CA Encryption Key Manager r14.5



Similar documents
r12 Overview Business value

Enterprise Report Management CA View, CA Deliver, CA Dispatch, CA Bundl, CA Spool, CA Output Management Web Viewer

CA Gener/OL r7.1. Overview. Business value

CA Repository for z/os r7.2

CA NetSpy Network Performance r12

CA Workload Automation Restart Option for z/os Schedulers r11

CA Compliance Manager for z/os

CA Telon Application Generator r5.1

CA Endevor Software Change Manager Release 15.1

CA Scheduler Job Management r11

CA Workload Automation CA 7 Edition r11.3

CA Tape Encryption Key Manager

CA SYSVIEW Performance Management r13.0

CA JCLCheck Workload Automation

CA Librarian r4.3. Overview. Business value

CA Endevor Software Change Manager Version 15.0

CA NetMaster Network Management for TCP/IP r12.0

CA Aion Business Rules Expert r11

CA CMDB Connector for z/os version 2.0

CA High Performance Recovery for IMS for z/os

CA TPX Session Management r5.3

CA Process Automation for System z 3.1

CA Aion Business Rules Expert 11.0

CA Deliver r11.7. Business value. Product overview. Delivery approach. agility made possible

CA Insight Database Performance Monitor for DB2 for z/os

CA Top Secret r15 for z/os

CA Dispatch r11.7. Business value. Product overview. Delivery approach

CA SOLVE:Central Service Desk for z/os

CA MICS Resource Management r12.6

Version Overview. Business value

Deployment Options for Microsoft Hyper-V Server

CA View r11.7. Business value. Product overview. Delivery approach

CA NSM System Monitoring Option for OpenVMS r3.2

Overview. Business value

UPSTREAM for Linux on System z

CA VM:Operator r3. Product Overview. Business Value. Delivery Approach

Access to easy-to-use tools that reduce management time with Arcserve Backup

CA Workload Automation Agents for Mainframe-Hosted Implementations

ScaleMatrix safeguards 100 terabytes of data and continuity of cloud services with CA Technologies

Broadcloud improves competitive advantage with efficient, flexible and scalable disaster recovery services

CA Technologies optimizes business systems worldwide with enterprise data model

agility made possible

VERITAS Business Solutions. for DB2

CA Clarity PPM. Overview. Benefits. agility made possible

CA Workload Automation

CA Aion Business Rules Expert

CA MICS Resource Management r12.7

CA Oblicore Guarantee for Managed Service Providers

Online Transaction Processing in SQL Server 2008

CA Service Desk Manager

are you helping your customers achieve their expectations for IT based service quality and availability?

Table of Contents. Authors Wendy Wong, Senior Software Architect, and the SOLVE:Operations/Linux Connector team. Print Edition: WW180311

CA Virtual Assurance for Infrastructure Managers

Datacenter Management Optimization with Microsoft System Center

CA Capacity Manager. Product overview. agility made possible

CA Mainframe Security Management solutions helps you reduce costs, facilitate new business opportunities, address regulatory compliance requirements,

agility made possible

A to Z Information Services stands out from the competition with CA Recovery Management solutions

CA NetQoS Unified Communications Monitor

can you effectively plan for the migration and management of systems and applications on Vblock Platforms?

CA Automation Suite for Data Centers

Enterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH. White Paper February

CA Clarity Integration

CA Server Automation. Overview. Benefits. agility made possible

Reduce your data storage footprint and tame the information explosion

Genesis Energy delivers IT projects faster with standardised processes and CA Clarity PPM.

Data Deduplication: An Essential Component of your Data Protection Strategy

TECHNOLOGY BRIEF: PREVENTING UNAUTHORISED ACCESS TO CRITICAL SYSTEMS AND DATA. Colruyt ensures data privacy with Identity & Access Management.

How Can Central IT Use Cloud Technologies to Revolutionize Remote Store Operation?

Effective Storage Management for Cloud Computing

CA Workload Automation for SAP Software

next generation architecture created to safeguard in virtual & physical environments to deliver comprehensive UNIFIED DATA PROTECTION SOLUTION BRIEF

Asentinel Telecom Expense Management (TEM)

Constant Replicator: An Introduction

CA ARCserve Replication and High Availability Deployment Options for Hyper-V

PRODUCT SHEET: CA Arcot Cloud Services Data Centers CA Arcot cloud services data centers. True multi-tenancy and scalability

CA arcserve r16.5 Hybrid data protection

Leveraging the Cloud for Data Protection and Disaster Recovery

how can I deliver better services to my customers and grow revenue?

CA s Cloud Storage for System z

How To Improve Your Database Performance

Alliance Key Manager Solution Brief

CA Big Data Management: It s here, but what can it do for your business?

CA Systems Performance for Infrastructure Managers

Effective storage management and data protection for cloud computing

CA HalvesThe Cost Of Testing IT Controls For Sarbanes-Oxley Compliance With Unified Processes.

solution brief September 2011 Can You Effectively Plan For The Migration And Management of Systems And Applications on Vblock Platforms?

