Gemalto is pleased to announce the official release of SafeNet Virtual KeySecure k170v version 1.6.1.
New in this release:
SafeNet ProtectV Manager Now Available in the k170v GUI (Beta Version):
In version 1.6.1, SafeNet ProtectV Manager and the k170v have converged into a simplified solution that enables customers to access SafeNet ProtectV Manager directly from the new k170v GUI. Integrating SafeNet ProtectV Manager directly into the k170v offers multiple benefits for both existing and new ProtectV customers including:
– Ease of Use and Deployment: Customers now have one less piece of infrastructure to manage – everything can be accessed and managed via a new and improved single user interface
– Monitoring Tools: Customers can leverage their existing alarms and syslog functionalities created in KeySecure and monitor them in one centralized location, eliminating the need build the same feature in both KeySecure and ProtectV
– HSM root of Trust for ProtectV: Benefit from the existing k170v integrations, which support master key storage in HSMs including cloud-based options such as such as Amazon Web Services CloudHSM, SafeNet Data Protection on Demand (HSM on Demand Services), or SafeNet Luna HSM, a hardware appliance option that is deployed on-premises in a range of models and configurations
SafeNet ProtectV manager is also supported via the k170v’s CLI and API Developer Playground in addition to the GUI. It’s important for existing ProtectV customers to note that this converged solution is still in BETA and should only be deployed in a non-prod environment at this time. A full migration plan for existing customers will be available in the k170v 1.7.0 release.
Physical Appliance Installation ISO: An ISO Image is available for existing SafeNet KeySecure customers to upgrade their k450 or k460 physical appliance with the k170v 1.6.1 firmware. Customers are encouraged to install the new image on non-production k450 and k460 appliances and test existing use cases.
Multi Network Interface Controller (NIC) Support: Multiple NIC’s can be configured for Physical and Private Cloud images using the kscfg utility. (Note: kscfg can only be used to configure interfaces on a Physical Appliance or in a Private Cloud, VMware xSphere, HyperV, etc. It cannot configure interfaces in public clouds, AWS, Azure, etc.)
Backup Encryption Changes: With release 1.6.1, backups are encrypted when they are created, rather than when they are downloaded. This is more secure, and simplifies management of backups.
Backups and Backup Keys Retention: Backups and Backup Keys are retained, even if a system is reset.
GUI Backup Support: Backups and Backup Keys can be managed via the Management Console
Local Audit Log Disable: Logging Audit records to local store (database) can be disabled via the CLI and the API – audit logs are still forwarded to syslog. Clusters that support a large number of transactions should be configured with local audit logging disabled. This significantly reduces cluster wide traffic and disk usage. This is a cluster wide setting and needs to be set on only one node in the cluster. Use the ksctl ‘properties’ command to disable audit logging.
New API Playground (BETA):
A new API playground is included with improved formatting and performance. This is a BETA feature and in addition to the existing one.
Key States support: Key States support is added over
Multiport Support for NAE Server: Multiple instances of NAE Server can be instantiated on different ports and network interfaces.
For a full list of other administrative improvements and additional details, the following resources are available for the k170v 1.6.1 release: