IBM Tivoli Key Lifecycle Manager for Storage - Software Subscription and Su

Mfg.Part: E05HKLL-G | CDW Part: 2182959 | UNSPSC: 43233205
Availability: 1-3 days
Warranties
$81.99 Advertised Price
Advertised Price
Product Details
  • Software Subscription and Support Renewal (1 year)
  • 1 resource value unit
  • Passport Advantage Express
  • Linux
  • Win
  • AIX
  • Solaris SPARC
View Full Product Details
Better Together
Quick View
Total Price:

Product Overview

Main Features
  • Software Subscription and Support Renewal (1 year)
  • 1 resource value unit
  • Passport Advantage Express
  • Linux
  • Win
  • AIX
  • Solaris SPARC
Simplify, centralize and strengthen encryption key management. IBM Tivoli Key Lifecycle Manager helps IT organizations better manage the encryption key lifecycle by enabling them to centralize and strengthen key management processes.

IBM Tivoli Key Lifecycle Manager provides a simple solution to the complex problem of key management. Traditionally, the more encryption you deploy, the more keys you have to manage. And these keys have their own lifecycles, separate from the data they're protecting - and that lifecycle has to be managed, from initialization and activation through expiration and destruction. Tivoli Key Lifecycle Manager can help you better manage the encryption key lifecycle, allowing you to simplify, centralize, and strengthen your organization's key management processes.

Tivoli Key Lifecycle Manager serves keys at the time of use to allow for centralized storage of key material in a secure location, a unique approach that supports multiple protocols for key serving and manages certificates as well as symmetric and asymmetric keys. Users can also centrally create, import, distribute, back up, archive and manage the lifecycle of those keys and certificates using a customizable graphical user interface (GUI).Tivoli Key Lifecycle Manager's transparent encryption implementation means that keys are generated and served from a centralized location and are never sent or stored "in the clear." The embedded encryption engine in the IBM self-encrypting tape offerings encrypt and decrypt the data as it enters and leaves the drive at native tape speeds, which means both faster and more secure handling of data.

These rich capabilities are made possible by strong authentication between IBM storage systems and Tivoli Key Lifecycle Manager. The drives are manufactured with a built-in unique certificate. When the drives are mounted, an ephemeral pair of RSA authentication keys is generated. This pair of keys is digitally signed by the drive and then sent to the centralized manager, which in turn validates the signature on the generated key pair through the certificate authority. The final step in the process happens when Tivoli Key Lifecycle Manager checks to make sure the device is valid by verifying that it exists in the drive table. Any unknown device is rejected. With this strategy, a rogue device can-not be deployed on the network and used to intercept organizational data. Nor can the data be intercepted and decrypted as it is being written to or read from the device. In addition to strong authentication, there is also strong security between the storage device and Tivoli Key Lifecycle Manager. The software generates a session key using the generated key pair from the storage device. Using a pre-generated key, the software then sets an encryption key to be used for an individual cartridge on the storage device. Finally, the software wraps the encryption key with the session key and returns the key to the device. This approach to encryption can dramatically increase data security while simplifying encryption key management.

Tivoli Key Lifecycle Manager can be applied at different levels to simplify key management while meeting the unique needs of your organization.

Tivoli Key Lifecycle Manager provides an easy-to-use, Web-based GUI that helps simplify key configuration and management tasks. With this GUI, administrators can easily create key-stores, assign keys and certificates, and manage the lifecycle of both from a centralized console. The software itself is typically installed on your most secure and highly available server or dedicated workstation. Once installed, the GUI allows administrators to perform basic local key lifecycle management on the drives, and offers not only configuration and setup tools, but also audit and compliance support. The software provides auto-discovery of encryption-capable devices and assigns default keys to each one. The GUI also allows administrators to implement key retention for backed-up data and to address rules for regulatory compliance and legal discovery. In case of disaster, the administrator can provide a set of keys that can unlock encrypted backups and make them available for use again.

Tivoli Key Lifecycle Manager uses a wizard-based guide to help administrators through a series of simple, task-based screens. The first task is to create a key store, which is then used to hold all the keys and certificates managed by Tivoli Key Lifecycle Manager. To configure a key store, the administrator enters relevant information about it into the system, such as its name, the key store type, the path where it will be stored, and its password. Once the key store is created, the administrator can configure different devices to use certain communication protocols. Administrators also have the option of setting the audit level (from low to high) and setting other key serving parameters, such as TCP port, SSL port and timeouts.

Tivoli Key Lifecycle Manager enables a unified key management strategy that can help better secure your data, with performance you need to support your critical business functions. Built on open standards, the solution enables flexibility and facilitates vendor interoperability. Its intuitive interface enables quick time to value, while its innovative approach can help dramatically reduce the number of keys administrators have to manage. By enabling centralized management of strong encryption keys throughout the key lifecycle, Tivoli Key Lifecycle Manager can help minimize the risk of exposure as well as helping to reduce operational costs.