Encryption key management that adapts to any environment: SvKMS Data Sheet
StorMagic SvKMS is an encryption key management solution that can be deployed in any environment. It simplifies complex security and key management infrastructure by providing centralized management and, illustrated below, the ability to deploy a KMS to wherever it is needed. This makes it perfect not only for the datacenter, but for the cloud and edge computing environments as well.
Whether on-prem, cloud or multi-cloud, SvKMS offers organizations the flexibility to locate their key management resources where required. It eliminates the need for hardware security modules (HSMs) and uses a REST API for easy integrations into any workflow with custom key imports facilitating an easy transition from legacy solutions.
Download the SvKMS data sheet in PDF format:
StorMagic SvKMS is FIPS 140-2 certified, allows advanced identification and access management through SAML 2.0, and can be configured as a single- or multi-tenanted solution, making it an ideal choice for managed security solution providers.
This data sheet is broken down into four sections, covering the features in SvKMS, its requirements, hardware and software compatibility, and finally support levels.
StorMagic SvKMS includes a comprehensive suite of features allowing control of the full key management lifecycle. These features are detailed in the table at the end of this document.
SvKMS has been built around maximizing the KMIP open standard to enable organizations to leverage it as part of their key management operations. With SvKMS you can centrally manage, store, and consolidate encryption key management tasks across cloud, SaaS, on-premise systems, and endpoint devices like mobile and IoT.
SvKMS gives customers the ability to deploy a flexible architecture with an option to bring your own key (BYOK). BYOK ensures encryption keys remain in the hands of the business, regardless of location. This gives business users control for data held off-premise - if the content owner disables access to the keys, it becomes impossible for the information to be decrypted by any third party.
Custom key import
Over time, an organization may have anything from hundreds to millions of keys being used within a complex cryptographic environment. SvKMS's custom key import feature allows users to import keys that may have created by another key manager in a common format, or through a custom algorithm – including PGP, GPG, DES, CAST and Blowfish.
REST API integration and automation
Manually addressing all key management functions at the application level is time-consuming and inefficient, and old-style key managers are driven by complex, error-prone command line interfaces. StorMagic SvKMS has a flexible and robust REST API, allowing organizations to automate key management functions and create streamlined workflows.
Licensing and pricing
SvKMS is licensed on a per-node basis, with a Master Node license required, and subsequent Additional Node licenses depending on the size of the cluster. The base license grants the organization the use of up to 250 keys within the cluster, at no additional cost. If more than 250 keys are required for the cluster, these are charged individually per key.
A support contract of a minimum of 1 year must also be purchased with each SvKMS license. Customers can choose either Gold or Platinum levels of support over 1, 3 or 5 year terms. More information on these levels can be found in the Support section of this data sheet. Master Nodes and Additional Nodes must have the same level of support - the support levels cannot be mixed.
The SvKMS licenses are perpetual - they require just a single one-time payment and have full enterprise functionality included. The only ongoing payment that the customer must consider is the support contract, which must be renewed to retain functionality, support, patches and bug fixes.
A free, fully functional evaluation of SvKMS is available to download, enabling organizations to trial and experience the features and benefits of SvKMS, before purchasing.
For more information and to download an evaluation copy, visit stormagic.com/trial.
StorMagic SvKMS is compatible with any x86 server,
providing it meets the minimum hardware requirements, as listed in the table opposite.
StorMagic SvKMS can be run in any cloud and on any hypervisor, and has numerous integrations with other software solutions. Further details of these can be found in the tables below.
Cloud Platform Compatibility
Four major cloud providers - AWS, Azure, Google and Openstack - are supported by SvKMS and outlined in the table opposite. The solution can be deployed across one, or multiple cloud providers, as required.
SvKMS supports many different hypervisors, including VMware vSphere, Microsoft Hyper-V, Linux KVM, Nutanix AHV and Oracle VirtualBox. It is installed as a VM on top of the hypervisor, allowing advanced hypervisor features to be leveraged such as high availability and fault tolerance. The table opposite outlines SvKMS’ compatibility with different hypervisor versions.
Integrations and Supported Workloads
Once SvKMS is deployed, it can be connected and integrated into many different services and workloads. The table below lists out the current available and documented integrations, however thanks to the REST API included within SvKMS, it can also easily integrate with proprietary applications within an organization. By bringing all of these workloads into a centralized key manager, the entire key management operation is dramatically simplified and far more secure.
