|
Alliance
Encryption Server for System i
The
Alliance Encryption Server for System i solution
provides encryption and decryption services for
applications on System i, Windows, Linux, UNIX, and
System z. The Alliance Encryption Server for System I
incorporates encryption key management, compliance audit
trails, and authentication of client applications.
Alliance
Encryption Server provides a data encryption solution
that can be deployed in any data center to provide
encryption services to a wide variety of applications
and platforms. Applications can encrypt and decrypt
information using a Service Oriented Architecture (SOA),
and is ideal when you do not want to deploy encryption
and key management software on every server.
Applications on System i, Windows, Linux, UNIX,
and System z platforms can securely encrypt and decrypt
data using an authenticated SSL/TLS encrypted session.
Alliance Encryption Server for System i is
available as a software-only solution, or as a hardware
appliance ready to deploy in your data center.
Key
management
Alliance
encryption server supports the creation and management
of encryption keys for use with your encryption and
decryption needs. Encryption keys are secured and only
used for authenticated client applications. You can
change keys automatically or manually as needed. Key
import and export operations are allowed to authorized
administrators in order to support the migration of
existing keys to the encryption server, and export of
keys to external systems.
Secure
encryption and decryption
Alliance
Encryption Server provides encryption services to
Windows, Linux, UNIX, System i and System z applications
using a secure and authenticated SSL/TLS TCP connection
to the encryption server. Alliance encryption server
authenticates the client application before allowing
encryption processing. The interface to the encryption
server is identical for all applications in the
Enterprise making the deployment of encryption processes
easy for developers. Alliance software is not required
on the client, an no additional third party software is
required for encryption services. Alliance Encryption
Server can handle both ASCII and EBCDIC character
systems to fully support heterogeneous computing
environments.
Key
distribution
Encryption
keys can be imported to the Alliance Encryption Server
in several formats including raw, Base64 encoded, and
hex encoded. You can also export encryption keys for
distribution to other key management solutions. All key
distribution operations are logged for compliance audit
and are integrated with secure system logging.
NIST
certified AES encryption
Alliance
Encryption Server is based on the Alliance AES
encryption solutions from Patrick Townsend &
Associates which are NIST certified for compliance to
the AES specification. NIST certification means that you
can have confidence in the accuracy, reliability, and
completeness of your encryption solution. NIST
certificates are available at the NIST web site (www.nist.gov)
and on request.
Secure
administration
Alliance
Encryption Server provides system administration using a
secure connection. The optional biometric authentication
module provides strong authentication of a system
administrator performing key management and
configuration tasks. All key management and system
administration tasks are recorded in compliance audit
trails and logged to the integrated system logging
facility. Alliance Encryption Server will report all
systems management activity to a central system log
server or log monitoring solution.
Compliance
audit and system logging
The
Alliance Encryption Server provides compliance audit
trails and system logging for all systems management,
key management, and configuration options. System logs
are transmitted in real time to your system logging
server or log monitoring software. When combined with
the biometric authentication option, additional
compliance reports are available that correlate system
administrator access to biometric authentication
information.
Scalability
The
Alliance Encryption Server can scale up for high volume
transaction environments. Based on the IBM System i
POWER platform, the Alliance Encryption Server can run
on an entry level system with a single 64-bit POWER
processor, a mid-tier system with 4 to 8 POWER
processors, or a high end system with 64+ POWER
processors. Hardware upgrades do not require software
changes.
High
availability and disaster recovery
Alliance
Encryption Server is compatible with a number of high
availability solutions including Vision, iTera, MIMIX,
and others. When purchased as a hardware appliance
solution Alliance Encryption Server includes high
availability and mirroring software and will
automatically replicate to your back up encryption
server.
Hardware
and software support
Alliance
Encryption Server for System i is available as a
software-only solution for Enterprise customers with
existing IBM System i server infrastructure. Alliance
Encryption Server for System i can also be purchased as
a hardware appliance ready to deploy in your data
center. As an appliance the solution includes one year
of hardware and software maintenance and support.
|
