D.AMO KMS

Systematic and secure key management

Encryption begins and ends with secure key management.

From key generation to destruction and revocation, there are numerous opportunities for key mishandling that lead to data loss or leakage. Businesses need to manage keys across several DBMS platforms, endpoints, and environments efficiently while maintaining security against internal and external threats.

D.AMO Key Management System (KMS) streamlines key life cycle management for all types of enterprise and IoT encryption solutions, providing comprehensive capabilities for meeting compliance requirements with ease.

Benefits

D.AMO KMS is designed to manage the entire key life cycle with advanced safeguards for data loss prevention.

  • Meet PCI-DSS requirements by storing and managing encryption keys in separate appliance
  • Distribute keys securely through encrypted network channel
  • Partition access to encrypted data with dual access control
  • Fulfill auditing requirements with centralized logs and system monitoring
  • Convenient key policy setting on intuitive GUI

Features

Robust access control and administrator authentication

· PKI-based authentication for the security administrator
· Supports dual access control to encrypted data, through separation of authority between the security administrator and DBA

Supports a variety of keys, algorithms and environments

· Handles all key types, including external keys, symmetric/asymmetric keys, certificates, etc.
· Supports standard domestic/international encryption algorithms (RSA, 3DES, AES, SEED, ARIA, SHA, etc.)
· Supports a variety of DBMS’s (Oracle, Altibase, MSSQL, DB2, MariaDB, PostgreSQL, etc.)
· Supports a variety of application development environments (C, Java, etc.)
· Allows secure synchronization when linking data between DBMSs of different devices, even if the data encryption keys are different
· Allows integration into pre-existing encryption management systems with installation of D.AMO SCP Agent

Convenient Management

· Provides a straightforward GUI and CLI to centrally manage large number of keys
· Policy setting and viewing of log/system status possible through console

Network traffic dispersion and sectional encryption

· Supports traffic dispersion by applying network channel bonding
· Provides protection against dangers such as network sniffing, through sectional encryption

Advanced Security Enhancements

· Supports PKCS#11, Key Management Interoperability Protocol (KMIP)
· Supports enhancements for HSM (FIPS 140-2, EAL 4+) and Quantum RNG

Components

D.AMO KMS Agent

  • Communicates with D.AMO KMS and performs event processing, as a part of the application server and DB server

D.AMO KMS Appliance

  • Key and policy management for encryption/decryption
  • Authority control through administrator authentication

D.AMO KMS Console

  • GUI management tool
  • Two-level division of functions, depending on administrator roles
  • Displays system status
  • Allows monitoring of key policies and audit logs

Specifications

MODEL SG-KMS 700 SG-KMS 1400 SG-KMS 2400 SG-KMS 4000
Type 1U 2U 2U 2U
SSD 256 GB 256 GB 256 GB
HDD 1 TB 1 TB 1 TB 2 TB
Memory 8 GB 16 GB 24 GB 32 GB

Want to learn more?

See how we can help your business.
Contact Us