Thales Encryption Manager for Storage (TEMS)
Move your storage encryption strategy forward with standards-based key management.
Storage managers face growing demands to protect sensitive data. In response, storage managers must decide how best to deploy and manage encryption...that easily integrates with existing storage infrastructure with the ability to grow in the future.
Networked storage elements such as disk arrays, tape drives and switches, now include encryption. When deploying systems with embedded encryption, storage managers must make sure encryption does not impact business continuity or data accessibility due to inefficient administrative procedures or unreliable key management. A systematic approach is now needed for protecting keys that can automate lifecycle management, while providing a dependable solution that spans across today’s diverse storage infrastructure.
Thales Encryption Manager for Storage is a standards-based, FIPS-designed, hardened appliance that enables organizations to confidently deploy key management across multiple types of encrypting endpoints. The appliance supports both standards-based protocols (IEEE P1619.3 draft), as well as legacy interoperability with leading vendor storage devices, to centralize encryption management with consistency. Native support for storage vendors, such as tape and disk devices from IBM, Brocade switches, and other leading vendors, provides a comprehensive system that grows with your enterprise storage needs.
Benefits
- Automate encryption key management
- Reduce the risk of security breaches
- Achieve compliance and audit goals
- Meet continuity and retention requirements
- Reduce costs of managing encryption
- Simplify deployment and management
Features
- Security-hardened, high-performance appliance - Provides tamper-resistant and designed to FIPS 140-2 level 3 specifications; optimized for large enterprise storage environments.
- IEEE P1619.3 draft key management protocol - Achieve broad interoperability across mixed storage infrastructure with extensibility for future standards-based, self-encrypting devices.
- Key backup and recovery - Ensure long-term, reliable access to data with secure backup of encryption keys to offsite and recovery data centers.
- Certified device integration - Tested and validated support from Thales and technology partners for a full range of storage encryption solutions.
- Separation of duties - Separation of administrative roles ensures that no single user has over-privileged entitlements to compromise encryption key integrity.
- Logging and reporting - Administrative and system functions are logged for quick response to formal audits and ad hoc inquiries, with the ability to integrate with SNMP for warnings to system availability or attempts to compromise the appliance.
- Secure audit facility - Tamper-resistant logging provides traceability of all actions and includes role-based access to auditing.
- Scalability to support Large Deployments - Manage keys for all of your storage systems under a unified key management strategy.
