Universal key management system for encrypted workloads


Encrypting workloads helps enterprises to ensure their data is protected, even if the data falls into the wrong hands. One of the challenges of workload encryption is to scale the management of tens of thousands of encryption keys, for workloads that may even be hosted on different platforms.

Entrust KeyControl enables enterprises to easily manage all their encryption keys securely and at scale, including how often they are rotated and shared.

Entrust KeyControl capabilities include:

  • VMware certified Key Management Server (KMS) for:
    • vSphere 6.5, 6.7 and 7.0
    • vSAN 6.6, 6.7 and 7.0
    • vSphere Trust Authority 7.0
  • Universal key management for KMIP-compatible encryption agents
  • Enterprise scalability and performance
  • Can run in an active-active, high availability cluster
  • FIPS 140-2 Level 1 validation
  • Seamless integration with nShield® FIPS 140-2 Level 3 HSM for high level assurance

Need complete workload lifecycle encryption and policy based key management, role based access control and zero downtime encryption for product workloads? Entrust DataControl provides a multi-cloud encryption solution for workloads.

Manage Keys and Virtualized Encrypted Workloads with KeyControl

  • VM Workloads
  • AWS Workloads

High assurance key lifecycle management

  • Simplifies management of encrypted workloads by automating the lifecycle of encryption keys
  • Leverages nShield HSMs for creating cryptographic material
  • Enhances security and facilitates organizational compliance with regulatory requirements
  • Deploys easily and provides a rapid time to value
  • Enables granular key lifecycle management
    • Expiry actions: disable, delete key material
    • Key rotation
  • Reduces complexity of protecting workloads across multiple cloud platforms

Generate, automate, manage and full control of your keys in the cloud

  • Simplifies the process of creating customer’s keys and exporting to AWS
  • Leverages nShield HSMs for creating cryptographic material
  • Provides full control over a customer’s master key in AWS
  • Ensures keys are backed up (and recoverable) in KeyControl
  • Provides granular key lifecycle management
    • Expiry actions: disable, delete key material
    • Key rotation
  • Unifies the key management experience via GUI tool – a single pane of glass
    • Native AWS keys
    • KMS-generated keys


KeyControl Resources


Entrust Identity 产品组合专家很快将联系您,并对相关选项进行说明。