Specifications include, but are not limited to:
Centralized Encryption Management Appliance:
1. Virtual or hardware based.
2. Conforms to the FIPS 140-2 Level 1, Level 2, or Level 3.
3. Provides high availability and redundancy.
4. Able to work with Oracle TDE keys.
5. Web-based GUI that authenticates to Active Directory to manage encryption on servers.
6. Provides User Access Control and audit trail.
7. Provides separation of administrator duties.
8. Provides secure backup and restore capability of the appliance.
Encryption Key Management:
1. Dedicated Enterprise Key Manager
2. Able to run reports on available keys.
3. Flexible options for automatic key rotation and expiration.
4. Supports Encryption Key Versioning.
5. Backup of file automatically encrypted with current version of encryption key.
6. Able to restore encrypted files with prior versions of encryption key.
7. Minimize downtime with automatic key rotation.
8. Strong Encryption Algorithm of AES256.
9. Ability to manage and store keys separate from data and backup these keys to another secure location.
10. Web-based GUI to manage Encryption Keys.