SAFENET PROTECTV 3.6 – GA ANNOUNCEMENT
SafeNet ProtectV™ 3.6: Single Pane of Glass Security Management Across Cloud Enabled Environments
SafeNet ProtectV™ provides full disk encryption of bare metal servers, virtual machines and cloud instances so you can securely run even your most sensitive workloads or any highly regulated data in the cloud. Whether using Amazon Web Services (AWS), AWS GovCloud, Microsoft Azure, IBM Bluemix (formerly SoftLayer), or VMware vSphere, SafeNet ProtectV ensures cloud-enabled security across multiple cloud/hybrid environments.
SafeNet ProtectV 3.6 continues to provide further enhancements to enable single pane of glass security management to protect physical servers, virtual machines and cloud instances across virtual and cloud-enabled environments. SafeNet ProtectV 3.6 introduces support for ProtectV Manager on IBM Bluemix public cloud, extends support for Linux virtual machines in IBM Bluemix.
With SafeNet ProtectV 3.6, you can now deploy SafeNet ProtectV Manager and secure Windows and Linux virtual servers in IBM Bluemix Public Cloud. You no longer require a work disk to encrypt Linux servers with existing data on EXT 2, 3 or 4 file systems. ProtectV 3.6 also introduces support for Windows 2016 R2 and Windows 7 on VMware vSphere.
WHAT’S NEW IN PROTECTV 3.6
- SafeNet ProtectV Manager in IBM Bluemix
- SafeNet ProtectV 3.6 adds support for ProtectV Manager in the IBM Bluemix cloud. In addition an image template is provided to help launch ProtectV Manager in the Bluemix cloud.
- Support for IBM Bluemix Virtual Machines Running Linux
- SafeNet ProtectV 3.6 extends support for IBM Bluemix virtual machines running Linux platforms.
- Windows Server 2016 R2 Support
- SafeNet ProtectV 3.6 extends support for encryption of volumes on Windows Server 2016 R2 instances.
- Windows 7 in vSphere Support
- SafeNet ProtectV 3.6 extends support for encryption of volumes on Windows 7 instances in VMware vSphere.
SAFENET PROTECTV 3.6 IS AVAILABLE NOW!
SafeNet ProtectV 3.6 is available on IBM Marketplace, Microsoft Azure Marketplace (BYOL), via direct sales and on the Gemalto eService Support Portal and SafeNet Cloud Provisioning System.
MORE INFORMATION: ENABLE SECURITY AND COMPLIANCE IN THE CLOUD NOW WITH PROTECTV
Find out more about SafeNet ProtectV and SafeNet Cloud-Enabled Security from Gemalto:
- Brochure - SafeNet ProtectV Product Brief
- Technical Documentation - Please visit the support portal for the latest SafeNet ProtectV 3.6 support guides (registration is required).
For further information or questions, please contact your regional sales manager.
... read more »
Context-based Authentication and Enhanced User Login for SAML
This feature allows authentication requirements to vary depending on the context of the authentication request. Customers can configure a Contextual Authentication Policy that skips the authentication requirement when certain Contextual Authentication Rules are met, so that a password and/or one-time passcode is only required in high risk situations.
Contextual Authentication Conditions can check for Trusted Network and or for Known Device. The Trusted Network condition is based on determination of the IP address of the connecting user and whether that address falls inside a configurable set of trusted IP address ranges. The Known Device rule is based on the determination of whether the user previously authenticated from the same browser-device pair within a configurable time window. Context Based Authentication is being introduced for SAML authentication only in SafeNet Authentication Service Cloud Edition.
