Digital Certificate and Key Lifecycle Management and Automation with SafeNet Assured Technologies

AppViewX and SafeNet AT Joint Solution

AppViewX and SafeNet AT’s partnership helps enterprises overcome the challenges brought by managing private keys in a complex infrastructure. For enhanced security and compliance, private keys must be encrypted before they are stored in an enterprise’s infrastructure.

Our combined solution gives the enterprise multiple options that cater to the specific needs of that infrastructure. AppViewX acts as the automation and orchestration engine for the lifecycle management of X.509 certificates, and SafeNet AT aids in the security of the private keys associated with those certificates.

Solution Highlights

Certificate Management with Encrypted Private Key Storage in AppViewX

This solution is useful for enterprises seeking to generate and store private keys inside AppViewX and limit their encryption to the HSM device for optimum resource utilization. Before being stored in an AES-256 encrypted database, the private keys undergo multiple layers of encryption by Data Encryption Key (DEK), Key Encryption Key (KEK) and Master Encryption Key (MEK). While the encrypted private key, encrypted DEK, and encrypted KEK reside inside AppViewX, the MEK is stored inside the HSM and cannot be retrieved. This solution is suitable for all ADC and server devices.

Certificate Management in AppViewX and Private Key Storage in SafeNet AT

Enterprises can use this solution to assign AppViewX to certificate management activities while HSM is used to both generate and store private keys in the name of added security. The private key generated within the HSM cannot be removed and is completely shielded from tampering. This particular solution is suitable for all supported devices that can initiate direct communication with the HSM and use a key identifier to access private keys.

Comprehensive Role-Based Access Control

The first step in any access control process is having complete visibility into your certificate ecosystem. Sifting through the thousands of certificates in your inventory can be cumbersome. With our holistic view, CERT+ graphically represents important certificate information like the chain of trust, associated devices, and HSM. Users can also perform necessary lifecycle management tasks like issuing, renewing and revoking multiple certificates all within the holistic view itself.

Benefits

  • Encrypt and protect private keys using an industry-standard, FIPS 140-2 certified HSM

  • Manage and automate multi-vendor X.509 certificates across multiple devices

  • Gain visibility and control across all certificates and its keys

  • Enforce policies and ensure compliance across the network

  • Deliver secure, encrypted communications faster by reducing certificate deployment time by up to 70%

About SafeNet Assured Technologies

SafeNet Assured Technologies, LLC protects the U.S. Federal Government’s most sensitive information systems. As a U.S. based company, SafeNet Assured Technologies’ mission is to provide high assurance data security products and technologies to the Federal Government. Defense, intelligence, and civilian agencies trust SafeNet Assured Technologies to provide encryption-based identity and authentication solutions, secure sensitive data and networks, and enable assured information sharing.