Transcription:

PRODUCT SHEET CA Encryption Key Manager CA Encryption Key Manager r14.5 CA Encryption Key Manager is a z/os-based, software cryptographic solution that helps ensure the highest availability of encryption keys and encrypted data enterprise-wide. It centralizes and automates key lifecycle processes to reduce the possibility of downtime resulting from the inability to access encrypted data. It provides centralized encryption key management for any combination of IBM TS1120 (3592-E05) and IBM TS1130 tape encryption devices, as well as CA Tape Encryption subsystems. It can also automatically and transparently replicate and share encryption keys across a secure internal network within the enterprise and secure external network connections with business partners. Overview CA Encryption Key Manager allows you monitor, track, audit, manage, and protect multiple vendors encryption keys from a single location to ensure their highest availability, recoverability and portability. It helps facilitate FIPS 140-2 compliance and supports NIST 800-57 key standards. Users of IBM TS1120 and TS1130 tape encryption devices, as well as users of CA Tape Encryption, can save time and reduce complexity by using a single centralized interface to manage multiple hardware or software instances. In addition these users can automatically share, replicate and exchange encryption keys, including Business-to-Business (B2B) decryption keys, without manual intervention or interaction-----making encrypted data always available across the enterprise and easier to authorize business partners without being limited by geography or hardware configuration.

Business value CA Encryption Key Manager helps ensure compliance with data security regulations and laws by delivering automated, centralized management for encryption keys from different cryptographic solutions. It enables higher availability of encrypted data in your enterprise, and reduces any delay accessing encrypted data during disaster recovery, hardware errors or system outages. By reducing the complexity and time to manage local or remote systems, novice and experienced staff can easily manage cryptography and compliance. Plus, since it is vendor-neutral, you avoid being locked into costly standalone hardware or software purchases that could introduce single points of failure, or are not designed to share keys across the network nor designed for business continuance. Features Mainframe 2.0 CA Encryption Key Manager has adopted key Mainframe 2.0 features that are designed to simplify your use of CA Encryption Key Manager and enable your staff to install, deploy and maintain it more effectively and quickly. CA Mainframe Software Manager : CA Mainframe Software Manager (CA MSM) automates CA Encryption Key Manager deployment and maintenance and removes SMP/E complexities. The Software Acquisition Service enables you to easily move product installation packages and maintenance from CA Support Online directly to your mainframe environment and prepare them for installation. The Software Installation Service standardizes CA Encryption Key Manager installation, which includes a new, streamlined Electronic Software Delivery (ESD) method that allows CA Encryption Key Manager to be installed using standard utilities. This service also provides standardized SMP/E product installation and maintenance via APARs and PTFs, and simplifies SMP/E processing through an intuitive graphical user interface and an intelligent installation wizard. The Software Deployment Service enables you to easily deploy CA Encryption Key Manager in your mainframe environment. CA MSM Consolidated Software Inventory (CSI) updates and infrastructure improvements add flexibility to CA MSM processing of CSIs and enable CA MSM to more effectively utilize CPU and system memory. 2

Installation Verification Program (IVP) and Execution Verification Program (EVP): As part of qualification for inclusion in the set of mainframe products from CA Technologies released every May, CA Encryption Key Manager has passed stringent tests performed through the IVP and EVP to find and resolve interoperability problems prior to release. These programs are an extension of our ongoing interoperability certification initiative launched in May 2009. Best Practices guide: This guide provides information on CA Encryption Key Manager installation, initial configuration and deployment to shorten the learning curve for staff who are responsible for the installation and management of this product. Health Checker: The Mainframe 2.0 Health Checker provides CA Encryption Key Manager Health Checks that execute under the IBM Health Checker for z/os. CA Encryption Key Manager provides 5 health checks to inspect parameter settings and to monitor active encryption processing for possible problems. When problems are found the checks provide detailed recommendations on how to correct the problem. The CA Encryption Key Manager Health Checks also make best practice recommendations for using the products, telling the user how to implement the best practice. Examples of CA Encryption Key Manager Health Checks include: Checks to monitor the availability of space in the database for key generation and key lifecycle tracking Monitoring the maintenance levels of the active CA Encryption Key Manager tasks on the system to help make sure that shared modules are current and to warn if product load libraries are found to be back-level. Other key features Centralized Multi-Vendor Management of Encryption Keys: Centralized multi-vendor key management enabling efficient compliance and administration of the entire encryption infrastructure. The status of managed encryption keys for different encryption devices and systems across multiple CPUs and multiple sites can be seen at a glance. Automated key replication and failover support: Encryption keys are automatically replicated over a cluster of local and geographically dispersed hosts making each participant a potential failover system and a source to recover encryption keys in case of a disaster, hardware errors or system outage. Automated full lifecycle encryption key management: CA Encryption Key Manager features full lifecycle key management that goes beyond just the central creation and storage of keys. Rather, it includes creation monitoring, tracking, auditing, backup and recovery, and the automated expiration and removal of expired keys. 3

