Transcription
thalesgroup.comVormetric Data Security PlatformData SheetVormetric Data Security Platform1
Vormetric Data Security PlatformAs security breaches continue to happen with alarmingregularity and data protection compliance mandates getmore stringent, your organization needs to extend dataprotection across more environments, systems, applications,processes and users. With the Vormetric Data SecurityPlatform from Thales, you can effectively manage data-at-restsecurity across your entire organization.The Vormetric Data Security Platform is composed of anintegrated suite of products built on a common, extensibleinfrastructure with efficient, centralized key and policymanagement. As a result, your security teams can addressyour data security policies, compliance mandates and bestpractices, while reducing administration effort and total costof ownership.The platform offers capabilities for protecting and controllingaccess to databases, files and containers—and can secureassets residing in cloud, virtual, big data and physicalenvironments. This scalable, efficient data security platformenables you to address your urgent requirements, and itprepares your organization to nimbly respond when the nextsecurity challenge or compliance requirement arises.Environment and technology support IaaS, PaaS and SaaS: Amazon Web Services,Google Cloud Platform, Microsoft Azure, Salesforce,Microsoft Office365 and PCF: MySQL databases withinPivotal Cloud Foundry OSs: Linux, Windows and Unix Big data: Hadoop, NoSQL, SAP HANA and Teradata Container: Docker, Red Hat OpenShift Database: IBM DB2, Microsoft SQL Server, MongoDB,MySQL, NoSQL, Oracle, Sybase and others Any storage environmentPlatform advantages Centralized data-at-rest security policies Manage keys for Vormetric Data Security Platform andthird-party encryption products Consistent security and compliance across physical,virtual, cloud and big data environments Pre-defined SIEM dashboards deliver granular,actionable file-access intelligence Flexibility and extensibility enable fast support ofadditional use casesCapabilities Integrate with supported HSMs and other third party Application-layer encryption Use supported HSMs as the secure root of trust Transparent encryption for files, databases and containers Tokenizationsources for data encryption keyfor high levels of assurance including FIPS 140-2Level 3 certification Dynamic and static data masking FIPS 140-2, Common Criteria certified key management Cloud Key Management Privileged user access control Access audit logging Batch data encryption and tokenizationVormetric Data Security PlatformCompliance PCI DSS FISMA GDPR PIPA HIPAA/HITECH Regional data residency NIST 800-53and privacy requirements2
FlebleixTransparentEncryptionVormetricData SecurityManagerCloud KeyManagementEnterprise then security and complianceMaximize staff and resource efficiencyBy leveraging these flexible and scalable solutions,security teams can address a broad set of use cases andprotect sensitive data across the organization. The platformdelivers the comprehensive capabilities that enable you toaddress the demands of a range of security and privacymandates, including the Payment Card Industry DataSecurity Standard (PCI DSS), the General Data ProtectionRegulation (GDPR),the Health Insurance Portability and Accountability Act(HIPAA), the Federal Information Security Management Act(FISMA) and regional data protection and privacy laws.The Vormetric Data Security Platform equips organizationswith powerful tools to combat external threats, guardagainst insider abuse and establish persistent controls,even when data is stored in the cloud or any externalprovider’s infrastructure.The Vormetric Data Security Platform makes administrationsimple and efficient, offering an intuitive Web-basedinterface, a command-line interface (CLI) and applicationprogramming interfaces (APIs) including support for REST,Java, .Net, and C. With this solution, you can apply dataat-rest security quickly and consistently, maximizing staffefficiency and productivity. Plus, this high-performancesolution enables efficient use of virtual and physical serverresources, reducing the load on the service deliveryinfrastructure.Vormetric Data Security Platform3
