Protecting

Your Critical data

ProtectV

Rami Shalom

VP of Product Management

Data Encryption

SafeNet

WHERE IS YOUR DATA? WHERE ARE YOUR KEYS?

Virtual Machines

File

Server

s

Databases

Site-to-site

Data in Motion

Applications

SaaS Apps

Live Data

1

Virtualized Data

3

Key Management

and Root of Trust

4

Access

5

Stored Data

2

Warning

• Pockets of Encryption

• Operational Inefficiencies

• Audit Deficiencies & Failures

• Sensitive Data Exposure

Protecting What Matters, Where it Matters

SafeNet Virtualization & Cloud data protection - ProtectV

What is ProtectV?

ProtectV is the industry's first comprehensive solution for protecting

your data across physical, virtual, and cloud environments.

With ProtectV you can:

• Isolate Virtual Machines and storage

• Authorize VM launches with SafeNet StartGuard

• Track access to all copies of your data

• Revoke key access after a breach

ProtectV enables you to migrate your sensitive data to untrusted or

shared environments securely.

Storage

Hypervisor

Hardware Layer

Backup Snapshots

App

OS

App

OS

App

OS

App

OS

App

OS

App

OS

Data copied into OS

partition’s RAM

Data copied into

storage

Data Protection Challenges for Cloud

& Virtualization Before

Data used by

financial app

Data copied in

hourly snapshot

App

OS

Choose Data Security OR Virtualization/Cloud

Storage

Hypervisor

Hardware Layer

Backup Snapshots

App

OS

App

OS

App

OS

App

OS

App

OS

App

OS

Data copied into OS

partition’s RAM

Data copied into

storage

Introducing ProtectV

Data Protection for the Cloud.

Data used by

financial app

Data copied in

hourly snapshot

App

OS

After

Enjoy Data Security AND Virtualization/Cloud

What is ProtectV?

It is not an appliance/virtual appliance or proxy service

App

OS

ProtectV

Hypervisor

Volume

ProtectV is a virtual server solution

Anatomy of Securing the Cloud

KeySecure 3

ProtectV Manager 2

ProtectV Client 1

Virtual Machines

ProtectV Client is installed

on your VMs.

ProtectV Manager is a virtual

machine that runs as a VM in

a VMware environment.

KeySecure is a hardware-based

high-assurance enterprise key

management solution.

Protected Volumes

Hypervisor

Storage

Separation of Duties with ProtectV

KeySecure (HA)

ProtectV Manager (HA)

ProtectV Clients

Secure

Channel

HTTPS

SSL

EKM

Admin

ProtectV

Admin

VM

Admin

VM

User

Deployment Scenario: Public Cloud

Example of an AWS EC2 deployment

Public Cloud

ProtectV Manager (HA)

Trusted on-premise location

ProtectV Client

KeySecure (HA)

ProtectV: Environment

ProtectV currently supports the following environments:

• VMware vCenter

• Amazon Web Services EC2

• Amazon Web Services VPC

Complementary products to ProtectV:

• KeySecure (k150 and k460) – physical or virtual

• DataSecure (i150 and i450) – physical or virtual

11 © SafeNet Confidential and Proprietary

ProtectV Delivers

Unified management - at-a-glance dashboard view

and central audit point

On-premise key management audit for encryption key

usage

Visibility and proof of data governance

Pre-launch user authorization to access a VM

Encryption based separation of duties across virtual

and physical environments

Unified HW based FIPS 140-2 level 3 certified key

management to ensure VM ownership

Ownership and control of your

data

Encryption of entire VM

Encryption of associated storage volumes (mapped

drives), VM instances (snapshots, backups) and

locations (DR sites etc.)

Even the entire OS partition is protected

Complete VM encryption

ProtectV Demo time…

Спасибо