D.AMO KMS
Systematic and secure key management
Encryption begins and ends with secure key management.
From key generation to destruction and revocation, there are numerous opportunities for key mishandling that lead to data loss or leakage. Businesses need to manage keys across several DBMS platforms, endpoints, and environments efficiently while maintaining security against internal and external threats.
D.AMO Key Management System (KMS) streamlines key life cycle management for all types of enterprise and IoT encryption solutions, providing comprehensive capabilities for meeting compliance requirements with ease.
Benefits
D.AMO KMS is designed to manage the entire key life cycle with advanced safeguards for data loss prevention.
- Meet PCI-DSS requirements by storing and managing encryption keys in separate appliance
- Distribute keys securely through encrypted network channel
- Partition access to encrypted data with dual access control
- Fulfill auditing requirements with centralized logs and system monitoring
- Convenient key policy setting on intuitive GUI
Features
Robust access control and administrator authentication
· PKI-based authentication for the security administrator
· Supports dual access control to encrypted data, through separation of authority between the security administrator and DBA
Supports a variety of keys, algorithms and environments
· Handles all key types, including external keys, symmetric/asymmetric keys, certificates, etc.
· Supports standard domestic/international encryption algorithms (RSA, 3DES, AES, SEED, ARIA, SHA, etc.)
· Supports a variety of DBMS’s (Oracle, Altibase, MSSQL, DB2, MariaDB, PostgreSQL, etc.)
· Supports a variety of application development environments (C, Java, etc.)
· Allows secure synchronization when linking data between DBMSs of different devices, even if the data encryption keys are different
· Allows integration into pre-existing encryption management systems with installation of D.AMO SCP Agent
Convenient Management
· Provides a straightforward GUI and CLI to centrally manage large number of keys
· Policy setting and viewing of log/system status possible through console
Network traffic dispersion and sectional encryption
· Supports traffic dispersion by applying network channel bonding
· Provides protection against dangers such as network sniffing, through sectional encryption
Advanced Security Enhancements
· Supports PKCS#11, Key Management Interoperability Protocol (KMIP)
· Supports enhancements for HSM (FIPS 140-2, EAL 4+) and Quantum RNG
Components
D.AMO KMS Agent
- Communicates with D.AMO KMS and performs event processing, as a part of the application server and DB server
D.AMO KMS Appliance
- Key and policy management for encryption/decryption
- Authority control through administrator authentication
D.AMO KMS Console
- GUI management tool
- Two-level division of functions, depending on administrator roles
- Displays system status
- Allows monitoring of key policies and audit logs
Specifications
MODEL | SG-KMS 700 | SG-KMS 1400 | SG-KMS 2400 | SG-KMS 4000 |
---|---|---|---|---|
Type | 1U | 2U | 2U | 2U |
SSD | – | 256 GB | 256 GB | 256 GB |
HDD | 1 TB | 1 TB | 1 TB | 2 TB |
Memory | 8 GB | 16 GB | 24 GB | 32 GB |