Micro Focus Security Releases Enterprise Secure Key Manager (ESKM) 5.0.6

Security_Guest Frequent Contributor.
Frequent Contributor.
0 0 2,361

Guest Post by Nathan Turajski, Data Security 

Cybercrime, mobile data access, cloud services, and other realities of doing business in a connected world make securing sensitive data more complex—and more critical—than ever. A well-rounded enterprise security plan includes strong storage encryption. When data-at-rest is encrypted, the audit risks of policy compliance, financial losses from a breach, and damage to your business reputation are reduced. 

The Micro Focus Security team has been working full speed ahead, helping ensure your Enterprise Secure Key Manager (ESKM) appliances stay up to date and trusted, given the modern threat environment and evolving security requirements. Just announced as generally available is ESKM 5.0.6 with software v7.0.6. ESKM.pngManaging encryption keys is a challenging but important aspect of any information security plan. Our ESKM provides operational simplicity and high assurance return on investment for local and remote key management protection. 

In this latest update, we have addressed several key issues, including updates to further protect against memory leak risk, improved cluster performance, and enhanced HDD failure reporting. And notably for new features, we support stronger KMS TLS cipher suites to allow more choice for Secure Encryption Gen10 customers and provide SSH algorithm configuration options to allow customers to only enable the algorithms they want to use. Key Query has been improved for better performance as well. 

Notable updates include the following: 

Updated Features/Fixes:

  • Improved cluster performance
  • Selective backup option for KMIP objects
  • Enhanced HDD failure reporting
  • Support for stronger KMS cipher suites with the KMS server now supporting the following additional cipher suites:
    • ECDHE‐ECDSA‐AES128‐GCM‐SHA256
    • ECDHE‐ECDSA‐AES256‐GCM‐SHA384
    • ECDHE‐RSA‐AES256‐GCM‐SHA384
    • RSA‐RSA‐AES256‐GCM‐SHA384
  • TLS 1.2 for cluster communication
  • SSH algorithm configuration options
  • Configuration option for maximum SSH Admin login attempts
  • Upgraded OpenSSH
  • Support 3072‐bit certificate creation
  • Support for mandatory KMIP 1.4 attributes
  • Bug Fixes
    • KMS server memory leak
    • Key Query by Creation Date
    • Help page searching

 Especially with newly emerging threats such as Meltdown/Spectre, it’s important to stay up-to-date on routine software maintenance. We recently published a blog on the merits of using custom security appliances for improved trust assurance, such as the Atalla HSM and ESKM hardware, because of the added protection of their closed environments. Full release notes and further information can be made available by contacting Micro Focus Support and/or visiting your support portal for firmware download. 

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.