Reduce total cost of ownershipThe Vormetric Data Security Platform makes it simpler and lesscostly to protect data at rest. The platform enables your IT andsecurity organizations to quickly safeguard data across yourorganization in a uniform and repeatable way. Instead ofhaving to use a multitude of isolated products scattered acrossyour organization, you can take a consistent and centralizedapproach with the Vormetric Data Security Platform.Platform productsThe Vormetric Data Security Platform features these products:Vormetric Data Security Manager. The centralizedmanagement environment for all Vormetric Data SecurityPlatform products. Provides policy control as well as securegeneration, management and storage of encryption keys.Includes a Web-based console, CLI, SOAP and REST APIs.Available as FIPS 140-2 and Common Criteria certified virtualand physical appliances.Vormetric Transparent Encryption. Built around a softwareagent that runs on a server to protect data-at-rest in files,volumes or databases on-premises, in the cloud, or inhybrid cloud environments. Features hardware acceleratedencryption, least-privilege access controls and dataaccess audit logging across data center, cloud and hybriddeployments. Features these extensions and additions:Vormetric Tokenization with Dynamic Data Masking.Vormetric Tokenization makes it easy to add random orformat-preserving format-preserving tokenization to protectsensitive fields in databases and policy-based dynamic datamasking for display security.Vormetric Application Encryption. Streamlines the processof adding AES- and format-preserving encryption (FPE) intoexisting applications. Offers standards-based APIs that canbe used to perform high-performance cryptographic and keymanagement operations.Vormetric Batch Data Transformation. Makes it fast andeasy to mask, tokenize or encrypt sensitive column informationin databases. Can be employed before protecting existingsensitive data with Vormetric Tokenization or VormetricApplication Encryption. Delivers static data masking services.Vormetric Key Management. Provides unified keymanagement to centralize management and secure storageof keys for Vormetric Data Security Platform products, TDE,and KMIP-compliant clients as well as securely storingcertificates. Container Security. Establishes controls inside of Docker CipherTrust Cloud Key Manager. Manages encryption keysfor Salesforce, Microsoft Azure and AWS that addressesenterprise needs to meet compliance and best practices formanaging encryption key life cycles outside of their nativeenvironments – and without the need for enterprises tobecome cryptographic experts. Availablefor private cloud or on-premises deployment. Live Data Transformation. Enables encryption andVormetric Protection for Teradata Database. Makes it fastand efficient to employ robust data-at-rest security capabilitiesin your Teradata environments. Offers granular protection,enabling encryption of specific fields and columns in Teradatadatabases.and OpenShift containers, so you can ensure othercontainers and processes and even the host OS can’taccess sensitive data. Provides capabilities you need toapply encryption, access control and data access loggingon a per-or within-container basis.periodic key rotation of files and databases—even whilein use—without disruption to users, applications andbusiness workflows. Vormetric Transparent Encryption for Efficient Storage.Provides a high degree of security for data stored onstorage systems by encrypting data while retainingcritical storage efficiencies, such as deduplication andcompression. Offers the best data protection possible whilemaintaining storage efficiency — an industry first solution!Vormetric Security Intelligence. Produces granular logs thatprovide a detailed, auditable record of file access activities,including root user access. Offers integrationwith security information and event management(SIEM) systems. Delivers pre-packaged dashboardsand reports that streamline compliance reporting andspeed threat detection. Vormetric Transparent Encryption for SAP HANA.Provides advanced data-at-rest encryption, access control,key management and data access audit logging acrossSAP HANA implementations and environmentsVormetric Data Security Platform4
Vormetric Data Security ManagerThe Vormetric Data Security Manager (DSM) centralizesmanagement and policy for all Vormetric Data SecurityPlatform products. The DSM enables organizations toefficiently address compliance requirements, regulatorymandates and industry best practices, and to adapt asdeployments and requirements evolve. The DSM and theproducts it manages are integrated with user and groupidentity management systems such as LDAP, Active Directory,local user databases, Hadoop and container environments—offering best-practice management of security policies anddeployments.Secure, reliable, and FIPS-certified systemTo maximize uptime and security, the DSM features redundantcomponents and the ability to cluster appliances for faulttolerance and high availability. Strong separation-of-dutiespolicies can be enforced to ensure that one administratordoes not have complete control over data security activities,encryption keys or administration. In addition, the DSMsupports two-factor authentication for administrative access.Flexible implementation optionsThe DSM is offered as a FIPS 140-2 Level 1 virtual appliance,as well as two hardware appliances: The V6000, which isFIPS 140-2 Level 2 certified, and the V6100, which is FIPS140-2 Level 3 certified. The virtual appliance is available inVMware, HyperV, KVM, Amazon Web Services, and Azurecompatible formats.Key features Single console