Hardware Security Module
Problem
Legacy HSM systems are hard to use and complex to manage. Today, large enterprises often have 2-3 different HSMs, key management, and encryption solutions each solving only part of the problem at a premium price with costly maintenance and additional costs for every new application. To add to the woes, these systems do not integrate with public cloud/hybrid infrastructures, requiring customers to maintain separate solutions for on-premises applications and public cloud. Today’s already overburdened application teams, database administrators, data analysts, and security administrators don’t have time or patience to use outdated technology
Solution Overview
Fortanix provides an integrated FIPS 140-2 level 3 HSM and manages legacy HSMs with HSM gateway. Fortanix HSM Gateway connects to the legacy HSMs you already have and makes their keys manageable and accessible through Fortanix. Applications and databases standardize on a single source of cryptographic services, and security teams get a single pane of glass for management.
How it Works
CONSOLIDATE AND MANAGE YOUR HSM INFRASTRUCTURE
The Fortanix HSM Gateway proxies all crypto API calls from both on-premises and cloud applications and databases to legacy on-premises HSMs through a unified set of interfaces including REST, PKCS#11, KMIP, JCE and CNG. Master key material remains in the legacy HSM, while Fortanix creates corresponding virtual keys. All keys are managed, rotated, and revoked through the Fortanix web interface or APIs. When administrators are ready to migrate from their legacy HSMs, they can migrate keys to Fortanix FX 2200 appliances (FIPS 140-2 Level 3) and/or use Fortanix Data Security Manager in public cloud.
Benefits of the solution
Integrated Data Security Platform
Fortanix provides a Data Security as a Service (DSaaS) platform with integrated hardware security module (HSM), key management, encryption, shared secrets, and tokenization capabilities.
Accelerate Cloud Migration
Fortanix HSM Gateway provides a consistent set of unified APIs and services across all your on-prem, hybrid and cloud applications, keys stay secure in the existing HSM, while applications and databases (on-premises or in the cloud) get a single source of cryptographic services.
Single Pane of Glass
Fortanix provides a “single pane of glass” modern, multitenant, and intuitive user interfaces for simplified administration and increased control, including extensive logging and auditing across your entire infrastructure.
Reduce Cost
Reduce the cost and complexity of the HSM infrastructure by consolidating all HSMs into a single cost-effective solution. Over time customers can migrate keys and replace HSM hardware with a modern scalable solution.
Solution Highlights
Unified Data Protection
Integrated HSM, key management, secret management and tokenization from single integrates platform.
Secured With Intel® Sgx
Secured with Intel® SGX to ensure that only authorized user has access to your keys and data
Unified APIs and Services
Supports unified set of interfaces including REST, PKCS#11, KMIP, JCE and CNG.
Uniform and centralized policy management
With Fortanix, organizations get consistent policy management and enforcement across clouds, and geographic regions from a central interface.
FIPS 140-2 LEVEL 3 COMPLIANT HSM
The appliance is FIPS 140-2 Level 3 HSM certified.
Scale Out and Highly Available
Scale-out with linear and consistent performance. Highly available, always-on clustered design.
Consolidated Audit Logging
Secure, comprehensive audit logs to help meet compliance.
