We are pleased to announce the release of SafeNet ProtectV 4.6.0, which adds support for virtual machines running on Google Cloud Platform and Data Protection On Demand (DPoD) VM Encryption Service (currently in preview mode). Additionally, SafeNet ProtectV 4.6.0 introduces a new in-transit key wrapping feature and online rekey of Windows system partitions.
Below are new feature enhancements available in the ProtectV 4.6.0 release:
- Support for Google Cloud Platform
SafeNet ProtectV 4.6.0 extends support for ProtectV Manager on Google Cloud Platform.
- Support for RHEL 6.10
This release extends support for encryption of virtual machines running Red Hat Enterprise Linux 6.10. Refer to the Operating Systems section of the customer release notes for the complete list of supported platforms.
- Support for AWS R4 and M5 Instances
SafeNet ProtectV 4.6.0 adds support for encryption of Amazon EC2 R4 and M5 instances running Windows platforms.
- Support for SafeNet Virtual KeySecure k170v
SafeNet ProtectV now supports the next generation SafeNet Virtual KeySecure k170v for managing encryption keys.
- Support for DPoD – VM Encryption Service
SafeNet ProtectV 4.6.0 extends support for the Gemalto Data Protection on Demand (DPoD) platform. SafeNet ProtectV Manager 4.6.0 will also support the DPoD VM Encryption service scheduled to release in September, 2018. Refer to the Data Protection On Demand documentation for details.
- Support for Multiple Syslog Servers
Previous versions of SafeNet ProtectV supported one Syslog server only. Now you can configure multiple Syslog servers with ProtectV Managers. You need to configure different Syslog servers individually. This release also provides the ability to disable configuration of a particular Syslog server. The pvmctl status command is also improved in this release. It now shows IP addresses of all the configured Syslog servers.
- In-transit Key Wrapping
SafeNet ProtectV 4.6.0 supports encryption of keys while they are moving among SafeNet KeySecure, ProtectV Manager, and ProtectV clients. This is referred to as in-transit key wrapping. Enable in-transit key wrapping to protect key encryption keys (“KEKs”) against TLS attacks. The KEK is wrapped with a public key by SafeNet KeySecure. This feature is disabled by default. As a ProtectV administrator, you can enable the feature.
- Ability to Set Time Zone
A new command, pvmctl settimezone, is included in this release. Run this command to configure time zone on your ProtectV Manager instances. Refer to the SafeNet ProtectV User’s Guide for description of features.
- Audit Logging Improvements
SafeNet ProtectV 4.6.0 contains improved audit logging. Audit Logs now display the logs of the following activities:
• Logging activities (local and LDAP users)
• Creating tokens
• Deleting tokens
• Deleting virtual machines
• Turning off/on encryption for a partition
• Modifying LDAP connection
• Adding or deleting users
• Creating additional administrators
Additionally, the “Time (UTC)” column is renamed as “Time” on the Audit Logs tab of the ProtectV Manager Console. Also, audit logs now reflect the time zone set on ProtectV Manager.
- Rekey Support for Windows System Partitions
SafeNet ProtectV 4.6.0 adds support for rekey of Windows system partitions, for example, C:\ drive.
For download and customer release notes, please visit our Gemalto Customer Support Portal.