Alliance Key Manager for MongoDB offers unparalleled security, flexibility and affordability for all users of MongoDB Enterprise database. With no client-side software to install, you can deploy Alliance Key Manager anywhere you want - your IT data center, VMware deployment, and in the cloud.
MongoDB Enterprise Encryption and Key Management
MongoDB Enterprise eliminates the overhead of file and folder-based encryption solutions by providing encryption support directly in the database engine. For encryption key management MongoDB recommends the use of an external encryption key management solution like Alliance Key Manager for MongoDB.
MongoDB customers can deploy Alliance Key Manager and install the PKI certificates on the database server to easily begin retrieving encryption keys. Using native command line operations, users can generate a master encryption key and encrypt database keys with Alliance Key Manager for MongoDB.
Never Lose Access to Encrypted Data
Alliance Key Manager mirrors keys between multiple load-balanced key management appliances over a secure and mutually authenticated TLS connection for hot backup and disaster recovery support.
Complete Audit Trail
Built in logging allows administrators to track all key retrieval, key management, and system activity. Reports can be sent automatically to central log management, alerting facilities, or SIEM products for a timely and permanent record of activity.
Meet Compliance Requirements
By easily deploying encryption and key management, MongoDB customers can meet a wide variety of compliance regulations including PCI DSS, HIPAA, FISMA, EU General Data Protection Regulation, and many others.
In addition to providing keys for MongoDB, Alliance Key Manager can also provide support for any number of databases (SQL Server, MySQL, etc.) without additional license fees. This provides businesses with a predictable total cost of ownership.
The Platform You Are On
MongoDB customers can deploy Alliance Key Manager as a hardware security module (HSM), VMware virtual machine, or in the cloud as a native Amazon Web Services (AWS) EC2 instance or Microsoft Azure virtual machine. Alliance Key Manager supports seamless migration and hybrid implementations.
Supports IBM Power Linux and Intel Architectures
The MongoDB encryption support is built directly into the MongoDB database which means that customers do not need to deploy third party encryption solutions to protect data. Encryption key management is implemented through a native MongoDB interface that uses the Key Management Interoperability Protocol (KMIP) for key management. With a few commands MongoDB customers on both Power and Intel architectures can deploy proper key management using Alliance Key Manager. Since there are not license fees for the client-side implementation MongoDB customers can deploy one key server implementation to serve multiple databases without escalating costs for compliance.
Certifications and Validations
NIST AES compliance (ECB and CBC modes of encryption)
NIST SHA validation
NIST RNG validation (x9.31)
NIST HMAC validation
NIST FIPS 140-2, level 1
TLS authenticated secure communications
GUI console for key management
Secure web application for server management
Automatic log rotation
Secure encrypted and integrity checked backups
The Seed Company Case Study
Securing data in MongoDB Enterprise with Alliance Key Manager.
Alliance Key Manager for MongoDB Joint Solution Brief
MongoDB Enterprise simplifies data protection by providing native FIPS compliant encryption of data at rest. Coupled with Townsend Security’s flagship encryption key management solution, Alliance Key Manager, meeting compliance (PCI DSS, HIPAA, etc.) and security standards is even easier and more affordable for large as well as small organizations.