Hyperconverged infrastructure (HCI) is a popular choice for modernizing data centers and supporting mission-critical enterprise applications. However, HCI also brings new challenges for data security and compliance, especially when it comes to managing encryption keys across multiple platforms and environments. In this post, we will introduce how Sangfor HCI and Thales CipherTrust KMS work together to provide a secure and compliant solution for key management on HCI.

Thales

Compliance Challenges for Key Management on HCI

HCI simplifies the deployment and management of compute, storage, and network resources by consolidating them into a single platform. However, this also means that the encryption keys that protect the data stored on HCI need to be managed in a centralized and consistent way. Some of the compliance challenges for key management on HCI include:

  • Ensuring that encryption keys are stored securely and separately from the data they protect, to prevent unauthorized access or tampering.
  • Implementing policies and controls to govern the life cycle of encryption keys, such as creation, rotation, revocation, backup, and recovery.
  • Supporting multiple encryption standards and algorithms, such as AES, RSA, ECC, and KMIP, to meet the requirements of different applications and regulations.
  • Integrating with various cloud services and platforms, such as AWS, Azure, Google Cloud, VMware, and Kubernetes, to enable seamless encryption and key management across hybrid environments.
  • Auditing and reporting on the usage and status of encryption keys, to demonstrate compliance with internal and external policies and regulations.

Thales CipherTrust KMS: A Trusted Solution for Encryption Key Management

Thales CipherTrust KMS is a comprehensive solution for encryption key management that addresses the compliance challenges for key management on HCI. Thales CipherTrust KMS offers the following benefits:

  • It provides a centralized platform for managing encryption keys across multiple platforms and environments, including HCI, cloud, virtualization, containers, databases, applications, and devices.
  • It supports various encryption standards and algorithms, such as AES, RSA, ECC, and KMIP, to enable interoperability and compatibility with different encryption products and services.
  • It enables separation of duties between data owners and key custodians, by securely storing encryption keys in a dedicated hardware security module (HSM) or in the cloud.
  • It automates key lifecycle management processes, such as creation, rotation, revocation, backup, and recovery, based on predefined policies and schedules.
  • It integrates with various cloud services and platforms, such as AWS KMS, Azure Key Vault, Google Cloud KMS, VMware vSphere, Kubernetes, etc., to enable consistent encryption and key management across hybrid environments.
  • It provides audit trails and reports on the usage and status of encryption keys, to facilitate compliance monitoring and reporting.

Sangfor HCI: A Leading Platform for Hyperconverged Infrastructure

Sangfor HCI is a leading hyperconverged infrastructure platform that provides a one-stop solution for cloud computing and data center transformation. Sangfor HCI offers the following benefits:

  • It simplifies the deployment and management of compute, storage, security, and network resources by consolidating them into a single platform that can be easily scaled out according to business needs.
  • It enhances the performance and reliability of applications by leveraging advanced technologies such as NVMe SSDs, RDMA, etc.
  • It reduces the total cost of ownership (TCO) by optimizing resource utilization and eliminating unnecessary hardware purchases and maintenance costs.
  • It supports various types of workloads and applications, such as virtual desktop infrastructure (VDI), database (DB), artificial intelligence (AI), etc., by providing flexible configuration options and tailored solutions.
  • It enables seamless integration with Sangfor Managed Cloud Service (MCS) to enable hybrid cloud scenarios such as cloud bursting, disaster recovery, backup, etc.

How Sangfor HCI and Thales CipherTrust KMS Work Together

Sangfor HCI and Thales CipherTrust KMS work together to provide a secure and compliant solution for key management on HCI. The integration between Sangfor HCI and Thales CipherTrust KMS enables the following capabilities:

  • Encryption of data at rest on Sangfor HCI using AES-256 algorithm with XTS mode.
  • Encryption of data in transit between Sangfor HCI nodes using TLS 1.2 protocol with AES-256 algorithm with GCM mode.
  • Centralized management of encryption keys on Thales CipherTrust KMS using KMIP protocol.
  • Secure storage of encryption keys on Thales CipherTrust KMS using HSM or cloud service.
  • Automated key lifecycle management on Thales CipherTrust KMS using policies and schedules.
  • Seamless integration with cloud services and platforms using Thales CipherTrust KMS connectors and APIs.

image of sangfor cloud platform

Use Cases for CipherTrust KMS on Sangfor HCI

There are many use cases for CipherTrust on HCI, such as:

  • Protecting sensitive data from unauthorized access or theft, such as personal information, financial records, intellectual property, etc.
  • Meeting compliance requirements for data security and privacy, such as GDPR, PCI DSS, HIPAA, etc.
  • Enabling secure data migration and replication across different platforms and environments, such as HCI, cloud, virtualization, containers, etc.
  • Supporting disaster recovery and backup scenarios by ensuring data availability and integrity in case of system failure or outage.
  • Enhancing data governance and auditability by tracking and reporting on the usage and status of encryption keys.

Conclusion

Sangfor HCI and Thales CipherTrust KMS provide a secure and compliant solution for key management on HCI. By integrating Sangfor HCI and Thales CipherTrust KMS, organizations can benefit from the simplicity, performance, scalability, and cost-effectiveness of HCI, while ensuring the security, compliance, interoperability, and automation of encryption key management. To learn more about Sangfor HCI and Thales CipherTrust KMS, please visit  https://cpl.thalesgroup.com/partners/sangfor-technologies-inc  or contact our sales representatives.

 

Contact Us for Business Inquiry

Listen To This Post

Search

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Related Articles

News

Sangfor Technologies Partners with Two Malaysian Universities to Boost Cybersecurity Education

Date : 12 Jun 2024
Read Now
News

Sangfor Technologies and DVCOM Technology Sign Distribution Partnership for MENA Region

Date : 29 May 2024
Read Now
News

Launching Sangfor VDI 5.9.1: Bringing the Workspace to Life with AI

Date : 04 Mar 2024
Read Now

See Other Product

SIER
EasyConnect
aStor
More Advanced VDI Features
Sangfor Application Delivery (AD) Product Series
Sangfor HCI: Best VMware Alternative in 2024