for all platform policy andkey management Multi-tenancy support Proven scale to 10,000 agents Clustering for high availability Toolkit and programmatic interface Easy integration with existing authentication infrastructure RESTful API support Multi-factor authentication andinternal HSM Remote AdministrationTechnical specificationsPlatform options: FIPS 140-2 Level 1 virtual appliance (FIPS 140-2 Level 3root of trust available with supported external HSMs) FIPS 140-2 Level 2 hardware appliance (FIPS 140-2Level 3 root of trust available with supported externalHSMs) FIPS 140-2 Level 3 Hardware appliance (Includesinternal HSM) The virtual appliance is available in VMware,HyperV, KVM, Amazon Web Services, and Azurecompatible formatsSupported HSMs can also provide a FIPS 140-2 Level 3 rootof trust for virtual or v6000 hardware Vormetric Data SecurityManagement appliances.Vormetric Data Security Platform5
TransparentEncryptionCipherTrust CloudKey ManagerTokenizationServerKMIPKMIPExternal HSM integrationBig DataEncryptionEnterprise KeyManagementPolicy and Key ManagementImport and use high entropy master keysfrom supported external HSMsBatch DataTransformationApplicationEncryptionPolicy and Key ManagementVormetricData Security ManagerAdvanced CapabilitiesSecure Key ImportBring your own Data Encryptionkeys via RESTUnified management and administration across the hybrid enterpriseThe DSM minimizes capital and expense costs by providing central management of heterogeneous encryption keys, includingkeys generated for Vormetric Data Security Platform products, IBM Security Guardium Data Encryption, Microsoft SQLTDE, Oracle TDE and KMIP-compliant encryption products. The DSM features an intuitive Web-based console and APIs formanaging encryption keys, policies, and auditing across an enterprise. The product also centralizes log collection.Vormetric Data Security Platform6
DSM specificationsHardware SpecificationsChassis 1U rack-mountable; 17” wide x 20.5” long x1.75” high (43.18 cm x 52.07cm x 4.5 cm)Weight V6000: 21.5 lbs (9.8 kg); V6100: 22 lbs (10 kg)Memory 16GBHard Disk Dual SAS RAID 1 configured with FIPS tamper-evident sealsSerial Port 1Ethernet 2x1GbIPMI 1x10/100MbPower Supplies 2 removable 80 certified (100VAC-240VAC/50-60Hz) 400WChassis Intrusion Detection Yes. Also includes FIPS tamper-evident seal on the top cover.Maximum BTU 410 BTU maxOperating Temperature 10 to 35 C (50 to 95 F)Non-Operating Temperature -40 to 70 C (-40 to 158 F)Operating Relative Humidity 8% to 90% (non-condensing)Non-Operating Relative Humidity 5% to 95% (non-condensing)Safety Agency Approval FCC, UL, BIS certificationsV6100 model is equiped with an internal HSMFIPS 140-2 Level 3 FIPS 140-2 Level 3 root of trust available for V6100 and virtual DSMsvia integration with supported HSMsHSM Remote Administration V6100 only; requires optional Remote Administration kitSoftware SpecificationsAdministrative Interfaces Secure Web, CLI, RESTNumber of Management Domains 1,000 API Support PKCS #11, Microsoft Extensible Key Management (EKM), RESTSecurity Authentication Username/Password, RSA multi-factor authentication (optional)Cluster Support YesBackup Manual and scheduled secure backups. M of N key restoration.Network Management SNMP, NTP, Syslog-TCPSyslog Formats CEF, LEEF, RFC 5424Certifications and ValidationsFIPS 140-2 Level 1, FIPS 140-2 Level 2, FIPS 140-2 Level 3Common Criteria (ESM PP PM V2.1)Minimum Virtual Machine Specifications—Recommendation for Virtual ApplianceNumber of CPUs 2RAM (GB) 4Hard Disk (GB) 100GBSupport Thin Provisioning YesVormetric Data Security Platform7
Vormetric Transparent EncryptionVormetric Transparent Encryption delivers data-at-restencryption with centralized key management, privileged useraccess control and detailed data access audit logging thathelps organizations meet compliance reporting and bestpractice requirements for protecting data, wherever it resides.This solution’s transparent approach protects structureddatabases, unstructured files, and linked cloud storageaccessible from systems on-premises, across multiple cloudenvironments, and even within big data and containerimplementations. Designed to meet data security requirementswith minimal disruption, effort, and cost, implementation isseamless – keeping both business and operational processesworking without changes even during deployment and roll out.Meet compliance requirements forencryption and access controlEncryption, access controls and data access logging arebasic requirements or recommended best practices for almostall compliance and data privacy standards and mandates,including PCI DSS, HIPAA/Hitech, GDPR and many others.Vormetric Transparent Encryption delivers the controls requiredwithout operational or business process changes.Scalable encryptionThe Vormetric Transparent Encryption agent runs at the filesystem or volume level on a server. The agent is availablefor a broad selection of Windows, Linux and Unix platforms,and