Thales Key Management
ViON presents the Thales keyAuthority, an encryption management appliance, pre-integrated with leading storage partner devices to simplify user adoption and accelerate time to value. The Thales keyAuthority product is a turnkey solution that does not require sizing and integration with generic COTS hardware, is more predictable and shortens the interoperability integration with customer environments. Thales keyAuthority ensures data is recoverable by securing keys in a tamper-evident and resistant custom appliance. This helps prevent the significant consequences of data loss and breaches with a market-proven solution, while supporting auditing and compliance.
As a first to market solution, the Thales keyAuthority product already supports draft standards for mixed storage environment interoperability. Thales keyAuthority is unique due to the fact that it is storage vendor neutral and supports storage environments that implement IBM’s Tivoli Key Lifecycle Manager (TKLM) and the Brocade Encryption Switch (BES) within the same platform. Thales keyAuthority reduces the costs associated with manual operation and redundant expertise by unifying key management across mixed storage.
The Thales keyAuthority solution is FIPS-ready with certification underway for 140-2 Level 3.
ViON presents the Thales Datacryptor, a set of hardware-based stand-alone encryption modules that enforce data security in the enterprise. They provide protection of data confidentiality and integrity with the strongest commercially available encryption, while fitting into an existing network infrastructure (bump-in-the-wire) with easy to use automatic keying.
Thales' Datacryptor Ethernet protects data in transit and can save an organization up to 60% in bandwidth utilization and resulting data transport costs. Thales achieves this by encrypting data in a manner that yields minimum overhead and frame expansion, enabling customers to use more cost effective data transport backbones in a secure manner. The Datacryptor solution therefore allows maximum network speed and performance.
Type 1 Encryption - The Datacryptor has been deployed in several Intelligence agencies to re-encrypt Type 1 encrypted streams. In bulk encryption mode, the Datacryptor has the ability to secure the entire Ethernet frame and not just the payload, which allows the entire stream to be hidden, including the source and destination addresses. Intelligence agencies are encrypting the data with a Type 1 encryptor, but before it leaves the premises, they re-encrypt the link with a Thales Datacryptor to provide additional security.
MPLS – Due to the significant cost savings of MPLS, customers are quickly moving to deploy this network architecture. The Thales Datacryptor can be deployed in a MPLS network to secure critical links. The MPLS capability allows the connection of multiple sites, but with the performance of a Layer 2 encryptor.
Layer 2 – The Thales Datacryptor encrypts at Layer 2; therefore, reducing the latency and increasing overall network performance. Typical Layer 3 security devices increase the packet size by 32-40 bytes and can degrade a network link by up to 30% based on packet sizes. The Thales Datacryptor allows the customer to obtain maximum bandwidth on the link, thus reducing the overall network operating costs.
With the ability to protect sensitive data, the Datacryptor allows customers to help avoid the possible devastating costs and embarrassments of data breaches. By protecting data where it is most vulnerable (in transit), Thales also provides a mechanism for complying with and, in certain cases, limiting the scope of growing government and industry data security regulations. The Datacryptor enables customers to be in full control of data security regardless of connection service provider and to enforce separation of network administration and security management.
To learn more about the Thales keyAuthority and Datacryptor products, to include a presentation and/or demonstration, please submit a request.
The following files are presented in pdf format. You will need the free Adobe Acrobat Reader to view them.