Enhanced User Login for SAML
A new optional user experience for SAML authentication has been enabled in SafeNet Authentication Service Cloud Edition, referred to as Enhanced User Login for SAML. This includes the following functional improvements:
• New and improved SAML Login user interface
• Change to the login flow whereby the user ID is submitted by the user before any additional login credentials are prompted for
• Automatic initiation of push, SMS, or GrIDsure authentication challenge under certain conditions
• A Remember Me on this Device option, enabling the user ID to be auto-filled in subsequent login attempts to SAML applications
• Additional context is provided to the user as they log in, with their username and name of the application being accessed displayed throughout the login flow
The Enhanced User Login for SAML feature is optional and controlled on a per SAML Service Provider basis in customers’ accounts. Customers have full control over the transition to the new user experience. The feature also introduces new customization parameters to control specific User Interface attributes.
... read more »
Product Update: SafeNet Crypto Command Center 2.2.1 Now Available
SafeNet Crypto Command Center 2.2.1: Featuring Secure Trusted Channel (STC), as well as Oracle and Red Hat support
STC: Benefit from improved secure communication through STC links between managed SafeNet Luna Network HSM partitions (software version 6.2.1 or higher and firmware version 6.24.2 or higher) and crypto application servers. With STC, client access is limited to systems possessing a registered software or hardware token. STC secures messages using endpoint and message authentication, verification, and encryption. The HSM/client communication integrity is ensured with STC, even when those messages are sent over public, or otherwise unsecured networks.
Oracle: Version 2.2.1 now supports Oracle database for use by SafeNet Crypto Command Center, in addition to PostgreSQL.
Red Hat: SafeNet Crypto Command Center 2.2.1 now supports Red Hat Enterprise Linux (REHL) and its open source derivative CentOS.
For additional information contact your Gemalto Business Development representative.
... read more »
ProtectServer PTK 5.3 Released
New Features and Enhancements
This release provides the following new features and enhancements:
Custom FM calls through Cryptoki, Secure Messaging, and HA/WLD
The new FMSC_ SendReceive function allows custom FMs to be called directly through the Cryptoki interface, rather than through the Message Dispatcher interface (ETHSM). A new sample FM, secfmenc , is provided to demonstrate the use of this function.
Custom FM calls can now use the following features:
- Secure Messaging : send and receive FM requests in encrypted form
- High Availability/Work Load Distribution : configurations can now be used with FMs
FM Compilation Support on Windows
SafeNet ProtectServer/ProtectToolkit 5.3 adds support for a Windows version of the FM emulation libraries, allowing the development, compilation, and testing of FMs on all supported Windows operating systems
Automated scripts are provided that build and install the cross- compiler and set up a MinGW environment.
Support for AIX 7.2
SafeNet ProtectServer/ProtectToolkit 5.3 adds support for the AIX 7.2 operating system.
Vulnerable Mechanisms Restricted by Default
Newly- discovered key extraction techniques have revealed vulnerabilities in some PKCS#11 mechanisms. These mechanisms are now restricted by default in the factory settings of all new HSMs, or when flags are set to " 0 " (all flags cleared). These mechanisms cannot be enabled in FIPS mode. The Weak PKCS#11 Mechanisms flag, when set ( ctconf - fw ), allows the use of these less- secure mechanisms.
The following mechanisms are affected:
- CKM_ CONCATENATE_ BASE_ AND_ DATA
- CKM_ CONCATENATE_ BASE_ AND_ KEY
- CKM_ CONCATENATE_ DATA_ AND_ BASE
- CKM_ XOR_ BASE_ AND_ DATA
- CKM_ XOR_ BASE_ AND_ KEY
- CKM_ EXTRACT_ KEY_ FROM_ KEY
Set Mode Tool for Changing Cryptoki Provider
In SafeNet ProtectServer/ProtectToolkit SDK 5.3 for Windows systems, the software emulation batch files for ctbrowse , KMU , and gCTAdmin have been removed, and a new executable binary file called setmode has been added. setmode allows the user to easily toggle between software emulator and hardware modes without manually editing the Windows registry.
SafeNet ProtectServer PCIe HSM Driver Timeout Configurable
SafeNet ProtectServer/ProtectToolkit now supports changing the environment variable ET_ HSM_ PCICLIENT_ READ_ TIMEOUT_ SECS, which determines the time (in seconds) the PCIe driver will wait before timing out on a read operation. It should be set long enough to avoid an unintentional timeout, shutting down the HSM.
