•   SUPPORT +49 89 420447-30
  •   This email address is being protected from spambots. You need JavaScript enabled to view it.   |
  •   SALES +49 89 420447-20
  •   This email address is being protected from spambots. You need JavaScript enabled to view it.

Trial Version

Do you want to test the product?
It´s a pleasure for us to provide you with a trial version.
Please get in contact with us.

Request a trial version


k460 frontlp

SafeNet KeySecure Product Brief

Datasheet - PDF

SafeNet KeySecure


SafeNet KeySecure is an  Enterprise Key Management (EKM) solution that enables a single, centralized platform for managing cryptographic keys, certificates and applications. As the use of encryption proliferates throughout the corporation, security teams must scale their management of encryption keys, including key generation, key import and export, key rotation, and much more. With KeySecure, administrators can simultaneously manage multiple, disparate encryption appliances and associated encyrption keys, passwords and certificates through a single, centralized key management platform. 

Heterogeneous Key Lifecycle Management 

With KeySecure can centrally manage and record key attributes, state changes and key provisioning for disparate encryption solutions.

Granular Policy Administration  

KeySecure enables granular authorization controls based on user key permissions. Existing access controls can be automatically retrieved from  LDAP/Active Directory services and further defined within the KeySecure Administration console to provide an additional layer of access management.

Centralized Monitoring and Auditing for Compliance Mandates

KeySecure has built-in auditing, logging, and alerting for facilitating compliance mandates. All keys are securely managed, key ownership is clearly defined, and key lifecycle management and modifications are recorded and securely stored providing a non-repudiative audit trail of key state changes.



  • NIST FIPS 140-2 Level 3 for SafeNet LUNA® PCI-e Cryptographic Module embedded encryption card (validation in process)


  • AES, 3DES, DES, RSA (signatures and encryption), RC4, HMAC SHA-I – SHA512, SEED encryption
    • Asymmetric key sizes
      • 1024, 2048, 3072, 4096
    • Symmetric key sizes
      • 128, 192, 256

Key Management Protocol

  • OASIS KMIP (Key Management Interoperability Protocol) 1.0 Specification compliant
  • NIST 800-57 Key Lifecycle support
  • Symmetric Key, Asymmetric Key, Opaque, Secret Data, Template
  • Operations: Create, CreateKeyPair, Register, Get, GetAttribute, GetAttributeList, Locate, Query, Add/Delete/Modify Attributes

Role-based Management Control

  • Multiple restricted roles can be defined for each administrator
  • Automated, self-contained key management
  • Multi-credential administrative authorization for sensitive security operations

Key Availability and Capacity

  • Secure key replication to multiple appliances
  • Intelligent key sharing via key sharing groups

High Availability and Redundancy

  • Active-Active mode of clustering
  • Multiple geographies
  • Hierarchical clustering

Supported Technologies

API support


Network management

  • SNMP (v1, v2, and v3), NTP, URL health check, signed secure logs & syslog, automatic log rotation, secured encrypted and integritychecked backups and upgrades, extensive statistics

System administration

  • Secure Web

Supported Directory Services

  • LDAP and Active Directory services

Deployment Options

KeySecure k460

  • Up to 1 million symmetric & asymmetric keysstored per cluster
  • Up to 1,000 concurrent clients

Supported Appliances

  • Hardware Security Modules (HSM)
    • SafeNet LUNA SA
    • SafeNet LUNA PCI
  • NAS, SAN & DAS Storage appliances
    • SafeNet's storage encryption solution, StorageSecure
    • NetApp NSE, DataFort and LKM
  • SAN Switches
    • Brocade Encryption Switch (BES)
  • Tape Libraries
    • Quantum Tape Libraries
  • Cloud Encryption/Virtual Instances
    • SafeNet ProtectV
  • KMIP-compliant servers and clients

KeySecure k150

  • Up to 25,000 symmetric & asymmetric keys stored per cluster
  • Up to 100 concurrent clients

Supported Appliances

  • Tape Libraries
    • Quantum Tape Libraries
  • Cloud Encryption/Virtual Instances
    • SafeNet ProtectV
  • KMIP-compliant servers and clients

Features & Benefits

Centralized Key Administration. A single, centralized key management console to manage encryption keys and their lifecycle for disparate encryption solutions . Consolidating key management allows administrators to monitor all encryption key activities for tape and disk-based storage platforms, SAN switches, databases, applications, and more. 

KMIP Compliant. Enables the management of c ryptographic modules and storage devices from different vendors within a single centralized key lifecycle management system.  

Hardened, self-contained, tamper-proof  key management appliance.   There are no servers to set up or software to install and maintain, reducing your operating costs, and freeing security and IT personnel. As your environment grows and evolves, KeySecure appliances can be easily added as needed. Keys are automatically replicated among nodes of the cluster.  

Safeguards keys against theft, tampering, and unexpected system failures. KeySecure centralizes all key management activities, including key signing, role-based administration, quorum control, and the backup and distribution of encryption keys across the enterprise. For sensitive security operations, KeySecure allows you to stipulate multiple credential authorization from more than one administrator.    

Resiliency and Availability. KeySecure clustering enables multiple KeySecure appliances to share configuration settings in an active-active mode. Configuration changes are replicated instantly to all the members within the same cluster. 

Cloud Ready. KeySecure and the associated data is only accessible to authorized administrators and users. KeySecure is highly scalable for large implementations across cloud zones and cloud providers. Cloud administrators are able to manage and maintain servers without accessing the data or risking data security.

Our Philosophy

Our goal is to assist you in solving specific security problems on the Internet, IT networks and in telecommunications.

We achieve this goal by the quality and actuality of our security products, as well as competence and commitment of our team.

Contact Options

Contact Sales (inquiries,
licenses, orders, ...)
  • +49 89 420447-20
  • This email address is being protected from spambots. You need JavaScript enabled to view it.
Contact Support (settings, ...)
  • +49 89 420447-30
  • This email address is being protected from spambots. You need JavaScript enabled to view it.

Company Details

CyProtect AG - Internet Security


Schatzbogen 56
81829 Munich
  • +49 89 420447 79