Overview
The Entrust KeyControl Compliance Manager provides a single, unified dashboard that allows you to view and monitor your organization cryptographic assets located in one or many KeyControl vaults. The KeyControl Compliance Manager offers full visibility, traceability, compliance tracking, and an immutable audit trail of all keys and secrets. If business requirements demand a more discrete, regional compliance and monitoring deployment, multiple KeyControl Compliance Managers can easily be configured, for example, to isolate U.S., EMEA, and APAC regions or by organizational locations. While the Compliance Manager provides a comprehensive dashboard of key and secrets metadata, day-to-day key life-cycle management fall under the responsibility of the KeyControl vaults.
Highlights
- Unified dashboard for comprehensive management of keys, secrets, and certificates
- Continuous compliance evaluation aligned with standards, policies, and regulations
- In-depth risk assessment across your entire cryptographic asset portfolio
Details
Features and programs
Financing for AWS Marketplace purchases
Pricing
Additional AWS infrastructure costs
Type | Cost |
|---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
Please contact : https://www.entrust.com/contact/sales
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Platform Updates
- Oracle Linux Support: Entrust KeyControl now operates on the Entrust-hardened version of Oracle Linux, offering enhanced security and performance.
Authentication Enhancements
- Support for OIDC with Active Directory: The KeyControl Vault Management appliance now supports OpenID Connect (OIDC) authentication integrated with Active Directory.
- Support for OIDC without Active Directory: OIDC authentication can now be used without requiring Active Directory configuration in the KeyControl Vault Management appliance.
Cloud Key Management
- AWS Multi-Region Keys Support: AWS multi-Region keys, which allow interchangeable use across different AWS Regions, are now supported in KeyControl Vault for Cloud Keys with BYOK.
- Azure Role-Based Access Control (RBAC): The KeyControl Vault for Cloud Keys now supports Azure RBAC, alongside the access policy model for authorization.
Secrets Management
- Secondary Approval for Secrets: KeyControl Vault for Secrets now supports secondary approval, adding an extra layer of security for secret management.
Access and Authentication:
- Personal Access Tokens: You can now use personal access tokens for KeyControl Vaults configured with OIDC authentication. These tokens serve as passwords for API and CLI commands.
Security Enhancements
- TLS 1.3 and Extended Master Secret (EMS): TLS 1.3 is now the default for all new installations, with support for EMS to enhance security during encryption handshakes.
- Cluster-Wide Self-Signed Certificates: KeyControl now allows the use of self-signed certificates for all nodes within a cluster.
Cloud Appliance Support IMDSv2 Support: The KeyControl appliance AMI now supports Instance Metadata Service Version 2 (IMDSv2) for improved security in AWS environments.
Additional details
Usage instructions
Access KeyControl console please SSH to your KeyControl server's public ip with your public key using login ID "htadmin" and the initial password is the Amazon instance ID for the KeyControl instance. Access to the HyTrust system is through any standard browser using public ip of your KeyControl. During install, a single administrator is created called secroot with a password which is the Amazon instance ID for the KeyControl instance. After logging in for the first time, you will be presented with the EULA (one time only). For more information please refer to documents https://www.hytrust.com/docs
Support
Vendor support
https://trustedcare.entrust.com/ Please allow 24 hours for a response when contacting Entrust. For customers interested in an Enterprise Support Contract, please contact Entrust Sales.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
