Cloudistics is compatible with two vendors to support KMIP: Gemalto SafeNet Key Secure and Vormetric DSM key server are third-party, centralized key management platforms for clients who are required to use a KMIP infrastructure and FIPS 140-2 certification. Both vendors provide the solutions in hardware and virtual software appliance.
- At the time of writing, the solutions support KMIP 1.1 and 1.2.
- Gemalto SafeNet KeySecure supports 128-bit encryption. Whereas, Vormetric supports 128 or 256-bit encryption.
- Both solutions support HSM to store the master key.
- Both appliances can deliver FIPS 140-2 Level 2 and Level 3 certification
The following table summarizes the features for the two vendors.
|Vormetric (DSM 6.0)||Safenet KeySecure (8.1)|
|KMIP version support||1.0, 1.1, 1.2||1.0, 1.1|
|KMIP client action logging||No||Yes|
|Security isolation at host granularity||Upcoming, Version 6.1||Yes|
|Admin can delete Secret Data||No||Yes|
|Browse secret data by name attribute||No||Yes|
|Client certificate upload required||client certificate||client CA|
|Self-signed certificate support||Yes||Yes|
|KMIP Register Secret Data||Yes||Yes|
|KMIP Locate Secret Data||Yes||Yes|
|KMIP Destroy Secret Data||Yes||Yes|
|SSL 3.0 / TLS 1.0, 1.1, 1.2||Yes||Yes|
|FIPS compliant ciphers||Yes||Yes|
|Secure Secret Data by IP||No||Yes|
|Two-way SSL/TLS authentication||Yes||Yes|