Contact Us

Virtual KeySecure: A Virtual Security Appliance for Encryption Keys

SafeNet Virtual KeySecure - Key Management Icon

SafeNet Virtual KeySecure centralizes cryptographic processing, security policy and key management – all in a FIPS-validated hardened virtual security appliance. It’s an operational and expense-friendly alternative to using a hardware appliance, providing scalable key management and secure encryption at remote facilities or cloud infrastructures such as VMware or AWS Marketplace.

Coming Soon! The SafeNet Virtual KeySecure k170v model provides additional hosting options, and can run as a native virtual machine on VMware, AWS, Microsoft Azure, Oracle VM Virtual Box and OpenStack with more public/private clouds coming soon.

Gemalto delivers encryption for application, database, file, and workload data in a single high-availability solution. SafeNet Virtual KeySecure’s proven cryptographic performance means critical encryption tasks can be offloaded to a dedicated encryption appliance, ensuring data protection efforts do not impede critical IT operations. 

Additionally, SafeNet Virtual KeySecure ensures that organizations maintain ownership of their encryption keys at all times by hardening the appliance OS and encrypting the entire virtual appliance.

Virtual KeySecure Ecosystem Diagram

 

SafeNet Virtual KeySecure - Key Management Use Cases


SafeNet Virtual KeySecure provides application data protection and centralized key management for Gemalto and third-party encryption products across stored and archived data, virtual workloads, and applications.

  • Virtual Workloads: SafeNet Virtual KeySecure centrally manages keys for complete encryption of virtual instances deployed on AWS Marketplace and VMware when deployed with SafeNet ProtectV solution.
  • Backup Media: SafeNet Virtual KeySecure supports industry leading tape libraries, scalable backup, and cloud archive solutions.
  • Storage: SafeNet Virtual KeySecure supports leading storage platforms and cloud storage services like AWS, DropBox and Google.
  • Applications: SafeNet Virtual KeySecure supports applications level encryption via  SafeNet ProtectApp solution and integrations from cloud application partners.

See our growing catalog of interoperability partners.

 
Request a Quote

SafeNet Virtual KeySecure Specifications

Jump to:


SafeNet Virtual KeySecure k170v:

Feature

Details

Max keys

25,000

Max concurrent clients

100

Hardware Security Module (HSM) Integration*

Yes

Supports SafeNet Data Protection Connectors**

SafeNet ProtectApp, SafeNet ProtectV
 
 

SafeNet Virtual KeySecure k150v:

Feature

Details

Max keys

25,000

Max concurrent clients

100

Hardware Security Module (HSM) Integration*

Yes

Supports SafeNet Data Protection Connectors**

SafeNet ProtectApp, SafeNet ProtectDB,SafeNet ProtectFile, SafeNet Tokenization and SafeNet ProtectV
 
 

SafeNet Virtual KeySecure k450v:

Feature

Details

Max keys

1,000,000

Max concurrent clients

1,000

Hardware Security Module (HSM) Integration*

Yes

Supports SafeNet Data Protection Connectors**

SafeNet ProtectApp, SafeNet ProtectDB,SafeNet ProtectFile, SafeNet Tokenization and SafeNet ProtectV
 
 

Third-Party Integrations:

Feature

Details

Gemalto Third-Party Integration Support

See our growing catalog of interoperability partners 

*SafeNet Virtual KeySecure will integrate with both SafeNet Network HSM and Amazon CloudHSM
**Remote encryption within the SafeNet Virtual KeySecure k150v and k450v appliance using the connectors (SafeNet ProtectApp, SafeNet ProtectDB, and SafeNet Tokenization) requires the purchase of SafeNet Crytpo Pack. Local encryption, SafeNet ProtectV and SafeNet ProtectFile do not require SafeNet Crypto Pack feature activation


 

Supported Technologies

Feature

Details

API Support (k150v, k450v)

KMIP 1.1, JCE, MS-CAPI, ICAPI, and.NET (not officially supported, but can be used: PKCS #11)

API Support (k170v)

REST, KMIP 1.0, JCE, MS-CAPI, ICAPI, and.NET (not officially supported, but can be used: PKCS #11)

Network Management (k150v, k450v)

NTP, URL health check, signed secure logs & syslog, automatic log rotation, secured encryption and integrity checked backups and upgrades, extensive statistics

Network Management (k170v)

Secure audit logs, Secured and integrity checked backups, In place upgrades

Authentication

LDAP and Active Directory

Management Interfaces

SafeNet KeySecure Management Console: Graphical user interface (GUI) available via web browser that is capable of symmetric/asymmetric key , certificate , appliance, and user management.

Command Line Interface (CLI): Command line interface (CLI) available over SSH or directly through the serial console port

Auditing and Logging

Cryptographically signed tracking of granular events. Configurable audit trail with local and remote (syslog) logging.

Supported Algorithms

SafeNet Virtual KeySecure k150v and k450v models support the following public algorithms:

  • AES
  • ARIA
  • DES
  • DESede
  • HMAC-SHA1
  • HMAC-SHA256
  • HMAC-SHA384
  • HMAC-SHA512
  • RC4
  • RSA
  • SEED

SafeNet Virtual KeySecure k170v model supports the following public algorithms:

  • AES
  • TDES
  • RSA
  • HMAC-SHA1
  • HMAC-SHA256
  • HMAC-SHA384
  • HMAC-SHA512

Operating System

Highly customized, hardened OS

 
 
Request a Quote

Highlighted Key Management Features:

KeySecure Cloud Key Management
  • The SafeNet Virtual KeySecure k150v and k450v models can be hosted anywhere: on a virtual machine such as VMware or rented from a service such as AWS Marketplace.

  • The new generation SafeNet Virtual KeySecure k170v model provides users with additional hosting options, and can run as a native virtual machine on VMware, AWS, Microsoft Azure, Oracle VM Virtual Box and OpenStack with more public/private clouds coming soon.

  • Subscription-based offerings are better suited for operating expenditure (op-ex) models, versus capital expenditure models (standard hardware purchases) that require upfront payment.

  • Flexible deployment options can easily scale to provide key management at remote facilities or in cloud infrastructures.

  • Compatibility with the OASIS Key Management Interoperability Protocol (KMIP) standard provides support for a large and growing list of encryption products.

  • Key security policies can be consolidated across multiple, disparate encryption systems, protecting current investments.

  • Centralized, efficient auditing of key management offers simplified compliance for cloud environments and decreases the amount of time spent on compliance mandates.

  • SafeNet Virtual KeySecure’s hardened virtual appliance mitigates security risks typically associated with software-based implementations.

  • Bring Your Own License (BYOL) for AWS Market place enables the purchase of Connector licenses direct from Gemalto (available for the k150v model).
 
Request a Quote
Back to Top

Contact Us

Thank you for your interest in our products. Please fill out and submit the form to receive more information about Gemalto or to be contacted by a Gemalto specialist.

Your Information

* Email Address:  
* First Name:  
* Last Name:  
* Company Name:  
* Phone:  
* Country:  
* State (US Only):  
* Province (Canada/Australia Only):  
Comments:  
 


By submitting this form I agree to receive information from Gemalto and its affiliates as described in our Privacy statement.