PTK 5.3 can be downloaded from the Service Portal (https://serviceportal.safenet-inc.com) using the following document IDs:
- PTK 5.3 Software – DOW4557
- PTK 5.3 Documentation – DOW4558
- Firmware 5.00.06 - DOW4559
Customer release notes for the PTK5.3 release can be found at the following URL: http://www.securedbysafenet.com/releasenotes/ptk/crn_ptk_5-3.pdf
... read more »
SafeNet eToken 7300 - End of Sale Announcement
We’d like to update you that we are announcing End of Sale for SafeNet eToken 7300.
Last time (LTB)
May 30, 2017
May 31, 2017
May 31, 2018
For replacement products and additional details please refer to the End of Sales Announcement.
... read more »
Ezio Web Connector 3.2.0 is now available
Ezio Web Connector 3.2.0 is launched today, and it now supports our forthcoming Ezio BLE tokens and readers.
There is no need to upgrade for the moment, as the devices it supports have not been launched yet. But stay tuned for the first launch early next year!
... read more »
Ezio Mobile Protector SDK v4.1.1 is now available
This new version of Ezio Mobile Protector SDK is a maintenance release, fixing an incompatibility that had been identified with Android 7.1.1 Developer Preview on Ezio Mobile Protector SDK versions 4.0.0 and 4.1.0. If you have one of these versions, we strongly recommend that you upgrade to the new release.
This release also includes a feature improvement for iOS: a new API for TouchID brings enhanced security by enabling detection of changes to the fingerprint database.
... read more »
Ezio Server Software 2.5.0-SP release is available!
The Ezio Server Service Pack version 2.5.0-SP is available!
This release includes various security updates which address the concerns some customers have had on the third-party components used in Ezio Server.
We recommend that existing customers define a plan to upgrade to this release. Feel free to ask your Gemalto salesperson for help!
... read more »
SafeNet Authentication Service Agent for Epic Hyperspace 1.0 - Release Announcement
We are pleased to announce the release of SafeNet Authentication Service Agent for Epic Hyperspace v1.0, a new SafeNet Authentication Service agent that enables integration with Epic Hyperspace, Epic’s electronic health record (EHR) software. The agent is available for all editions of SafeNet Authentication Service (SAS), including SAS Cloud Edition and SAS PCE/SPE.
Deploying the agent in the customer’s environment enables strong two-factor authentication to Hyperspace, Epic’s client application, to verify a user’s identity before performing such actions such as medication scheduling, ordering, dispensing and prescription downloading.
Installation and configuration instructions, along with the agent itself, can be downloaded from the Gemalto Service Portal (DOW4546).
EPCS Compliance using the SAS Agent for Epic
Customers seeking to comply with the US Drug Enforcement Agency’s (DEA) Electronic Prescriptions for Controlled Substances (EPCS) regulation, can demonstrate compliance using any edition of SAS together with SafeNet MobilePASS software tokens. Thanks to featuring FIPS 140-2 Security Level 1 validated crypto libraries, when MobilePASS is installed on a separate mobile device (smartphone or tablet), the token becomes an EPCS compliant ‘hard token’. For more details, download our infographic or EPCS Compliance White Paper.
... read more »
Select a product category:
Subscribe by email
IDGo 800 Middleware and IDBridge CT200 Gemalto - End of Sale Announcement
Lorna Ayoun-Berdugo | March 22, 2017, 07:53 am
Ezio Flex BLE OATH Token is launched!
Silvia Candido | March 6, 2017, 11:30 am
Ezio CAS v7.2 is now available!
Silvia Candido | February 22, 2017, 09:44 am
SafeNet Ethernet Encryptor CN9100 – GA Announcement
Stan Mesceda | February 14, 2017, 02:05 pm
Ezio Mobile Protector 4.3 is now available!
Shiri Amit | February 14, 2017, 02:11 am