SvKMS Features

What do you get by choosing SvKMS?

Cutting-edge key management functionality

SvKMS is the most flexible encryption key management solution (KMS) on the market. It helps businesses properly secure data in cloud computing, virtualization, IoT, and legacy environments in an ever-shifting and complex threat landscape.

SvKMS customers and partners recognize that de-centralization and distribution of workloads requires a new approach to encryption key storage that overcomes the inflexibility of the old model. As a result, SvKMS offers features that meet customer demand for secure, platform-agnostic and centralized key management, storage and provisioning that fit into the new model of data residing in distributed locations like cloud, on-premise, edge and IoT.


Facilitate all key encryption requirements through a single key management service with KMIP


Build automation workflows and integrate with multiple use cases with a modern REST API


Take advantage of cloud services, while retaining control and management of your encryption keys

Key Import

Manage both modern, unique and legacy encryption keys with one single key manager

HSM Extension

Modernize HSMs - extend, consolidate and manage HSM keys from a single pane of glass

SvKMS features

Explore the full range of features that are included in SvKMS:
  • Allows other applications to connect, interact and integrate directly with SvKMS.
  • Defines a common interface for key management operations (get, fetch, rotate, create, delete, etc.)
  • Build automation workflows and integrate with many use cases that were limited with previous standards like PKCS#11.
  • Read more about the REST API feature on its dedicated feature page.
  • Encrypt your data and retain control and management of encryption keys even in cloud computing environments.
  • Generate strong keys and control the secure export of keys to the cloud, thereby strengthening key management practices.
  • Separate the lock (encryption) from the key (encryption key)
  • Read more about the BYOK feature on its dedicated feature page.
  • A cost­-effective solution where only one key management service is necessary to facilitate all key encryption requirements.
  • SvKMS can be deployed as a KMIP Server in a virtual environment in minutes, for a fraction of the cost and effort of an HSM.
  • Reduces overheads/administration related to managing encrypted data, such as tape drives, databases, storage array and software, through centralized management.
  • Read more about the KMIP feature on its dedicated feature page.
  • Easily activate a new key management installation.
  • Simple KMS setup for both a single instance and a complex high availability cluster.


  • Ensure compliance and enact robust key policies through the entire key lifecycle, from creation to storage, archiving and deletion.
  • SvKMS supports the latest version of the Security Assertion Markup Language (SAML) standard.
  • Integrates with multiple SAML-standard identity providers e.g. ADFS, OKTA, etc. simplifying administration.
  • Ensure that key management requests are restricted to specific IP addresses to ensure only authorized personnel and systems can access keys.
  • Automate rotations to improve security and meet policy guidelines, as well as reduce administrative overhead.
  • Saves and stores the current SvKMS state for future restoration.
  • Set on-demand and scheduled backups to an external location, restoring these backups when required.
  • Generate, store and provision keys onsite/on-premise, in the datacenter and/or in private, public or hybrid clouds.
  • Perform key management functions (create, delete, rotate etc.) in bulk to increase efficiency.
  • Audits all activity related to key data that can include anything from key creation, to rotation and compromise.
  • Provides alerts on activity in a cryptographic system that requires further investigation in order to detect and prevent breaches or other issues.
  • Allows the administrator to effectively segment and control who has access to various encrypted systems.
  • Allows groups to handle who may access a key. For example, a group for databases may allow certain key users access to unencrypt certain data but may exclude other key users within the storage group.
  • One key manager supports many different key management use cases, all from one interface, thus reducing time and costs.
  • SvKMS may be installed in many different environments, including VMware, KVM, Hyper-V, Nutanix and VirtualBox.
  • Click here for a full list of SvKMS Integrations.
  • Supports both two and 2N+1 configurations.
  • Manage old key types and secrets - such as PGP, DES, CAST and Blowfish - from the same centralized key manager.
  • Read more about the custom key import feature on its dedicated feature page.
  • Simplifies the encryption process through an easy-to-use and modern UI.
  • Provides both a UI and API to manage key management functions, easing the administrative workflow.
  • Analyze and report on key management activities to uncover potential threats.
  • Collects data through the use of the syslog format, which can then be exported to external SIEM tools.
  • Meets the highest levels of NIST compliance for a key management software product.
  • Supports PKCS#11 specification, allowing integration with HSMs.
  • Consolidates key management into one single pane of glass, while extending the life of in-house HSMs.
  • Can serve as an abstraction in front of an HSM, provisioning keys out through the key manager which can then perform many key management lifecycle functions.
  • Read more about the HSM extension feature on its dedicated feature page.
  • Supports certificate authority functions including, signing, revocation, time and date etc. which are required for many integrations.

Still have questions?

If you'd like more detailed information, jump to the SvKMS Documentation page which contains all of the resources you will need to get a detailed understanding of SvKMS, including the comprehensive manual, integrations and deployment guide.