more

  • HD: 200GB or more

  • RAM: 16 GB or more

  • NICs: 2 or more

  • CPUs: 4 or more

  • Related Resources