info@fortanix.com | +1 (628) 400 2043 | 444 Castro St #305 Mountain View, CA 94041info@fortanix.com | +1 (628) 400 2043 | 444 Castro St #305 Mountain View, CA 94041

Secure Simple Scalable

Secured with Intel® SGX and built using Fortanix’s patented Runtime Encryption Technology, SDKMS ensures that you remain in complete control over your keys and secrets.

SDKMS provides control of and visibility into your key management operations using a centralized web-based UI with enterprise level access controls and single sign-on support.

SDKMS is built to scale horizontally and geographically as your demand for managing your keys and secrets increases, while providing automated load-balancing, disaster recovery, and high availability.

Self-Defending Key Management Service (SDKMS) allows you to securely generate, store, and use cryp-tographic keys and certificates, as well as secrets such as passwords, API keys, tokens, or any blob of data.

Self-Defending Key Management Service™Next-generation HSM and KMS for cloud-scale applications

Centralized Management

Centralized Tamper-Proof

Audit LogsRBAC Key Generation

& BYOKKey Lifecycle Management Plugins Secrets

ManagementTokenizationEncryption

Cloud NativeApplications

LegacyApplications

Hybrid & Multi-CloudApplications Databases

DataWarehouses Data Lakes

RESTful APIsKMIP PKCS#11, CNG, JCE...

MSP/CSP Blockchain SecureManufacturing

SDKMS

SDKMSSDKMS

Runtime Encryption® PlatformDelivering deterministic security with Intel® SGX

Try Fortanix SDKMShttps://sdkms.fortanix.com

request a demo at www.fortanix.com

Secure Multi-party Analytics at Scale

Deterministic Security Easy to Use Broad Application

Support

Trusted by:

EnclaveOS

Runtime Encryption® enables a fundamentally new level of security and privacy for organizations with sensitive workloads, even with com-promised infrastructure. We ensure that your data remains protected even when your adversary has a root pass-word and physical access to the servers!

The Fortanix Runtime Encryption® platform leverages Intel® SGX to enable general pur-pose computation on encrypted data without ever exposing plaintext application code or data.

The Fortanix Runtime Encryption® platform includes EnclaveOS®, which transparently protects applications without requiring modi-fications; and Enclave Manager: an orchestra-tion service that is designed to allow applica-tions running in enclaves.

Readily create complex yet secure appli-cations such as 3-tier apps or scale-out distributed apps. You can seamlessly protect container-based services for your cloud-na-tive apps.

Featured Use Case• Through Runtime Encryption® plat-

form, multi party can perform data analytics securely. The data from multi party is processed inside In-tel® SGX powered secure enclaves.

• Analysts can harvest insights from data without having access. Sensitive data remains secured at all times.

• Unlock business value while meet-ing compliance requirements.

request a demo at www.fortanix.com

BANK

TELCO

ENCRYPTED DATA

COMPUTE FARM

RESULTING DATA

ENCLAVE MANAGER

ANALYTICS APP

(FRAUD RISK ASSESMENT)

info@fortanix.com | +1 (628) 400 2043 | 444 Castro St #305 Mountain View, CA 94041info@fortanix.com | +1 (628) 400 2043 | 444 Castro St #305 Mountain View, CA 94041

The FX2200 II was Born in the Cloud and used across the globe, in the largest Data Centers. Designed to deliver secure Key Management, Hardware Security Module and Cryptography services.

Fortanix FX2200 II is the ideal building block for implementing Fortanix Self-Defending Key Management Service™ (SDKMS) in a private cloud or as a managed service. With SDKMS, you can securely generate, store, and use cryptographic keys and certificates, as well as secrets, such as passwords, API keys, tokens, or any blob of data. Built from the ground up for modern cloud applications, SDKMS provides REST APIs alongside traditional interfaces, native server-side clustering, centralized management, secure audit logs, and more!

HSM-grade Security with Software-defined Simplicity

• Fips 140-2 Level 3 Key storage module• Integrated HSM, key management, plug-in and tokenization• Secured with Intel® SGX to ensure that only authorized user

hasaccess to your keys and data

Trusted Auto Scaling

• Get started with as little as three FX2200 II• Trusted auto-scaling by using

quorum distributed computing• Support on-premise, hybrid cloud or multi-cloud applications

Always On

• Highly available, Always-on clustered design • Non-disruptive upgrade and maintenance operations• Central monitoring tools and integrations• Robust application support and services

Fortanix FX2200 II HSM

FX2200/2 rear view

FX2200 II Node Technical Specification

Cryptography Full NSA Suite B algorithms

Interfaces supported

REST APIs, PKCS#11, Microsoft CAPI and CNG, JCE, KMIP

Certifications FIPS 140-2 Level 3*

FIPS key storage

Fortanix proprietary key storage module

Operating environment

Self-Defending Key Management Ser-vice™ (running on Ubuntu Linux 16.04)

Processor Intel® SGX

Memory 64GB high speed memory

Dimensions 1U Rackmount

Weight Fortanix proprietary key storage module

Fortanix Self-Defending Key Management Service (SDKMS) encrypts data-at-rest in vSphere and vSAN. The joint VMware and Fortanix SDKMS solution offer scalable data protection and compliance for software-defined data center and cloud environments.

Benefits of SDKMS for encryption in VMware environments:

SDKMS for vSphere VM Encryption and SDKMS for vSAN Encryption  

vCenter

VM Encryption

KMIP

Fortanix SDKMS Fortanix SDKMS

(#%^|@*%!(##%

Virtual SAN...

Virtual SAN Data Store

...

vCenter KMIP

SDKMS: A go-to solution for VMware Encryption

Software-Defined, Hardware-Secured

SDKMS delivers unified HSM and key management capabilities with the operational simplicity of a single solu-tion to VMware environments. Secured with Runtime Encryption® and Intel® SGX SDKMS ensures that you remain in complete control of your keys and secrets.

Cost Effective Consumption SDKMS delivers the most cost-effec-tive secure key management solution for VMware environments period! SDKMS does not require additional license charges for connectors etc., leaving you with complete flexibility in protecting your VMware clusters, hosts and data stores.

Scalability and Availability

SDKMS has built-in and automated high availability and load balancing. All you need to do is configure a SDKMS cluster as a KMS in vCenter.The always-on HA and load-balancing paradigm is conceptually like VMware vMotion and DRS capabilities. SDKMS eliminates operational complexity, en-abling it to easily scale to multiple sites and serve hybrid cloud deployments.

Fortanix SDKMS Cluster

Site A Site B

SDKMS node SDKMS node SDKMS node SDKMS node

vCenter

vSphere + Virtual SAN...

Virtual SAN Data Store

...

...

vSphere + Virtual SAN...

Virtual SAN Data Store

...

...

The only integrated HSM and KMS on the market designed for the cloud.