Bulwark Technologies LLC

Menu
Linkedin-in Icon-twitter Icon-youtube-v

Utimaco’s Key Management Solutions

Easy and centralized management of cryptographic keys

Schedule Demo
Get Datasheet

Facing the challenge of managing crypto secrets

The number one challenge that a key manager should solve is to provide a centralized storage solution for cryptographic keys. Aside from storage, it should also provide the highest level of security, be tamper resistant, and meet industry certifications and standards such as FIPS.

A centralized storage solution must also adhere to compliance regulations and other regional mandates. It should use automation to generate keys, renew, and rotate them. Not all employees need access to the keys, and therefore, the key manager should provide role-based access to keys. Lastly, all of these requirements should be neatly wrapped in a one-time set-up, low-maintenance package.

UTIMACO’s key management solutions for easy and centralized management of cryptographic keys

UTIMACO provides solutions for secure key management to address the challenge of managing crypto secrets. Our key management offerings are complete solutions for generating, storing, serving, controlling, and auditing access to data encryption keys. They enable you to protect and preserve access to business-critical, sensitive, data-at-rest encryption keys, either locally or remotely. Some of the benefits of our key management solutions include:

  • Encryption of keys in-transit and at-rest
  • Separate keys from data to improve reliability and availability. The key managers ensure that the data that you want to protect, and the encryption keys that are created to protect that data are stored in two different locations. This provides a security advantage since it prevents access to both keys and encrypted data in the event that your database is compromised.
  • Streamline key management processes, reduce costs and the risk of human errors
  • Provide a “single pane of glass” and comprehensive platforms for key generation, import/ export, translation, encryption, digital signature, secrets management, and audit reporting
  • Unify your multi-vendor HSM fleet into a single, central key management architecture
  • Serve both large and small enterprises, on-premise and virtually
Utimaco ESKM Key Management Icon

Enterprise Secure Key Manager (ESKM)

The most interoperable and integrated Key Manager

Secure Keys for Data at Rest, in Use, and in Motion – Fully FIPS Certified

Utimaco’s Enterprise Secure Key manager (ESKM) is the first industry-certified Key Management Interoperability Protocol (KMIP) v2.1 offering with market leading support for partner applications and pre-qualified solutions, integrating out-of-the-box with varied deployments, as well as custom integrations.

ESKM is collaborating with both Google and Microsoft Azure to help organizations transition securely to the cloud. With the BYOK – Bring Your Own Key – concept, enterprises encrypt their own data, retain control of their encryption keys, and do not give the control away to the CSP.

  • Securing capacity of more than 2 million keys for at least 25,000 clients and thousands of ESKM nodes
  • Controls and manages all keys for auditing controls with digitally signed logs and key lifecycle activities. Reduces audit costs and accelerates visibility
  • Multi-cloud Key Manager. A single pane of glass to protect data and associated cryptographic keys for on-premises, hybrid, and public cloud assets
  • Single and centralized root of trust. Included Software for easy use. Easy Deployment and Simple Licensing
  • Thousands of clients, thousands of virtual or hardware appliances and millions of keys are supported.
  • Designed to be utilized according to different security approvals: FIPS 140-2 Level 1, 2, 3 and 4 (physical) and Common Criteria

Hardware-based Security on highest level

  • Locking front bezel and dual pick-resistant locks provides security officers with dual control
  • Security hardened Linux-based server appliance; designed as cryptographic module for FIPS 140-2 Levels 1, Level 2, Level 3 and Level 4 use cases
  • Supports mirrored internal storage, dual networks, dual power, and redundant cooling
  • Provides a terminal interface (serial RS-232C) and VGA for initial installation setup

Fulfills various compliance requirements

  • Designed for NIST SP 800-131A and FIPS 140-2 Levels 1, Level 2, Level 3 and Level 4 requirements
  • Certificate-based mutual client-server authentication, secure administration, and audit logging
  • Common Criteria Evaluation Assurance Level (EAL 2+) certified
  • Conforms with KMIP 1.0 through 2.1 specifications
  • Performs automatic key replication, client load balancing, and fail-over
  • Embedded Local Certificate Authority as an option to protect keys in transit

