Virtual Data Center and Cloud Security Solutions

On-premise data centers typically rely on physical, perimeter, and endpoint controls to secure data stores. In contrast, virtual data centers eliminate those traditional entrance and egress points, forcing organizations to take a new approach to security.

SafeNet delivers solutions that are tailored to the realities and risks of virtual environments—enabling security teams to control privileged user and super-admin access, guard against potential unauthorized copying, and mitigate the exposure of raw data.    

With SafeNet, you can fully exploit the cost and innovation advantages of virtualization and the cloud—while addressing the most stringent security and compliance policies.

Virtual Machine Security Products

SafeNet enables you to encrypt and secure the entire contents of your virtual machines, protecting sensitive assets from theft or exposure. SafeNet also offers hardened virtual key management appliances that enable organizations to establish a persistent, secure root of trust in highly dynamic virtual and cloud environments.


Virtual Instance and Machine Encryption

ProtectV: Encrypt and secure the entire contents of your virtual machine and leverage the benefits of virtual storage while retaining control and ensuring privacy of your data.


Securely Migrate Data Center Resources to the Cloud

The industry's first comprehensive high-availability solution for protecting data in the cloud, ProtectV enables you to unify encryption and control across virtualized and cloud environments, improving your business agility and lowering your costs by securely migrating even your most private, highly regulated data to the cloud.

Organizations can be safe in the knowledge that they retain access to and control of encryption keys at all times. In addition, ProtectV enables organizations to address the specific security and compliance requirements in cloud environments.


Securely Increase Data Center Virtualization

Security of sensitive and regulated data has been a barrier to further virtualization of the data center. This reduces the cost savings enterprises can achieve by further virtualizing their data centers and limits their business agility including the ability to leverage the cloud in the future.

Securely Move Sensitive Workloads to the Cloud

Security of sensitive data is the number one barrier to cloud migration.  Without the ability to maintain security and compliance in an environment they don’t control,  enterprises can’t leverage the dramatically lower costs made possible by moving workloads to the cloud.


ProtectV for AWS and VMware 

Whether using Amazon Web Services EC2 for easy-to-scale capacity or taking advantage of Amazon VPC to run AWS resources in a virtual network, or VMware EC2 in your virtual data center, ProtectV ensures cloud-ready security.

ProtectV encrypts entire virtual machine instances and attached storage volumes. Moreover, no virtual machine instance can be launched without proper authorization from ProtectV StartGuard pre-boot authentication. 

Cloud Platforms Supported:

  • AWS Marketplace

  • AWS EC2 and VPC

  • VMware vSphere

ProtectV supports APIs for automation and integration with virtual server provisioning systems and CLIs for scripting and bulk operations.

Minimal System Requirements:

Solution AWS VMware

ProtectV Manager:

t2.medium and larger (for production environments)/ 1 volume (auto created / 16 GB)

Ubuntu [Linux 64 bit], 2vCPUs, 4GB memory (minimum), 1 NIC (VMXNET 3), 16GB disk

ProtectV Client:

m1.small or larger instance, 256MB RAM, 100MB free disk space

256MB RAM, 100MB free disk space


ProtectV Client-Supported Platforms

ProtectV for AWS and VMware platforms support the following operating systems/platforms:

  • CentOS Linux 6.2 (64-bit)

  • CentOS Linux 6.3 (64-bit)

  • CentOS Linux 6.4 (64-bit)

  • CentOS Linux 6.5 (64-bit)

  • Microsoft Windows Server 2003 R2 (64-bit)

  • Microsoft Windows Server 2008 (64-bit)

  • Microsoft Windows Server 2008 R2 (64-bit)

  • Microsoft Windows Server 2012 (64-bit)

  • Microsoft Windows Server 2012 R2 (64-bit)

  • Red Hat Enterprise Linux (RHEL) 6.2 (64-bit)

  • Red Hat Enterprise Linux (RHEL) 6.3 (64-bit)

  • Red Hat Enterprise Linux (RHEL) 6.4 (64-bit)

  • Red Hat Enterprise Linux (RHEL) 6.5 (64-bit)

  • SUSE Linux Enterprise Server (SLES) 11.2 (64-bit)

  • SUSE Linux Enterprise Server (SLES) 11.3 (64-bit)

  • Ubuntu Linux 12.04 (64-bit)

  • Ubuntu Linux 14.04 (64-bit)


Improve Control of Data Ownership and Operational Flexibility

  • All data is encrypted, even in archives including snapshots and backups

  • All copies and snapshots of virtual machine instances are tracked 

    • Impossible to instantiate without authorized access

    • Audit trail of actions pertaining to all copies of data

    • Can revoke privilege/key/access in the event of a breach

  • StartGuard pre-boot authentication

    • Centrally define and enforce role-based authorizations for VM start with ProtectV Manager

    • Associate authorizations to administrator defined users and groups

    • Dual-phase boot loader separates bootstrapping and networking phases from OS loading

  • No need for special discovery of sensitive data

  • Separate duties between security and infrastructure administrators

ProtectV is the ONLY Comprehensive Data Protection Solution for Physical, Virtual, and Cloud

  • Comprehensive data protection and policy management for physical, virtual, and cloud infrastructure

  • Single pane of glass for controlling and monitoring your data, wherever it may reside

  • Lower costs by increasing data center virtualization and enabling cloud migration

  • Supports Windows and Linux

ProtectV Removes Regulatory Compliance as a Barrier to Virtualization and Cloud Migration

  • Migrate to virtualized and cloud infrastructure while maintaining compliance requirements across physical, virtual, and cloud infrastructure

  • Decouple compliance requirements from infrastructure requirements; maximize business agility without compromising regulatory compliance

  • Ensure notification of lawful seizure of data in shared and public environments

  • Address compliance requirements for virtual and cloud environment including PCI DSSHITECH/HIPAA and EU Data Privacy Directives

ProtectV Solution Components: 

  1. ProtectV Manager – Centralized console for managing virtual machine instances and their encryption and decryption, as well as creation and management of security admin profiles, security groups and policies.
  2. ProtectV Client – Installed on your virtual machine instances or your servers in your datacenter, the Client enforces StartGuard pre-boot authentication based on associated ProtectV Manager security policies and permissions and encrypts data as it is written to storage.
  3. KeySecure – Hardened, highly available enterprise key/crypto management solution delivered as a hardware appliance (3a) or in a virtual platform as a virtual security appliance (3b).

Virtual Key Storage and Management 

KeySecure: Hardened virtual security appliances for security and centralized management of encryption keys used for the protection of sensitive data in virtualized and cloud environments.

Additionally, Virtual KeySecure is now available on AWS Marketplace, enabling you to unify encryption and control across virtualized and cloud environments. Improve your business agility and lower your costs by securely migrating even your most sensitive and highly regulated data to the cloud.


Virtual Hardware Security Module (HSM) Root of Trust

Luna HSM Crypto Hypervisor: Delivers the security of hardware-based encryption with the scale, unified control, and agility to meet the demands of cloud and virtual infrastructure allowing for accelerated adoption of on-demand cryptographic service across data centers, virtualized infrastructures, and the cloud.
 


virtual-keysecure-icon.png

Secure Cloud Bursting
KeySecure with Crypto Pack: Encrypts your applications and information, and gives you full control of the encryption keys so your applications and services stay secure as you move from the virtual data center to the public cloud.