Legacy HSM systems are hard to use and complex to manage. Today, large enterprises often have 2-3 different HSMs, key management, and encryption solutions each solving only part of the problem at a premium price with costly maintenance and additional costs for every new application. To add to the woes, these systems do not integrate with public cloud/hybrid infrastructures, requiring customers to maintain separate solutions for on-premises applications and public cloud. Today’s already overburdened application teams, database administrators, data analysts, and security administrators don’t have time or patience to use outdated technology.
Fortanix provides an integrated FIPS 140-2 level 3 HSM and manages legacy HSMs with HSM gateway. Fortanix HSM Gateway connects to the legacy HSMs you already have and makes their keys manageable and accessible through Fortanix. Applications and databases standardize on a single source of cryptographic services, and security teams get a single pane of glass for management.
- UNIFIED DATA PROTECTION. Integrated HSM, key management, secret management and tokenization from single integrates platform.
- SECURED WITH INTEL® SGX. Secured with Intel® SGX to ensure that only authorized user has access to your keys and data.
- UNIFIED APIS AND SERVICES. Supports unified set of interfaces including REST, PKCS#11, KMIP, JCE and CNG.
- FIPS 140-2 LEVEL 3 COMPLIANT HSM. The appliance is FIPS 140-2 Level 3 HSM certified.
- SCALE OUT AND HIGHLY AVAILABLE. Scale-out with linear and consistent performance. Highly available, always-on clustered design.
- CONSOLIDATED AUDIT LOGGING. Secure, comprehensive audit logs to help meet compliance.
INTEGRATED DATA SECURITY PLATFORM
ACCELERATE CLOUD MIGRATION
SINGLE PANE OF GLASS
There is sensitive data stored in our systems, whether it is consumer data, sales data, or corporate secrets. This data has to be protected, but we had a challenge. How exactly? How do you protect the keys? In a large organization , we want to avoid the situation where teams and stakeholders that decide how to protect data and keys differently. So, we decided to provide a key management system and HSM as one of the security services for the rest of the organization.
How it Works
CONSOLIDATE AND MANAGE YOUR HSM INFRASTRUCTURE
The Fortanix HSM Gateway proxies all crypto API calls from both on-premises and cloud applications and databases to legacy on-premises HSMs through a unified set of interfaces including REST, PKCS#11, KMIP, JCE and CNG. Master key material remains in the legacy HSM, while Fortanix creates corresponding virtual keys. All keys are managed, rotated, and revoked through the Fortanix web interface or APIs. When administrators are ready to migrate from their legacy HSMs, they can migrate keys to Fortanix FX 2200 appliances (FIPS 140-2 Level 3) and/or use Fortanix DSM in public cloud.