This article can also be found in the Premium Editorial Download "Storage magazine: What you need to know about data storage provisioning."
Download it now to read this article plus other related content.
NeoScale CryptoStor KeyVault
The NeoScale Systems CryptoStor KeyVault is a secure, automated and open enterprise-class appliance for storage encryption-key management. It offers the features required by FIPS 140-2 Level 3 such as tamper-proof seals and two-part authentication, and provides open APIs to allow for third-party vendor integration. Multiple redundant KeyVaults allow for scalability, fault tolerance, key protection and support for up to 200 million keys per appliance.
CryptoStor KeyVault provides hardware and software random-number generators to ensure keys are truly random, and provides for secure long-term archiving of keys. Encrypted data and keys can be recovered at any site, using either a distributed local appliance or a software-only product.
The system provides for role-based security and authentication, and up to AES-256 levels of encryption. All communications between the appliance and the key consumer (the system using the key) are encrypted and never move as cleartext. Audit logs are cryptographically signed to ensure they haven't been tampered with, and can be exported as encrypted and signed files for forensic purposes.
Appliances can be deployed in a distributed, clustered environment, which allows for automatic key replication among multiple appliances. To maintain the highest security level, keys aren't accessed until they're actually needed. In addition to key management, KeyVault can manage the enforcement of data
This was first published in October 2006