can be used in physical, virtual, cloud, container andbig data environment – regardless of the underlying storagetechnology. Administrators perform all policy and keyadministration through the Vormetric DSM.Encryption takes place on the server, eliminating bottlenecksthat plague legacy, proxy-based solutions. Performance andscalability are further enhanced by leveraging cryptographichardware modules that are built into such modern CPUs, suchas Intel AES-NI and IBM POWER9.Vormetric Data Security PlatformKey benefits Meet compliance and best practice requirements forencryption and access control that scales easily acrossplatforms and environments Easy to deploy: no application customization required Establish strong safeguards against abuse byprivileged insidersKey features Broadest platform support in industry: Windows, Linuxand Unix operating systems High performance encryption: Uses hardwareencryption capabilities built into host CPUs - Intel andAMD AES-NI and POWER9 AES encryption Suite B protocol support Log all permitted, denied and restricted access attemptsfrom users, applications and processes Role-based access policies control who, what, where,when and how data can be accessed Enable privileged users to perform their work withoutaccess to clear-text data Extensions offer added capabilities, including moregranular container support, comprehensive dataprotection while maintaining storage efficiency andzero-downtime data encryption capabilitiesDSMvDSMData Security ManagerBig DataContainersCloudDatabasesOS/File SystemsSecuring Sensitive Data-At-Rest Wherever It ResidesFile-levelEncryptionPrivileged UserAccess ControlLive DataTransformationIntegrationto SIEMVormetric Transparent Encryption secures data wherever it resides8
Granular user access controlsTechnical specificationsApply granular, least-privileged user access policies thatprotect data from external attacks and misuse by privilegedusers. Specific policies can be applied by users andgroups from systems, LDAP/Active Directory, Hadoop andcontainers. Controls also include access by process, filetype, time of day, and other parameters.Encryption Algorithms AES, 3DES, ARIAExtension Licenses Container Security Live Data Transformation Efficient StorageNon-intrusive and easy to deployPlatform SupportVormetric Transparent Encryption agents are deployed onservers at the file system or volume level and include supportfor Linux, Unix, Windows file systems as well as cloud storageenvironments like Amazon S3 and Azure Files. Deploymentrequires no changes to applications, user workflows, businesspractices or operational procedures. Microsoft: Windows Server 2019, 2016 and 2012 Linux: Red Hat Enterprise Linux (RHEL), SuSE LinuxEnterprise Server, Ubuntu, Amazon Linux UNIX: IBM AIX*Database Support IBM DB2, Microsoft SQL Server, Microsoft ExchangeProtect data on-premises or in-cloudKeep control of your data by managing encryption keysand access policies from your local data center for both youron-premises and cloud data, even in hybrid environmentdeployments.Data Availability Group (DAG), MySQL, NoSQL,Oracle, Sybase and othersApplication Support Transparent to all applications, including Documentum,SAP, SharePoint, custom applications and moreBig Data Support Hadoop: Cloudera, Hortonworks, IBMUserVTE AgentAllow/Block Encrypt/DecryptApplicationDatabaseFileSystemsData SecurityManager NoSQL: Couchbase, DataStax, MongoDB SAP HANA TeradataVolumeManagersEncryption Hardware AccelerationStorageServer AMD and Intel AES-NI IBM POWER9 cryptographic ent Certification FIPS 140-2 Level 1Container Support* !@#)(- ” }? %-: John Smith401 MainStreet* !@#)(- ” }? %-: Docker, Red Hat OpenShiftCloud SupportFile-level encryption prevents privileged user abuse AWS: EBS, EFS, S3, S3I, S3 Glacier AZURE: Disk Storage, Azure Files PCF: MySQL databases within Pivotal Cloud Foundry*IBM AIX only supported by Vormetric TransparentEncryption, version 5.3 agentsVormetric Data Security Platform9
Live Data TransformationDeployment and management of data-at-rest encryption canpresent challenges when transforming clear-text to ciphertext, or when rekeying data that has already been encrypted.Traditionally, these efforts either required planned downtimeor labor-intensive data cloning and synchronization efforts.Vormetric Transparent Encryption Live Data TransformationExtension eliminates these hurdles, enabling encryption andrekeying with unprecedented uptime and administrativeefficiency.Zero-downtime encryption andkey rotationLive Data Transformation delivers these key capabilities:Zero-downtime encryption deployments. The solutionenables administrators to encrypt data without downtimeor disruption to users, applications or workflows. Whileencryption is underway, users and processes continue tointeract with databases or file systems as usual.Seamless, non-disruptive key rotation. Both security bestpractices and many regulatory mandates require periodic keyrotation. Live