StorMagic Key Management-as-a-Service (KMaaS)
StorMagic KMaaS is a cloud-based encryption key management service that delivers painless security for any encryption workload. It allows businesses of all sizes to centrally store, manage, and consolidate key management functions across on-premises, private cloud, public cloud, hybrid cloud, SaaS, and a range of edge applications and endpoints.
Flexible
StorMagic KMaaS is incredibly flexible, with the ability to integrate with any encryption workflow, and connect to any location, anywhere. It supports data-at-rest encryption for database, storage, application and custom use cases, as well as data-in-transit for authentication, transactions, and data transfer. It also enables the consolidation and management of existing hardware security modules (HSMs) through a single pane of glass, as well as support for a multitude of new workflows such as cloud, SaaS, PaaS and IoT.
Robust
With StorMagic KMaaS, customer keys are always secure, and always accessible. It delivers powerful high availability, through the virtual appliance’s hardened design, and load balanced clusters that protect against distributed denial-of-service (DDoS) attacks. Superior data protection is achieved through the solution’s multi-level key security and strong authorization methods. The multi-tenanted architecture secures data through tenancy isolation, segmented databases, and workload boundary enforcement.
Simple
StorMagic KMaaS is easy to deploy, enabling customers to implement enterprise-wide key management in less than 5 minutes. It offers an exceptionally intuitive user experience, to easily manage users, groups and integrations, quickly create keys, and oversee the full key lifecycle. Administration is effortless, thanks to the wizard setup experience, painless backup and restore capabilities, and the ability to implement role based access control. Advanced reporting and behavioral insight enable detailed auditing and logging, dashboard alerts, and syslog exportable to popular SIEMs.
StorMagic KMaaS Features
StorMagic KMaaS offers access to all of the features of our enterprise-grade SvKMS encryption key management software, in a fully managed, multi-tenanted cloud service. It is secured and powered by redundant, FIPS 140-2 compliant, hardened virtual appliances, and is delivered through a highly available, geo-dispersed architecture.
Robust Crypto Operators |
|
Programmatic Key Rotation |
|
Painless Backup and Restore |
|
KMIP Server |
|
REST API |
|
Any Workflow |
|
Full Key Lifecycle Management |
|
Advanced Authentication |
|
Detailed Auditing and Logging |
|
Pricing and Licensing
StorMagic KMaaS is available as a subscription service and can be purchased for 1, 3 or 5 year terms. Keys must be purchased separately and are available in key packs, starting at 50 keys, which can be combined to create a specific total based on the organization’s requirements. Key packs last for one year and the correct number of packs must be purchased to cover the length of the subscription.
Platinum-level maintenance and support during the subscription period is covered by the subscription fee – no further charges are required. For full details of what is included in StorMagic’s Platinum-level support, please refer to the StorMagic support policy.
For specific pricing and for more information about how StorMagic KMaaS can be purchased, please contact your local StorMagic sales representative or email [email protected]
Third Party Integrations
There are a number of additional storage and database integrations for StorMagic KMaaS that allow it to simplify the key management of an organization’s infrastructure. The integrations are identical to those available with StorMagic SvKMS and are generally achieved through the use of KMIP. The integrations are listed below:
Integration | Explanation |
VMware vSphere and vSAN | Enables vSphere VM encryption, via KMIP integration |
Nutanix | Enables the use of self encrypting drives (SEDs), via KMIP integration |
IBM DB2 | SvKMS can create a centralized key store when using DB2 native encryption |
MongoDB | Enables data-at-rest encryption through storage-based symmetric key encryption, via KMIP |
NetApp ONTAP | SvKMS can act as a key management server for volume encryption, via KMIP |
Veritas | SvKMS can act as the key management server for Veritas Netbackup encryption, via KMIP |
Commvault | Using KMIP, SvKMS protects Commvault software encryption keys stored in a CommServe database |
Further details on these integrations and how they can be implemented can be found within the SvKMS Manual.