Crypto Store By ID3 > Products > Utimaco > Utimaco Enterprise Secure Key Manager (ESKM) v5.x

Utimaco Enterprise Secure Key Manager (ESKM) v5.x

Unify data security and secure key management controls for all your sensitive data

ESKM helps protect sensitive information such as payment cardholder data, customer and employee records,
electronic health records, intellectual property, cloud-hosted data, and national security and defense information
with strong encryption key management.
ESKM helps organizations to comply with regulatory audits including Payment Card Industry Data Security
Standard (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA) or Health Information
Technology for Economic and Clinical Health (HITECH), Graham Leach Bliley (GLBA), Sarbanes-Oxley (SOX),
state and international privacy laws, national security regulations, and in addition supports internal policies,
controls, and audits.

Note: Additional hardware and license options can be priced on request.


Note: RRP shown only. Accurate pricing, specification and availability will be provided upon quote issuance.


Enterprise Secure Key Manager (ESKM) provides a centralized key management hardware-based solution
for unifying and automating an organization’s encryption key controls by creating, protecting, serving,
and auditing access to encryption keys for secure, reliable administration.

ESKM supports the OASIS Key Management Interoperability Protocol (KMIP) versions 1.0 through 2.0, enabling
the broadest range of data protection applications and partner solutions. A client Software Development Kit
(SDK) is also available to partners and customers to enable native protocol ESKM integrations.
ESKM is designed as a turnkey solution: an independent lab-validated secure server appliance. Standard
capabilities include high-availability clustering and failover, secure key database, key generation and retrieval
services, identity and access management for administrators and encryption devices, secure backup and
recovery, local Certificate Authority, and signed audit logging for compliance attestation.

Unified, secure, scalable encryption key management services
– Automate and enforce organizational data protection and compliance policies
– Secure encryption key generation, creation, protection, serving, auditing for enrolled clients
– Supports multiple key algorithms use cases, encryption client devices
– Capacity for >2 million keys, >25,000 clients, and 8 ESKM nodes per distributed cluster

Strong auditable security
– Security hardened Linux-based server appliance; all software is digitally signed
– All keys and backups are encrypted both at rest and in motion
– Granular control of key management access to key owners and across administrator defined key-sharing groups
– Certificate-based mutual client-server authentication, secure administration, and audit logging
– ESKM v5.x is designed to FIPS 140-2 Level 2 – Locking front bezel, dual pick-resistant locks for security officer dual control

Reliable continuous access to business-critical encryption keys
Supports mirrored internal storage, dual networks, dual power, and redundant cooling
– Native multi-site high-availability clustering, encryption keys replicated securely and transparently to all nodes
– Comprehensive monitoring, recovery, scheduled backup, and restore functionality

– Web browser GUI and Command Line Interface supported
– TLS and SSH for secure administrator remote access
– Terminal interface (serial RS-232C) for initial installation setup

Cryptography and security
– Supports (among others): AES, 3-Key Triple DES, HMAC, RSA, and ECDSA key types
– Designed for NIST SP 800-131A and FIPS 140-2 Level 2 requirements
– Conforms with KMIP 1.0 through 2.0 specifications

Additional information

Weight 14.8 kg
Dimensions 78.4 × 48.3 × 4.3 cm

Supports OASIS KMIP, NIST, and other security

Supports a growing range of tape, disk, network, cloud, and desktop partner data protection products and solutions

Upgradeable to new software releases


Hardened server appliance designed as a
FIPS 140-2 Level 2 cryptographic module

Common Criteria Evaluation Assurance Level (EAL 2+) certified

All software is included, pre-installed, digitally signed, and verified at startup

Keys are always encrypted at-rest and in-motion; TLS encrypted communications

Strong mutual certificate authentication available
for client access to keys

Local Certificate Authority as an option


Clusters span and serve multiple data centers, across
geographic locations

Supports tens of thousands of encryption clients and
millions of keys


High-availability clustering, 2–8 nodes

Performs automatic key replication, client loadbalancing, and fail-over

Fault-tolerant hardware with mirrored internal
disks, dual power supplies, dual network ports, and redundant cooling


Secure remote administrator access to assign roles
and privileges

Scheduled backups and log rotations

SNMP alerts and SIEM log monitoring

Electrical and thermal characteristics

Maximum heat dissipation: 290 BTU/hr, (305.95 kJ/hr);

Voltage: 100–240 VAC

Frequency: 50/60 Hz; Idle power 85 W

Maximum power: 135W


Interfaces: 10/100/1000BASE-T (Ethernet) RJ-45 ports,

1 RS-232C serial console port, 1 video port

Non-operating/Storage Environment

22°F to 140°F (-30°C to 60°C);
maximum change 20°C/hr (36°F/hr)

Relative humidity:
5% to 95%, 101.7°F (38.7°C)
maximum wet bulb, non-condensing

Operating Environment

50°F to 95°F (10°C to 35°C) at sea level

Relative humidity:
10% to 90%, 82.4°F (28°C) maximum
wet bulb temperature, non-condensing


ESKM Server v5

Customer Reviews

Customer Rating

0 Ratings
Stars 5
Stars 4
Stars 3
Stars 2
Stars 1
Be the first to review “Utimaco Enterprise Secure Key Manager (ESKM) v5.x”

Your email address will not be published. Required fields are marked *


There are no reviews yet.

Item added To cart