KeySecure for Government is a centralized key management platform that supports a broad encryption ecosystem for the protection of sensitive data-at-rest across traditional or virtualized data centers and public cloud environments.
Skip Navigation
  • Overview

    KeySecure for Government G460 (KeySecure G460) is a centralized cryptographic key management platform that supports a broad encryption ecosystem for the protection of sensitive data-at-rest across enterprise-level data centers. KeySecure G460 supports an embedded hardware root of trust utilizing a FIPS 140-2 Level 3 Luna for Government hardware security module.

    Developed for U.S. Government use, KeySecure G460 is manufactured, sold, and supported in the U.S. exclusively by Thales TCT.

    KeySecure for Government Use Cases

    KeySecure for Government use cases for centralized key management cover SafeNet encryption products and third-party solutions for backup media and storage, virtual workload and application encryption.

    • Backup Media: KeySecure for Government supports industry leading tape libraries, scalable backup and cloud archive solutions
    • Storage: KeySecure for Government supports leading storage platforms and cloud storage services 
    • Data Encryption Solutions: KeySecure for Government provides encryption solutions for data in various formats – structured (such as databases) and unstructured (file level encryption, big data) – ensuring appropriate access to users requiring the information and IT teams providing infrastructure support
    • Applications: KeySecure for Government supports application level encryption via SafeNet ProtectApp and integrations from cloud application partners

  • Features & Benefits
    • Single, centralized platform for  managing cryptographic content (keys and related data) and applications including the ability to perform high speed encryption/decryption operations
    • Use Case Expansion: Transform your key management appliance into a server that includes support for SafeNet encryption products
    • Simplify Compliance. Efficiently audit key management practices, save staff time, and simplify attainment of compliance mandates with efficient, centralized auditing of key management practices such as FIPS 140-2, PCI-DSS, HIPAA
    • Environment Independent Key Management. Key management policies and procedures are consistent
    • Risk Mitigation with Maximum Key Security. Tamper-proof hardware options supporting an embedded hardware root of trust with a FIPS 140-2 Level 3  Luna for Government hardware security module 
    • Lower Total Cost of Ownership. Leverage a continuously growing list of 3rd party technologies leveraging SafeNet encryption products and the OASIS KMIP standard
    • Multi-Tenant Solution. Includes a breadth of features to optimize performance, security, and usability in a multi-tenant environment offering numerous capabilities used to ensure separation of tenant keys and administrative capabilities.
    • Heterogeneous Key Management. Manage keys for SafeNet encryption products as well as a large variety of third-party encryption solutions through an industry standard interface 
    • Multiple Key Types. Centrally manage Symmetric and Asymmetric Keys, secret data, and X.509 certificates along with associated policies.
    • Full Lifecycle Key Support and Automated Operations. Simplify the management of encryption keys across the entire lifecycle including secure key generation, storage and backup, key distribution, deactivation and deletion. Automated, policy driven operations simplify key expiry and rotation tasks.
    • Centralized Administration of Granular Access, Authorization Controls and Separation of Duties. Unify key management operations across multiple encryption deployments and products, while ensuring administrators are restricted to roles defined for their scope of responsibilities, from a centralized management console. Also, KeySecure G460 can utilize existing LDAP or AD directories to map administrative and key access for applications and end users.
    • High-Availability and Intelligent Key Sharing. Deploy in flexible, high-availability configurations within an operations center and across geographically dispersed centers or service provider environments using an active-active mode of clustering.
    • Auditing and Logging. Detailed logging and audit tracking of all key state changes, administrator access and policy changes. Audit trails are securely stored and signed for non- repudiation and can be consumed by leading 3rd party SIEM tools.
    • Next-Generation Storage and Archive Solution. Simplify secure storage and efficiently scale data centers while reducing costs and complexity.
    • Cryptographic Erase. Securely sanitize target media in compliance with NIST SP 800-88 Rev 1 by centrally managing key lifecycle.
  • Technical Specifications

    Physical Characteristics

    • Standard 1u 19” rack mount chassis
    • Dimensions: 19” x 24” x 1.68” (482 mm x 610 mm x 42.8 mm)
    • Weight: 30.42 lbs (13.8 kg)
    • Input Voltage: 100-240 V, 50-60 Hz
    • Power Consumption: 350 w
    • Temperature: operating 500 F to 950 F (100  C to 350  C)
    • Relative Humidity: 5% to 95% RH with 330  C (950  F) non-condensing

    API Support

    • Java, C/C++, .NET, XML open interface, KMIP standard

    Network Management

    • SNMP (v1, v2, and v3), NTP, URL health check, signed secure logs & syslog, automatic log rotation, secured encrypted and integrity checked backups and upgrades, extensive statistics

    Appliance Administration

    • Secure Web-based GUI, Command Line Interface


    • LDAP and Active Directory
    • Common Access Card Authentication
  • Resources
    KeySecure G460 Product Brief
    Product overview with technical features and specifications.

    Download Now

    Own and Manage Your Encryption Keys
    For agency leaders and IT administrators responsible for data security—from the most basic statistics to highly sensitive documents—understanding the role of encryption and the management of encryption keys is vital to keeping confidential data just that—confidential. And, for organizations that entrust their data to cloud storage, it is essential that they understand the options available for safeguarding this protected data—even if it’s being managed in the cloud by a third-party vendor. This white paper discusses the importance of data encryption, the vulnerabilities of third-party encryption, the necessity of encryption key ownership, and how all of it affects the security of your organization’s data stored in the cloud.

    Download Now

    Best Practices for Cryptographic Key Management
    Once data is encrypted, the only way to gain access is by decrypting or unlocking secret content using the key. Haphazardly protecting these keys negates the entire process of encryption and creates a false sense of security. This white paper outlines best practices for deploying an effective cryptographic key management strategy.

    Download Now

    SafeNet AT How-To Video Series
    See how our solutions work in live environments. Our How-to Video series will demonstrate how to install, integrate and use our solutions in your network.


This site uses cookies to store information on your computer. Some are essential to make our site work properly; others help us improve the user experience.

By using the site, you consent to the placement of these cookies. For more information, read our cookie policy and our privacy policy.