Professional Documents
Culture Documents
File/Folder/Share Encryption
SQL Database Encryption NoSQL Database
(DAS/NAS/SAN)
ProtectApp
Application level encryption
ProtectApp ProtectFile
Tokenization Application level encryption Transparent file encryption at the
Application level tokenization file-system level
ProtectDB Tokenization
Transparent column level encryption Application level tokenization ProtectApp
Multi-purpose APIs to perform
data encryption, including file
ProtectFile encryption at the application level
Transparent database file encryption ProtectFile
Transparent database file encryption
TDE
Transparent data encryption
Encrypt application data and keep it secure across its SUPPORTED PLATFORMS
entire lifecycle – no matter where it is transferred, backed Web Application Servers
up, or copied Apache Tomcat
Rich application encryption and flexible key management IBM WebSphere
IBM AS/400
interfaces Jboss
Broad standard and interface support, including web Microsoft IIS
Oracle WebLogic
services SAP NetWeaver
Easy deployment and management, including built-in key Sun ONE
And more…
rotation and data re-keying
Built-in health checking and multi-tier load balancing Cloud/Virtual Infrastructures
Secure authentication, granular authorization, and All public cloud and virtual
environments, including Amazon
detailed logging and auditing Web Services, Microsoft Azure, and
Large and growing ecosystem VMware
Development Libraries/APIs
Integrates with SafeNet KeySecure to provide: Java, C/C++, .NET
Centralized administration of application encryption XML open interface, KMIP standard
Web services, including SOAP
policy and keys and REST
Ability to offload cryptographic processing to KeySecure
for improved performance Certificates
X509, PKCS1, PKCS8, PKCS12
Export, Import, Monitor
4
Application Level Encryption
SafeNet
ProtectApp
SafeNet
KeySecure
5
SafeNet ProtectApp: Common Use Cases
6
Deployment Options
SafeNet ProtectDB
COLUMN-LEVEL DATABASE ENCRYPTION
On-premises Cloud/Virtual
7
Transparent Database Encryption
SafeNet
ProtectDB
SafeNet
KeySecure
8
SafeNet ProtectDB: Common Use Cases
9
Deployment Options
SafeNet ProtectFile
FILE AND FOLDER ENCRYPTION
On-premises Cloud/Virtual
SUPPORTED PLATFORMS
Transparent, comprehensive encryption for file shares
and network drives (DAS, NAS and SAN) Operating Systems
Microsoft Windows
Granular access controls to ensure only authorized Linux: Oracle, Red Hat Enterprise
users or processes can view protected data Linux, SUSE, Ubuntu, AIX, Centos
10
File System-level Encryption
File Server
Applications (On premises/Virtual/Cloud)
SafeNet
ProtectFile
SafeNet
KeySecure
11
SafeNet ProtectFile: Common Use Cases
12
Deployment Options
SafeNet Tokenization
APPLICATION-LEVEL TOKENIZATION
On-premises Cloud/Virtual
APIs
Integrates with SafeNet KeySecure to provide: Java
.NET
Single, centralized interface for logging, auditing, Web Services (SOAP, REST/JSON)
and reporting access to protected data, keys, and tokens
13
Token Handling
Token generation: Plaintext (sensitive information) is sent by application with request for tokenization
Token Managers
Keyed hash is
generated using
hash key on KS
If hash exists:
Corresponding token is returned.
KeySecure
Lookup on hash
If no hash exists: is performed
Token is generated Token Vault
Value is encrypted
Token, cipher text, and hash
are written to the token vault Protected Zone
AES 256
Versioned key
De-tokenization: Token is sent by application with request for plaintext value (Get Token)
Token is looked up
Corresponding ciphertext is decrypted and sent back to the application
14
SafeNet Tokenization: Common Use Cases
15
SafeNet ProtectV Deployment Options
16
SafeNet ProtectV Virtual Machine Encryption
SafeNet SafeNet SafeNet
KeySecure ProtectV Manager ProtectV Client
On-premises or Virtual Virtual Virtual
Protected
Volumes
TLS* TLS
Secure
Channel
Protected Volumes
Hypervisor
17
ProtectV: Common Use Cases
18
SafeNet KeySecure & Encryption Connector Portfolio
• IBM DB2
• Oracle
• Microsoft SQL Server
• Linux
• Samba
• IBM • Windows Server
• SAP • Novell
• BEA • Apache Hadoop • Multiple programming
• Apache • Cassandra languages
• Sun • mongoDB • SOAP and REST interfaces
• IBM • Oracle • Microsoft SharePoint • OPEN XML interface
• • • Amazon EC2 & S3 • Amazon Web • KMIP interface
BEA • IBM DB2 Java
• Sun • Oracle • Jboss • Chef Services • Tape Libraries
• • • Docker • Microsoft Azure • Storage
Apache • Microsoft Cassandra
• Oracle • VMware • Cloud gateways
SQL Server SafeNet
• Java SafeNet • IBM SoftLayer • Databases
ProtectFile • Applications
• Jboss SafeNet Tokenization SafeNet
SafeNet ProtectDB ProtectV
ProtectApp Ecosystem