eskm stage safe door
The most interoperable and integrated Key Manager in the Market

Enterprise Secure Key Manager

The most interoperable and integrated Key Manager in the Market

  • Scalable to thousands of nodes and millions of keys 
  • Competitive APIs
  • Highest Level of Security on the Hardware Level 

Delivery Time:

About 2-4 weeks
Key Benefits

Key Benefits

Icon

Cloud and on-prem workloads

Offers organizations of all sizes a superior solution for key storage and management capabilities, delivering high security and compliance; whether on premises or in the cloud.

Icon

Scalable to thousands of nodes, and millions of keys

Unprecedented Capacity for more than 2 million keys, more than 25,000 clients, and thousands of ESKM nodes per distributed cluster.

Icon

Competitive Application Programming Interfaces (APIs)

OASIS KMIP (Key Management Interoperability Protocol) · RESTful interface API · KMS 

Icon

Highest Level of Security on the Hardware Level

Security hardened appliance with embedded Utimaco GP HSM for highest local key protection* and FIPS-compliant architecture**.

Icon

Simplified Key Lifecycle Management

Enables unified enterprise key management with reliable policy controls, centralized administration, and comprehensive audit trails.

Details

Details

Utimaco's Enterprise Secure Key Manager (ESKM) enables your individual key management strategy by providing a single pane of glass for all cryptographic keys, whether on-premises or in the cloud.

Based on its crypto-agility it is also capable of secure and central management of keys created with post quantum cryptography algorithms recommended by NIST and BSI, such as CRYSTALS-KYBER, CRYSTALS-Dilithium, XMSS, XMSS-MT, LMS, and HSS.

Due to its broad integration capabilities ESKM is acknowledged as trusted solution for a variety of technology partner integrations with companies around the globe, such as Dell, HPE or NetApp.

Centralized Key Management for Complete Security of Your Digital Infrastructure

Based on its unique capabilities ESKM enables you to handle all your encryption keys centrally, securely and efficiently, independent if they are utilized on-premises, or in any cloud setup (Private Cloud, Public Cloud, or any other cloud deployment model, such as Hybrid- or Multi-Cloud).

Multi-Vendor Capability – In the Cloud and On-Premises

ESKM integrates with all major Cloud Service Providers to ensure key security throughout organizations’ multi-cloud and hybrid strategies while enabling them to keep sovereignty of their keys throughout their entire lifecycle.

Due to its flexible approach ESKM is capable of securing and managing keys from various vendors of on-premises solutions. 
Hence, ESKM is providing you with the single solution for full transparency on all your keys. 
Enterprise Secure Key Manager: Central Access - Central Management – Central Control

Utimaco ESKM Mapping

 

Discover the Gold Standard for complete cloud security throughout all deployment models!

KMS webinar

 

The Single Pane of Glass for all your keys

With ESKM you are not limited to the management of your cloud keys but can manage and control your on-premises keys as well. All through a centralized access point and one single pane of glass.

ESKM provides you with a reliable audit trail, providing you transparency on who accessed what data at what point of time. With that ESKM is ensuring you being compliant with security policies and regulatory requirements such as GDPR, HIPAA, and PCI DSS.
*: for ESKM L3 and ESKM L4 (physical)
** FIPS 140-3 Level 2 appliance (pending), FIPS 140-2 L3 and L4 (embedded HSM)

Scalable to thousands of nodes, and millions of keys

Unprecedented Capacity for more than 2 million keys, more than 25,000 clients, and thousands of ESKM nodes per distributed cluster.

Competitive Application Programming Interfaces (APIs)

  • OASIS KMIP (Key Management Interoperability Protocol)
  • RESTful interface API
  • KMS

Highest Level of Security on the Hardware Level

  • Security hardened Linux-based server appliance with encrypted redundant storage 
  • FIPS-compliant architecture*
  • Certificate-based authentication
  • Built-in CA
  • Embedded Utimaco GP HSM for highest local key protection**
  • Integration with CC and VS-NfD certified Utimaco GP HSM for key protection compliant to specific compliance requirements***

Cloud and on-prem workloads

Offers organizations of all sizes a superior solution for key storage and management capabilities, delivering high security and compliance; whether on premises or in the cloud.

Simplified Key Lifecycle Management

Enables unified enterprise key management with reliable policy controls, centralized administration, and comprehensive audit trails.

Secure Audit Logging

Complete with digitally signed logs and key lifecycle activities

  • Reducing audit costs
  • Enhancing visibility
  • Accelerating operational efficiency

Supported Cryptographic Algorithms

  • Such as AES, 3-Key Triple DES, HMAC, RSA, and ECDSA key types
  • Secure administrator remote access through TLS
  • On-demand backups with SSH key authentication

Custom Integrations 

  • Simplified RESTful API interface for key CRUD (Create, Read, Update, Delete) operations and crypto
  • Supports open client libraries such as KMIP, OpenKMIP and PyKMIP
  • Conforms with KMIP 1.0 through 2.1 specifications
  • Implements auto-registration with native XML-based KMS protocol
  • NIC Teaming Support

Pre-Installed Software

  • Comprehensive monitoring, recovery, scheduled backups, log rotations, and restore functionality
  • Web browser GUI and Command Line Interface supported
  • SNMP alerts and SIEM log monitoring
  • TLS and on-demand backups with SSH key authentication, for secure administrator remote access

* FIPS 140-3 Level 2 appliance (certification pending), FIPS 140-2 L3 and L4 (embedded HSM)
** for ESKM L3 and ESKM L4 (physical)
*** for vESKM

 

On-premise

  • LAN Appliance

Our on-premise options allow hosting the product directly on-site in your own network or data center.

  • Virtual Appliance

The virtual version of ESKM is a pre-configured, security-hardened virtual appliance, helping you to keep control over your Total Cost of Ownership (TCO).
 

Migration

ESKM Migration

Your migration path from ESKM v.5 to v.8 made easy

With the ESKM v8 Hardware Appliance we provide you with all features and benefits to fully support your cryptographic key management use cases while providing the highest security and capacity.

References

References

Huawei logo

Huawei

Vmware

Vmware

Infinidat

Infinidat

NetApp

NetApp

SUSE

SUSE

Stormagic

Stormagic

Zettaset

Zettaset

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      About Utimaco's Downloads

      Visit our Downloads section and select from resources such as brochures, data sheets, white papers and much more. You can view and save almost all of them directly (by clicking the download button).

      For some documents, your e-mail address needs to be verified. The button contains an e-mail icon.

      Download via e-mail

       

      A click on such a button opens an online form which we kindly ask you to fill and submit. You can collect several downloads of this type and receive the links via e-mail by simply submitting one form for all of them. Your current collection is empty.