In addition to secure key policy and management, SafeNet KeySecure and Virtual KeySecure together with the Crypto Operations Upgrade Pack (Crypto Pack) encrypts structured or unstructured sensitive data, and provides access to leading key management interoperability protocol (KMIP) supporting appliances – all in one centralized platform. KeySecure with Crypto Pack is available as a FIPS-validated hardware or hardened virtual security appliance for cloud infrastructures.

Organizations can lower costs and scale key management that is quickly deployed for high-availability across physical, virtualized infrastructure, and service provider environments. Integrate KeySecure with a hardware root of trust using SafeNet Luna Hardware Security Modules employed on-premise or via the Amazon CloudHSM service to meet the most stringent security and compliance requirements.

Only SafeNet delivers centralized key management and storage, layered encryption for applications, databases, files and workload data in a single high-availability solution. KeySecure's proven cryptographic performance means critical encryption tasks can be offloaded to a dedicated appliance, ensuring data protection efforts do not impede critical IT operations. 

KeySecure/Virtual KeySecure with Crypto Pack Use Cases:


KeySecure/Virtual KeySecure with Crypto Pack + ProtectApp — Application-Level Encryption

  • Centralizes administration of application encryption policy and keys
  • Protects sensitive applications in a multi-vendor infrastructure in the data center and the cloud
  • Ensures integrity and authenticity of data through digital signing and verification
  • Only authorized users can access application data

KeySecure/Virtual KeySecure with Crypto Pack + ProtectDB — Transparent Database Encryption

  • Application-transparent, column-level database encryption across multi-vendor database management systems in the datacenter and in the cloud
  • Centralized policy control of data access with granular restriction options and regular key rotation
  • Segregate data within a database and meet compliance mandates

KeySecure/Virtual KeySecure with Crypto Pack + ProtectFile — File-Level Encryption

  • Centralized key and policy management to meet compliance mandates
  • Performs transparent encryption of server data at rest without disruption to business operations or application performance
  • Granular access controls so unauthorized users and processes cannot access the encrypted data
  • Can be deployed on network shares, file servers, web servers, application servers, database servers, or other machines running Linux compatible software

KeySecure/Virtual KeySecure with Crypto Pack + Tokenization Manager — Tokenization for Sensitive Data

  • Tokenization replaces sensitive data (credit cards, social security numbers, etc.) with a surrogate value - a token. The sensitive data is encrypted and stored in a safe repository while the token is processed throughout the organization
  • Single, centralized interface for logging, auditing, and reporting access to protected data, keys, and tokens
  • Systems with tokens are taken out of the scope of compliance audits, such as PCI DSS
  • Format-preserving, transparent data protection for a wide variety of data types

KeySecure/Virtual KeySecure with Crypto Pack + ProtectV — Virtual Machine-Level Workload Encryption

  • Complete encryption of virtual machine instances and storage volumes. No unencrypted data is written to disk
  • Support AWS Marketplace and VMware environments
  • Pre-boot authentication ensures only authorized users can access information
  • Granular access controls so unauthorized users and processes cannot access the encrypted data, meeting compliance mandates

KeySecure with Crypto Pack + StorageSecure — Storage-Level Encryption

  • Encrypt information based on defined business policies in an all-inclusive, secure hardware storage encryption device
  • Protect shares, folders and files on any Network Attached Storage (NAS) filers
  • Secure, geographically distributed, centralized key management

Broad Ecosystem of Supported Partners

  • Supports the same broad ecosystem of interoperability partners available for SafeNet KeySecure using the OASIS KMIP standard.
  • See our growing catalog of interoperability partners.