New Features and Enhancements
- CipherTrust Manager Configuration Improvements:
- Ability to configure CipherTrust Manager with user-specified port.
- CM now supports both TLS and TCP based SMTP connections. The default is TLS.
- You can set up a system proxy (HTTP proxy values) through the CLI.
- CCKM Connection manager is updated to add support for DSM as a key source.
- Additional Cloud and Virtualization Environments:
- CipherTrust Manager images available on IBM Cloud (anticipated June 1st)
- Compatible OVA image to run in IBM Cloud VMware
- Compatible QCOW2 image to run in IBM Cloud VPC Gen2.
- Ability to configure IBM Cloud Hyper Protect Services (HPCS) HSM as a root of trust.
- OVA image is now directly deployable in VMWare ESXi 6.5 and above, without a decompression step
- CipherTrust Manager images available on IBM Cloud (anticipated June 1st)
- Migration from Legacy Environments
- Migration of KMIP managed objects from a Data Security Manager (DSM) to CipherTrust Manager using the Client Utility (kmip-migration-utility-linux-amd64).
- New Trusted Cyber Technologies (TCT) Appliance: CipherTrust k570 appliance is now available. This appliance uses an embedded TCT Luna PCIe HSM.
- Other CM Enhancements:
- Support for rotation of the Master Key Encryption Key (MKEK).
- You can redirect Syslog messages of the current domain to the Syslog server configured in its parent domain.
- Performance enhancements for user/client authentication.
- Ability to manage CIFS credentials for LDT over CIFS support in CTE. Credentials of CIFS/SMB file shares can be added to the connection manager.
- Ability to customize TLS ciphers for NAE/REST/KMIP ports.
- Ability to download activity logs (NAE, KMIP).
