The most interoperable and integrated Key Manager in the Market
- Scalable to thousands of nodes and millions of keys
- Competitive APIs
- Highest Level of Security on the Hardware Level
Delivery Time:
Key Benefits
Details
Utimaco's Enterprise Secure Key Manager (ESKM) enables your individual key management strategy by providing a single pane of glass for all cryptographic keys, whether on-premises or in the cloud.
Based on its crypto-agility it is also capable of secure and central management of keys created with post quantum cryptography algorithms recommended by NIST and BSI, such as CRYSTALS-KYBER, CRYSTALS-Dilithium, XMSS, XMSS-MT, LMS, and HSS.
Due to its broad integration capabilities ESKM is acknowledged as trusted solution for a variety of technology partner integrations with companies around the globe, such as Dell, HPE or NetApp.
Centralized Key Management for Complete Security of Your Digital Infrastructure
Based on its unique capabilities ESKM enables you to handle all your encryption keys centrally, securely and efficiently, independent if they are utilized on-premises, or in any cloud setup (Private Cloud, Public Cloud, or any other cloud deployment model, such as Hybrid- or Multi-Cloud).
Multi-Vendor Capability – In the Cloud and On-Premises
ESKM integrates with all major Cloud Service Providers to ensure key security throughout organizations’ multi-cloud and hybrid strategies while enabling them to keep sovereignty of their keys throughout their entire lifecycle.
Due to its flexible approach ESKM is capable of securing and managing keys from various vendors of on-premises solutions.
Hence, ESKM is providing you with the single solution for full transparency on all your keys.
Enterprise Secure Key Manager: Central Access - Central Management – Central Control
Discover the Gold Standard for complete cloud security throughout all deployment models!
The Single Pane of Glass for all your keys
With ESKM you are not limited to the management of your cloud keys but can manage and control your on-premises keys as well. All through a centralized access point and one single pane of glass.
ESKM provides you with a reliable audit trail, providing you transparency on who accessed what data at what point of time. With that ESKM is ensuring you being compliant with security policies and regulatory requirements such as GDPR, HIPAA, and PCI DSS.
*: for ESKM L3 and ESKM L4 (physical)
** FIPS 140-3 Level 2 appliance (pending), FIPS 140-2 L3 and L4 (embedded HSM)
Scalable to thousands of nodes, and millions of keys
Unprecedented Capacity for more than 2 million keys, more than 25,000 clients, and thousands of ESKM nodes per distributed cluster.
Competitive Application Programming Interfaces (APIs)
- OASIS KMIP (Key Management Interoperability Protocol)
- RESTful interface API
- KMS
Highest Level of Security on the Hardware Level
- Security hardened Linux-based server appliance with encrypted redundant storage
- FIPS-compliant architecture*
- Certificate-based authentication
- Built-in CA
- Embedded Utimaco GP HSM for highest local key protection**
- Integration with CC and VS-NfD certified Utimaco GP HSM for key protection compliant to specific compliance requirements***
Cloud and on-prem workloads
Offers organizations of all sizes a superior solution for key storage and management capabilities, delivering high security and compliance; whether on premises or in the cloud.
Simplified Key Lifecycle Management
Enables unified enterprise key management with reliable policy controls, centralized administration, and comprehensive audit trails.
Secure Audit Logging
Complete with digitally signed logs and key lifecycle activities
- Reducing audit costs
- Enhancing visibility
- Accelerating operational efficiency
Supported Cryptographic Algorithms
- Such as AES, 3-Key Triple DES, HMAC, RSA, and ECDSA key types
- Secure administrator remote access through TLS
- On-demand backups with SSH key authentication
Custom Integrations
- Simplified RESTful API interface for key CRUD (Create, Read, Update, Delete) operations and crypto
- Supports open client libraries such as KMIP, OpenKMIP and PyKMIP
- Conforms with KMIP 1.0 through 2.1 specifications
- Implements auto-registration with native XML-based KMS protocol
- NIC Teaming Support
Pre-Installed Software
- Comprehensive monitoring, recovery, scheduled backups, log rotations, and restore functionality
- Web browser GUI and Command Line Interface supported
- SNMP alerts and SIEM log monitoring
- TLS and on-demand backups with SSH key authentication, for secure administrator remote access
* FIPS 140-3 Level 2 appliance (certification pending), FIPS 140-2 L3 and L4 (embedded HSM)
** for ESKM L3 and ESKM L4 (physical)
*** for vESKM
ESKM Migration
Your migration path from ESKM v.5 to v.8 made easy
With the ESKM v8 Hardware Appliance we provide you with all features and benefits to fully support your cryptographic key management use cases while providing the highest security and capacity.
Are your ready to migrate to ESKM v.8?
Download the Migration Guide
Reach out to us for further information and direct orders