Data Transformation makes it fast and efficientto address these requirements. With the solution, you canperform key rotation without having to duplicate data or takeassociated applications off line.Intelligent resource management. Encrypting large datasets can require significant CPU resources for an extendedtime. Live Data Transformation provides sophisticated CPUuse and I/O rate management capabilities so administratorscan balance between the resource demands of encryptionand other business operations. For example, an administratorcan define a resource management rule specifying that,during business hours, encryption can only consume 10% ofsystem CPU, while on nights and weekends, encryption canconsume 70% of CPU.Versioned backups and archives. With key versioningmanagement, Live Data Transformation offers efficient backupand archive recovery that enable more immediate access.In a data recovery operation, archived encryption keysrecovered from the Vormetric Data Security Manager areautomatically applied to an older data set. Restored data isencrypted with the current cryptographic keys.Key benefits Improve security and data availability with zerodowntime encryption deployments Reduce costs associated with encryption implementationand maintenance Minimize encryption’s impact on the user experience Leverage non-disruptive key rotation to enhance securityand regulatory compliance Accelerate recovery of data encrypted with older keysTechnical specificationsOperating System Support Microsoft: Windows Server 2019, 2016 and 2012 Linux: Red Hat Enterprise Linux (RHEL) 6 and 7 and 8,SuSE Linux Enterprise Server 11, 12 and 15Cluster support Microsoft Cluster: File Cluster, SQL Server ClusterDatabase support IBM DB2, IBM Informix, Microsoft SQL Server, Oracle,Sybase and othersBig Data Support Cassandra, CouchBase, Hadoop, MongoDB, SAPHANABackup/Replication Support DB2 backup, NetBackup, NetWorker, NTBackup,Oracle Recovery Manager (RMAN), Windows ServerVolume Shadow Copy Service (VSS)Approved Users Unencrypted Unencrypted Encrypted Encrypted Database ServerVormetric Data Security Platform10
Vormetric Transparent EncryptionExtensions and AdditionsVormetric Transparent Encryption forEfficient StorageVormetic Transparent Encryption for SAPHANAWith VTE for Efficient Storage, users no longer need to makethe choice between data security and storage efficiency.They can have both! The solution provides a high degree ofsecurity for data that is ultimately stored on enterprise storagesystems by encrypting data while retaining critical storageefficiencies, such as deduplication and compression. VTE forEfficient Storage offers the best data protection possible whilemaintaining storage efficiency -- an industry first solution!Vormetric Transparent Encryption provides a provenapproach to safeguarding SAP HANA data that meetsrigorous security, data governance and compliancerequirements. The solution can be quickly deployed, requiringno changes to SAP HANA or the underlying database orhardware infrastructure. With the solution, organizations canencrypt SAP HANA data and log volumes, and establishstrong governance and separation of duties.Using secure key sharing technologies between VormetricTransparent Encryption and storage arrays, encrypted datafrom hosts running VTE can now be analyzed by enterprisestorage solutions, compressed and deduplicated and thensecurely stored on the array in encrypted format. It's the bestof both worlds.Vormetric Transparent EncryptionContainer SecurityApproved UsersStorageVTE Agenton ServerVormetric Container Security extends policy driven VormetricTransparent Encryption file-level encryption, access controlsand data access audit logging to Docker and OpenShiftcontainer environments. The solution enables file-levelencryption and access controls for container users, and datastored within, or accessed by, container images with nochanges to container images required.The solution features the detailed visibility and control neededto comply with compliance, regulatory and best practicerequirements. Granular access policies provide privilegeduser access control within the container environment as wellas at the underlying system level. Policies can include who,what, where, when and how sensitive data may be accessed.App2App1DSMKMIPData SecurityManagerVormetric Transparent Encryption for Efficient k andStorageInfrastructureVTE ContainerSecurity ExtensionSANNASDASContainer Level EncryptionContainer Security technical specificationsPlatform/Environment Support Docker and Red Hat OpenShift Red Hat Enterprise Linux, 8.x Can run on physical systems, VMs and AWS EC2 instancesVormetric Data Security Platform11