For more detailed information on each of these integrations, alongside many others, please visit the SvKMS integrations page of the StorMagic website. Each solution’s integration is broken down in detail, with downloadable integration guides available for each one.
SvKMS also integrates with many leading HSM vendors, to provide centralized management and advanced key management capabilities to these hardware solutions that are typically favored by organizations for their reliability and ability to provide root-of-trust. The current list of compatible HSMs is detailed in the table opposite. For more information about how SvKMS integrates with HSMs, please visit the HSM extension page of the StorMagic website.
StorMagic SvKMS requirements:
1Minimum of 8GB RAM required, 16GB recommended for large environments.
220GB HDD minimum requirement. For optimal performance, 40GB HDD recommended.
Cloud service providers compatible with SvKMS:
|Cloud Platform||SvKMS version|
|Amazon Web Services||•||•|
|OpenStack - Version 15 (Train)||•||•|
Hypervisors compatible with SvKMS:
|VMware||vSphere 6.7 & updates||•||•|
|vSphere 6.5 & updates||•||•|
|Microsoft||Windows Server 2016||•||•|
|Hyper-V Server 2016||•||•|
|Linux KVM||CentOS 8.0||•||•|
|Ubuntu 18.04 LTS||•||•|
HSMs compatible with SvKMS:
|nCipher||nShield Connect 5000+||•||•|
|AWS EC2 and S3||Support for external key management using BYOK||•||•|
|Azure Key Vault Managed HSM||SvKMS can be used as an interface between Key Vault and third party HSMs||•|
|Azure Storage||Support for external key management using BYOK||•||•|
|BitLocker||Use SvKMS to provide external, secure AES key protection for encryption and decryption of Windows drives||•|
|Commvault||Using KMIP, SvKMS protects Commvault software encryption keys stored in a CommServe database||•||•|
|Google Cloud EKM||Use SvKMS as an external key manager to protect data in Google Cloud, giving greater control than BYOK||•|
|IBM DB2||SvKMS can create a centralized key store when using DB2 native encryption||•||•|
|MariaDB||SvKMS acts as a centralized key store for MariaDB native encryption, via the REST API||•||•|
|MongoDB||Enables data-at-rest encryption through storage-based symmetric key encryption, via KMIP||•||•|
|MySQL||Use SvKMS as a centralized key store for MySQL encryption, via KMIP||•||•|
|NetApp ONTAP||SvKMS can act as a key management server for volume encryption, via KMIP||•||•|
|Nutanix Prism||Enables the use of self encrypting drives (SEDs), via KMIP integration||•||•|
|Salesforce Shield||Protect encrypted Salesforce data by using SvKMS as a key manager with BYOK||•|
|Veritas NetBackup||SvKMS can act as the key management server for Veritas Netbackup encryption, via KMIP||•||•|
|VMware vSphere and vSAN||Enables vSphere VM encryption, via KMIP integration||•||•|
SvKMS Maintenance and Support
SvKMS Maintenance & Support provides organizations with access to StorMagic support resources, including product updates, knowledgebase access and email support with our technical support staff.
Two levels are available. A summary of each is shown in the table below:
|Gold Support||Platinum Support|
|Hours of operation||8 hours a day1 (Mon - Fri)||24 hours a day2, (7 days a week)|
|Length of service||1, 3 or 5 years||1, 3 or 5 years|
|Access method||Email + Telephone
engagement form on
|Response method||Email + Webex||Email + Telephone +
|Maximum number of support administrators per contract||2||4|
|Response time||4 hours||1 hour|
1Gold Support is only available within the timezones of UTC/DST 07:00 to UTC/DST 01:00. If you fall outside of this range, you must purchase Platinum Support.
2Global, 24x7 support for Severity 1 - Critical Down & Severity 2 Degraded issues
SvKMS Feature Table
|SvKMS Features||SvKMS 2.5|
|REST API - web page with more information
|BYOK/CSEK - web page with more information
|Conforms to KMIP server specifications - web page with more information
|Cluster management and high availability (HA)
|Full key management lifecycle
|Robust key management operations
|Painless backup and restore
|Hybrid on-premise/cloud configuration
|Proactive insights (manage notifications and alerts)
|Role-based access control (RBAC)
|Custom key import and HSM extension - web page with more information
|Sophisticated, single user interface (UI)
|Detailed auditing and logging, exportable to popular SIEMs
|FIPS 140-2 Level 1 compliance
|Advanced identity and access control