We are pleased to announce the official release of CipherTrust Transparent Encryption (CTE) Version 7.3.0 for Linux, Windows & AIX and CipherTrust Transparent Encryption UserSpace (CTE-U) Version 10.0. This update also includes new features in the upcoming 30-Nov-2022 release of CipherTrust Transparent Encryption for Kubernetes (CTE-K8s) Version 1.1.0.

Key highlights:

1. CTE for Windows v7.3.0: Support for multi-factor authentication (MFA) through integration with Thales Safenet Trusted Access, Keycloak and Okta provides clients with privileged access controls for their encrypted data. Download the solution brief for more information.
2. CTE UserSpace v10.0: CTE-U now supports CipherTrust Transparent Encryption workflows with CipherTrust Manager 2.10 and subsequent versions.
3. CTE for Kubernetes v1.1.0 (GA 30-Nov-2022): Red Hat OpenShift platform support for both self-managed and cloud deployments.

 

Full list of new features and enhancements:

CTE for Linux v7.3.0

• CTE Clients can use certificates from External CA: CipherTrust Transparent Encryption can now use an external certificate, available at a user-defined path, to communicate with CipherTrust Manager.
• Dynamic Configuration support – ptrace protection: To prevent a process injection attack Thales implemented a global blocking for the ptrace system call. The purpose of this feature is to provide configurable options for disabling the ptrace system call based on user need.
• SystemD Protection: In RedHat 7 and subsequent versions, a lot of system functionality has been moved to /etc/systemd/ which was previously not protected in CipherTrust Transparent Encryption. CipherTrust Transparent Encryption now gives you the option to protect it, meaning that no one can modify or delete files.
• User Cache Lookup Improvements: CTE has added this feature to improve the performance of the user cache lookup function, which contains information such as username and group name(s), plus timestamps and other supporting flags. This feature improves lookup performance by allowing user-configurable values for lookup retries and user information refresh times.

 

CTE for Windows v7.3.0

• Windows Multifactor Authentication Support: CipherTrust Transparent Encryption now supports Multifactor Authentication for Windows through integration with various MFA providers. Multifactor authorization ensures that the access credentials presented belong to the actual person. Currently, CipherTrust Transparent Encryption is integrated with Safenet Trusted Access, Keycloak and Okta.
• Support for Microsoft Cluster Shared Volume: For shared volumes, place all of the CSV nodes in a client group, then guard the entire group. Note that this feature only supports standard policies.
• Installer changes due to new VMLFS Driver. User can guard both local and LDT over CIFS GuardPoints. User no longer has to choose if they plan to guard CIFS-SMB-based GuardPoint with LDT.
• CTE Clients can use certificates from External CA: CipherTrust Transparent Encryption can now use an external certificate, available at a user-defined path, to communicate with CipherTrust Manager.

 

CTE for AIX v7.3.0

• AIX v7.3 Operating System: CipherTrust Transparent Encryption for AIX is now compatible with AIX OS v7.3.
• CTE Clients can use certificates from External CA: CipherTrust Transparent Encryption can now use an external certificate, available at a user-defined path, to communicate with CipherTrust Manager.

 

CTE UserSpace v10.0

• CTE Workflow support: CTE-U now supports CipherTrust Transparent Encryption workflows with CipherTrust Manager 2.10 and subsequent versions.
• Migration Support: Support migration of CipherTrust Transparent Encryption Userspace 8.x and 9.x to CipherTrust Transparent Encryption Userspace 10.0 with pfmigrate utility.
• Oracle ASM | Block device support: Support for Encrypting Oracle ASM devices. Block device support works the same on CTE-U as it does for CipherTrust Transparent Encryption.

 

CTE for Kubernetes 1.1.0 (GA 30-Nov-2022)

• Support for OpenShift platform: CTE-K8S now support deployment on Red Hat OpenShift platform for both self-managed and cloud deployments.
• Support signature sets: User can deploy signature set verification for applications trusted to access data on encrypted persistent volumes.
• Dataxform support: User can now use dataxform tool for initial encryption or key rotation of encrypted data on persistent volumes.