Automatic synchronization with external security systems: CA Encryption Key Manager interfaces with all z/os external security systems like CA ACF2 for z/os, CA TopSecret for z/os and IBM RACF for Public/Private keys and digital certificates storage. When CA Encryption Key Manager is started in a multi-system or disaster recovery environment, the external security system key store is monitored and digital certificates automatically re-imported if they are not found. This provides for fast and automated recovery of encrypted data. Digital certificate protection: Every digital certificate created by CA Encryption Key Manager is also saved in the product key store, providing additional protection of this critical resource. In addition each product key store can be replicated over key stores owned by a cluster of local and geographically dispersed hosts. RSA key pairs for the enterprise: Ability to create and exchange/export RSA Keys (public private key pairs) in digital certificates with any application that supports digital certificates adhering to the X.509 standard. Automated tape key generation and key change policy enforcement: Supports dynamic, automated change of encryption keys and digital certificates used to protect data to reduce risk and manual intervention. NIST 800-57 key standards: Helps ensure compliance and fully supports the National Institute of Standards and Technology; document NIST 800-57, Recommendation for Key Management. Tape management system support: Integration of CA Encryption Key Manager into the CA Technologies z/os tape management systems, CA 1 Tape Management and CA TLMS Tape Management, as well as IBM s DFSMSrmm provides simplified and integrated full lifecycle key management and tape data protection. Option for networked key management: This optional feature helps increase encrypted data availability, accessibility and instant encryption key recoverability for IBM TS1120 and TS1130 tape encryption devices, as well as CA Tape Encryption subsystems throughout any Sysplex, LPAR and site within the enterprise. It offers: An interconnected network of encryption keys and encrypted data for enterprise-wide high availability Automated encryption key replication that helps reduce single points of failure through real-time key store synchronization and change propagation over SSL TCP/IP connections Flexible, centralized control that gives users the ability to manage and operate all hosts in the Enterprise from a single LPAR Transparent B2B encryption key exchange by automatically obtaining and sharing symmetric decryption keys 4

FIGURE A. Unify and simplify encryption key management operations Integrates with Web-based and Windows-based CA Graphical Management Interface (CA GMI): This no-cost feature brings a common user interface, either web-based or Windows-based, to the power of CA Encryption Key Manager. This interface provides access to the keys and policies in use and details on each symmetric and RSA key (digital certificate) created, as well as the CA Encryption Key Manager subsystem and configuration settings. In addition, CA GMI allows many of the capabilities and value of CA Vantage Storage Resource Manager to be at the fingertips of CA Encryption Key Manager users. The Web-based CA GMI includes an object tree that interfaces with CA Encryption Key Manager. 5

FIGURE B. Unify and simplify encryption key management operations The Windows-based CA GMI includes an object tree that interfaces with CA Encryption Key Manager. CA Encryption Key Manager options All CA Encryption Key Manager Options are activated via license keys for specific functions. They ensure encrypted data and cryptographic components remain available. Option for IBM: Ability to manage tape encryption keys, for z/os and distributed environments, when attached to an IBM TS1120 (3592-E05) or IBM TS1130 tape device Cross-platform key management and protection across multiple tape storage vendors using a single point of control The status of keys and media across the enterprise can be visualized and audited at a glance, including in-transit and offsite locations 6

Delivery approach CA Services provides a portfolio of mainframe services delivered through CA Technologies internal staff and a network of established partners chosen to help you achieve a successful deployment and get the desired business results as quickly as possible. Our standard service offerings are designed to speed deployment and accelerate the learning curve for your staff. CA Technologies field-proven mainframe best practices and training help you lower risk, improve use/adoption and ultimately align the product configuration to your business requirements. Benefits CA Encryption Key Manager helps ensure compliance with data security regulations and laws by delivering automated, centralized management for encryption keys from different cryptographic solutions. Implementing the CA Encryption Key Manager enables centralized management of multi-vendor encryption keys and higher encrypted data availability across the enterprise, reducing any delay accessing encrypted data during disaster recovery, hardware errors or system outage. Temporary or permanent loss of encryption keys and therefore access to encrypted data can lead to potential financial impact resulting from application outages, negative publicity and other downtime costs. By reducing the complexity and time to manage local or remote systems, novice and experienced staff can easily manage cryptography and compliance. The CA Technologies advantage CA Technologies has 30 years of recognized expertise in robust, reliable, scalable, and secure enterprise-class IT management software. CA Encryption Key Manager is a key component of the Mainframe 2.0 initiative from CA Technologies to change the way the mainframe is managed forever by helping you maximize the value of our mainframe products and by providing a simplified experience and innovative solutions that deliver value quickly and flexibly. Copyright 2011 CA. All rights reserved. IBM, z/os and RACF are trademarks of International Business Machines Corporation in the United States, other countries, or both. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. This document is for your informational purposes only. CA assumes no responsibility for the accuracy or completeness of the information. To the extent permitted by applicable law, CA provides this document as is without warranty of any kind, including, without limitation, any implied warranties of merchantability, fitness for a particular purpose, or noninfringement. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document, including, without limitation, lost profits, business interruption, goodwill 7 or lost data, even if CA is expressly advised in advance of the possibility of such damages. CS0494_0211

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information