Vormetric Security IntelligenceVormetric Security Intelligence delivers detailed, actionablesecurity event logs that provide unprecedented insight into fileaccess activities and that are pre-integrated leading SIEMsolutions. Based on the data access audit logging capabilitiesavailable from Vormetric Transparent Encryption and theVormetric Data Security Manager, this information caninclude all the detail about authorized data access as well asunauthorized access attempts wherever Vormetric TransparentEncryption agents are configured. Information from DSMsalso includes actions of security administrators – another itemrequired for compliance audit purposes.These logs are available in the common formats used bySIEM systems, are centrally collected from the DSM, andprebuilt dashboards with our SIEM partners to make it easyfor customers to see immediate value from this information.Dashboards show unauthorized access attempts and can beused to immediately alert on unauthorized access attempts.The data sets generated can also be used to create baselinesof access patterns by users and applications accessing sensitivedata. These baselines can then be used to identify unusualaccess patterns that may represent a threat.Key capabilities Detect possible malware or malicious insiders makingunauthorized access attempts Pinpoint unusual patterns of user access to protected datathat indicate malware (or a malicious internal user) couldbe stealing data Monitor process access to protected data for anomalouspatterns of use that could indicate a process has been coopted by malware Identify attacks on the Vormetric Data SecurityManagement appliance from unauthorized usersSIEM Partner Integrations FireEye Threat Prevention Platform Micro Focus ArcSight IBM Security QRadar SIEM Informatica Secure@Source McAfee ESM LogRhythm Security Intelligence Platform SolarWinds SplunkData protected byVormetric Transparent EncryptionBig DataVormetric SIEM PartnersSAN/NASVormetric DataSecurity ManagerSecurity Intelligence BenefitsIdentify unusual fileaccess patternsCloudFile SystemsGranular securityintelligence logson file accessVMsDatabasesVormetric Data Security PlatformRFC5424 LogsCEF LogsLEEF LogsAccelerate detection ofinsider threats and APTsCreate complianceand audit reports12
Vormetric Tokenization withDynamic Data MaskingVormetric Tokenization with Dynamic Data Masking reducesthe cost and effort required to comply with security policiesand regulatory mandates such as the European Union’sGlobal Data Protection Regulation (GDPR) and the PaymentCard Industry Data Security Standard (PCI-DSS). You cansecure and anonymize sensitive assets—whether they residein the data center, big data environments or the cloud.Streamlined tokenizationVormetric Tokenization offers format-preserving or randomtokenization to protect sensitive data. Policy-baseddynamic data masking protects data in use. A RESTful APIin combination with centralized management and servicesenables the implement tokenization with a single line of codeper field. Centralized Tokenization Server managementand configuration includes an operational dashboardwith convenient tokenization configuration workflows in agraphical user interface.Dynamic data masking. Policies define whether a field isreturned fully or partially masked based on user identificationcontrolled by an AD or LDAP server.Technical specificationsTokenization capabilities: Format-preserving tokens (FF1 or FF3,alphanumeric/numeric) with irreversible option Random tokens (alphanumeric/numeric, data lengthup to 128K) Date tokenization Both FPE and random tokens can be configured topass a Luhn checkDynamic data masking capabilities: Policy based, number of left and/or right charactersexposed, with customizable mask characterDeployment Form Factors and Options: Open Virtualization Format (.OVA) and InternationalOrganization for Standardization (.iso) Microsoft Hyper-V VHD Amazon Machine Image (.ami) Microsoft Azure Marketplace Google Cloud PlatformSystem requirements:For example, the policies could enable customer servicerepresentatives to see only the last four digits of credit cardnumbers, while account receivables staff could access the fullcredit card number. Minimum hardware: 4 CPU cores, 16–32 GB RAMNon-disruptive. Format preserving tokenization protectssensitive data without changing the database schema. RESTful APIs Minimum disk: 80GBApplication integration:Authentication integration: Lightweight Directory Access Protocol (LDAP) Active Directory (AD) Client Certificate OAuth2Performance: More than 1 million credit card size tokenizationtransactions per second, per token server (usingmultiple threads and batch (or vector) mode) on a32-core server (dual-socket Xeon E5-2630v3) with16 GB RAMVormetric Data Security Platform13
Vormetric Application EncryptionVormetric Application Encryption delivers key management,signing, and encryption services enabl
The Vormetric Data Security Platform features these products: Vormetric Data Security Manager. The centralized management environment for all Vormetric Data Security Platform products. Provides policy control as well as secure generation, management and storage of encryption keys. Includes a Web-based console, CLI, SOAP and REST APIs.
