AppViewX and SafeNet AT’s partnership helps enterprises overcome the challenges brought by managing private keys in a complex infrastructure. For enhanced security and compliance, private keys must be encrypted before they are stored in an enterprise’s infrastructure.
Our combined solution gives the enterprise multiple options that cater to the specific needs of that infrastructure. AppViewX acts as the automation and orchestration engine for the lifecycle management of X.509 certificates, and SafeNet AT aids in the security of the private keys associated with those certificates.
Certificate Management with Encrypted Private Key Storage in AppViewX
This solution is useful for enterprises seeking to generate and store private keys inside AppViewX and limit their encryption to the HSM device for optimum resource utilization. Before being stored in an AES-256 encrypted database, the private keys undergo multiple layers of encryption by Data Encryption Key (DEK), Key Encryption Key (KEK) and Master Encryption Key (MEK). While the encrypted private key, encrypted DEK, and encrypted KEK reside inside AppViewX, the MEK is stored inside the HSM and cannot be retrieved. This solution is suitable for all ADC and server devices.
Certificate Management in AppViewX and Private Key Storage in SafeNet AT
Enterprises can use this solution to assign AppViewX to certificate management activities while HSM is used to both generate and store private keys in the name of added security. The private key generated within the HSM cannot be removed and is completely shielded from tampering. This particular solution is suitable for all supported devices that can initiate direct communication with the HSM and use a key identifier to access private keys.
Comprehensive Role-Based Access Control
The first step in any access control process is having complete visibility into your certificate ecosystem. Sifting through the thousands of certificates in your inventory can be cumbersome. With our holistic view, CERT+ graphically represents important certificate information like the chain of trust, associated devices, and HSM. Users can also perform necessary lifecycle management tasks like issuing, renewing and revoking multiple certificates all within the holistic view itself.
SafeNet Assured Technologies, LLC protects the U.S. Federal Government’s most sensitive information systems. As a U.S. based company, SafeNet Assured Technologies’ mission is to provide high assurance data security products and technologies to the Federal Government. Defense, intelligence, and civilian agencies trust SafeNet Assured Technologies to provide encryption-based identity and authentication solutions, secure sensitive data and networks, and enable assured information sharing.
Subscribe to our blog to get tech tips, industry news, and thought leadership articles right in your inbox!
| 2 Min Read
| 2 Min Read