Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Review: Enterprise Key Management Software: Page 7 of 9

The KeyVault enables secure IP-based management of keys between CryptoStor Tape systems as well as other KeyVaults in a clustered environment. The system offers FIPS 140-2 Level 3 security and can generate and maintain on the order of 200 million random keys per appliance. Clustering multiple KeyVaults allows for automation and centralized management of key usage policies across remote locations and provides support for simplified off-site key accessibility in the event of a disaster-recovery scenario.

For emergency key recovery, NeoScale uses smartcards and an "M of N" policy. Each KeyVault also supports creation of multiple security domains and role-based control for access to management functions. The system offers five levels of access: administrators, security officers, recovery officers, key domain managers and auditors. To protect against insider threats, these roles can be designated to ensure that no single individual has access to all functions.

NeoScale was one of the first vendors to publish its key-management API, letting third-party vendors write modules that can natively interface their encryption endpoints with the KeyVault. So far only Entrust, Optica Technologies and Symantec have partnered with NeoScale on this, so it remains to be seen how well its open API strategy will play in the long run as other standards evolve. Still, at least the company is making an effort.

Aside from its FIPS 140-2 Level 3 rating, the CryptoStor KeyVault system has been certified under FIPS 197 for Advanced Encryption Algorithm, FIPS 180-2 for Secure Hash Standards, FIPS 186-2 for Random Number Generation and FIPS 186-2 for Digital Signature Standards.

RSA Key Manager