Follow

Understanding KMIP Compatibility in Cloudistics

Cloudistics is compatible with two vendors to support KMIP: Gemalto SafeNet Key Secure and Vormetric DSM key server are third-party, centralized key management platforms for clients who are required to use a KMIP infrastructure and FIPS 140-2 certification. Both vendors provide the solutions in hardware and virtual software appliance.

  • At the time of writing, the solutions support KMIP 1.1 and 1.2.
  • Gemalto SafeNet KeySecure supports 128-bit encryption. Whereas, Vormetric supports 128 or 256-bit encryption.
  • Both solutions support HSM to store the master key.
  • Both appliances can deliver FIPS 140-2 Level 2 and Level 3 certification

The following table summarizes the features for the two vendors.

  Vormetric (DSM 6.0) Safenet KeySecure (8.1)
KMIP version support 1.0, 1.1, 1.2 1.0, 1.1
KMIP client action logging No Yes
Security isolation at host granularity Upcoming, Version 6.1 Yes
Admin can delete Secret Data No Yes
Browse secret data by name attribute No Yes
Client certificate upload required client certificate client CA
Self-signed certificate support Yes Yes
KMIP Register Secret Data Yes Yes
KMIP Locate Secret Data Yes Yes
KMIP Destroy Secret Data Yes Yes
FIPS compliant Yes Yes
SSL 3.0 / TLS 1.0, 1.1, 1.2 Yes Yes
FIPS compliant ciphers Yes Yes
HA/cluster Yes Yes
Secure Secret Data by IP No Yes
Two-way SSL/TLS authentication Yes Yes

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments