Alliance Key Manager for VMware enables VMware customers to lower operational costs, meet compliance requirements, deploy encryption and key management completely within VMware and vCloud, and accelerate deployment of mission critical security technology through a VMware Ready solution.
Encryption and Key Management in VMware
VMware virtualization has been a game-changing technology for IT, providing efficiencies and capabilities that have previously been impossible for organizations constrained within a traditional IT data center world. Using the same FIPS 140-2 compliant technology that is in our hardware security module (HSM) and in use by over 3,000 customers, Alliance Key Manager for VMware brings a proven and mature encryption key management solution to VMware environments, with a lower total cost of ownership.
Encryption Key Management for vSphere
Alliance Key Manager enables VMware customers to use native vSphere and vSAN encryption to protect VMware images and digital assets while deploying a secure, compliant and affordable key manager. VMware customers can deploy multiple, redundant key servers as a part of the KMS Cluster configuration for maximum resilience and high availability.
Benefits of Encryption and Key Management Completely within VMware
By deploying Alliance Key Manager for VMware as a virtualized encryption key manager, enterprises are able to reduce hardware costs, lower operational costs, minimize the IT footprint, and a clear path for a future move to the cloud. The Alliance Key Manager client-side applications, software libraries, and software development kits (SDKs) fully integrate with Alliance Key Manager for key protection, and work naturally with your Windows and Linux VMware virtual machines.
Meet Compliance Requirements
For VMware users who need to meet compliance, the solution has been validated for PCI DSS in VMware by Coalfire, a PCI-qualified QSA assessor and independent IT and audit firm. Enterprises across all industry verticals, regardless of where they deploy VMware, are subject to PCI DSS compliance if they process electronic payments. For VMware customers, FIPS 140-2 compliant encryption and key management are a key defense for data security. Additionally, Alliance Key Manager for VMware can also help businesses meet other compliance regulations such as HIPAA, GLBA/FFIEC, FISMA, etc.
Encryption and Key Management in the vCloud
As enterprises adopt Public and Private clouds, they bring their sensitive data with them – customer names, email addresses and other personally identifiable information (PII). While compliance regulations require protecting this information, encrypting this data has been a challenge for organizations who want the flexibility and security of a native VMware solution. By deploying Alliance Key Manager for VMware as a vCloud instance, customers can achieve their security and efficiency goals in a cloud environment. If the cloud is in your future, Alliance Key Manager for VMware will make the migration easy.
Encryption Key Management for Edge Computing
Edge computing requires that applications and infrastructure move closer to end users to achieve performance and availability goals. For edge computing customers, this often means that application deployments move to cloud or remote on-premise facilities. With Alliance Key Manager for Edge Computing, businesses can affordably extend Alliance Key Manager to edge environments - in the cloud or on-premise.
Supported Versions of VMware
Alliance Key Manager for VMware supports VMware ESX, VMware vSphere (ESXi), and vCloud.
Deployment & Training Services Are Included
Complexity is usually the largest concern in integrating encryption key management. Townsend Security has simplified the process. When businesses choose Alliance Key Manager, they not only receive industry leading encryption key management, but free deployment and security hardening services. Townsend Security’s services team will:
Install and initialize Alliance Key Manager (AKM) virtual image
TLS certificate management, download and expiration date tracking
Redundancy implementation of mirroring
Backup configuration support
Security log forwarding via Syslog
Installation and configuration of Admin Console for key lifecycle management
Key retrieval configuration including vSphere, SQL TDE, MongoDB TDE, etc...
VMware Technology Alliance Partner
Townsend Security is a VMware Technology Alliance Partner (TAP) and Alliance Key Manager for VMware has achieved VMware Ready status. This designation indicates that after a detailed validation process Alliance Key Manager for VMware has achieved VMware's highest level of endorsement.
Plug and Play Encryption Key Management
Deploying encryption and key management in VMware environments has never been easier. The videos below show just how easy it is.
128-bit AES encryption and decryption, ECB mode
192-bit AES encryption and decryption, ECB mode
256-bit AES encryption and decryption, ECB mode
128-bit AES encryption and decryption, CBC mode
192-bit AES encryption and decryption, CBC mode
256-bit AES encryption and decryption, CBC mode
AES 128, 192, 256 bit symmetric keys
RSA 1024,2048, 3072, 4096 bit asymmetric keys
VMware vSphere (ESXi)
Citizens Security Life Insurance (CSLI)
Compliance Made Easy - Protecting Private Information with Alliance AES/400 Encryption for IBM i and Alliance Key Manager for VMware.
Using the same FIPS 140-2 compliant technology that is in Townsend Security’s (HSM), Alliance Key Manager for VMware enables enterprises to meet compliance requirements and accelerate deployment of mission critical security technology.
Alliance Key Manager for VMware - Joint Solution Brief
By deploying Alliance Key Manager for VMware as a virtualized encryption key manager, enterprises are able to reduce hardware costs, lower operational costs, minimize the IT footprint, and have a clear path for a future move to the cloud.
This paper discusses general security recommendations for the VMware environment as a whole and is based on guidance provided by standards organizations (Payment Card Industry, etc.), VMware, and independent security assessors.
Security Challenges and Considerations with VMware Encryption & Key Management
Applying security in a VMware environment introduces unique challenges. When systems are no longer dedicated and share a common physical architecture, the issues of access and encryption controls is critical.