Included Software for easy use

  • Allows comprehensive monitoring, recovery, scheduled backups, and log rotations, restore functionality
  • Web browser GUI and Command Line Interface supported
  • Supports (among others): AES, 3-Key Triple DES, HMAC, RSA, and ECDSA key types
  • Provides SNMP alerts and SIEM log monitoring
  • Provides TLS and SSH for secure administrator remote access

Most Interoperable

  • Support for partner applications and pre-qualified solutions through the first industry-certified Key Management Interoperability Protocol (KMIP)
  • OASIS KMIP allows communication with clients for key management operations on cryptographic material, including symmetric and asymmetric keys, certificates and templates
  • Streamlines security policies with a single approach for consistent controls and compliance audits through moving to KMIP
  • Both time and cost effective - a single system to learn, control, maintain and audit, as well the ability to integrate new applications without having to reinvest in management
  • Avoid vendor lock-in and outdated technology. Enforces best practices with universal, automated key lifecycle controls
  • Integrates with all the major Cloud Service Providers for external key management and BYOK use cases.
Utimaco UKM Key Management Icon

KeyBRIDGE Universal Key Management (UKM)

The single platform solution for all keys and data

Securely manage and store all keys and sensitive data in one single, centralized location

Utimaco’s KeyBRIDGE UKM is a standalone platform solution that stores all keys and sensitive data for an entire organization. This ensures that the organization has complete control of the key inventory and is not dependent on the availability of a database, service vendor or employee. Its simple key management functionality spans the full key lifecycle from generation through to escrow and termination.
The central user interface provides complete visibility of the entire key inventory at any time.

KeyBRIDGE UKM secures all keys and maintains support for the generation, import, and distribution of any key type. All keys within KeyBRIDGE UKM are protected under a 256 Bit AES System Master Key, which can be used immediately, distributed as a cryptogram or broken down into component parts or shares. KeyBRIDGE UKM adds additional value by allowing integration of further Utimaco HSMs as well as third party HSMs like Atalla, Thales and SafeNet, enabling the user to perform key management functions using a single, easy-to-use interface with both local console or RESTful API access.

  • Manages and stores all keys and sensitive data of a company or group
  • Provides a single solution with integrated HSM. Logical and physical security provided by the integrated HSM as the root of trust.
  • Detailed Key Inventory. Tracks generation, import, export, termination details and optional key expiration dates
  • Includes built-in support for 3rd party HSMs
  • Certified for Payment and General-Purpose Keys. FIPS 140-2 and PCI-HSM certified

Full life-cycle key management

Tracks all instances of imported and exported keys. Maintains key history even if a key has been terminated and removed from the system

Best-in class entropy and high-quality keys

NIST SP 800-90B. AIS 31DRG.4 compliant hash based DRNG. AIS31 PTG.2 compliant TRNG

Deployment Options

On-premise LAN application. Our on-premise options allow hosting the product directly on-site in your own network or data center.

Download Corporate Brochure

Utimaco General Purpose HSM's

Utimaco_ESKM_Enterprise Secure Key Management_Brochure_Image_Bulwark Technologies
Data Sheet
Utimaco_ESKM_Cryptographic Key Management Multi Cloud Computing_Brochure_Image_Bulwark Technologies
Data Sheet
Utimaco_Keybridge_Universal Key Management_Brochure_Image_Bulwark Technologies
Data Sheet

Product Demo

Utimaco Enterprise Key Management Solution

Schedule a demo now with Bulwark Technologies and experience the full portfolio of Utimaco’s Enterprise Key Management Solution and Products.

Schedule a FREE Demo

"*" indicates required fields

Name*
Business Email*
This field is for validation purposes and should be left unchanged.

Check out Bulwark Technologies complete cybersecurity Portfolio for your cyber transformation journey

Cybersecurity Portfolio