Your suggested change has been received. Thank you.

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

Getting Started
Administration
Reference
Release Notes

All

All

Getting Started

Migrate from KeySecure Classic Firmware

Please Note:

Getting Started
CipherTrust Manager Deployment
- Hardening Guidelines
- Install Virtual CipherTrust Manager
  - Plan Configuration Settings for Cloud Init
  - Deploying with Cloud-init
  - Amazon Web Services Deployment
  - Google Cloud Deployment
  - Alibaba Cloud Deployment
  - Microsoft Azure Deployment
  - Oracle Cloud Deployment
  - Provisioning with a Microsoft Azure Dedicated HSM
  - Private Cloud Deployment
  - Resizing the Virtual Hard Disk After Deployment
- Install Physical CipherTrust Manager Appliance
  - Securely Transporting a CipherTrust Manager k570 Appliance
  - Remote PED-Authenticated k570 Initialization
  - Hardware Specifications
  - HSM Tamper Behavior
  - Reboot the Appliance
  - Power Supply and Fan Maintenance
  - Serial Connections
  - Front Locking Bezel
- Network Interface Configuration
- Install the CLI Toolkit
- Changing the Initial Password
- Starting Services After Deployment
- System Configuration Utility
DDC Deployment
- Architecture
- Requirements
- Post-install
- DDC Agents
- Hardening Guidelines
Licensing
- Getting Started with Licensing
- Activating Licenses
- Managing Licenses
- View and Delete Licenses on CipherTrust Manager
- FAQs
- Virtual CipherTrust Manager Licensing Model
- CCKM Licensing Model
- CTE Licensing Model
- CTE US Licensing Model
- DDC Licensing Model
- ProtectFile Licensing Model
- ProtectV Licensing Model
Migrate from KeySecure Classic Firmware
- Upgrading from KeySecure Classic Firmware
- Migrating KeySecure Classic Data to a CipherTrust Manager Appliance
Migrate from Data Security Manager
Migrate KMIP Managed Objects from Data Security Manager

CipherTrust Manager
Getting Started
Migrate from KeySecure Classic Firmware

Migrate from KeySecure Classic Firmware

If you have a legacy KeySecure k450 or k460 appliance, it may be running KeySecure Classic firmware.

To access CipherTrust Manager firmware if you are starting from KeySecure classic, you must either:

Upgrade your legacy appliance to CipherTrust Manager firmware or
Migrate your data to a new CipherTrust Manager appliance

Note

If your appliance is running NextGen KeySecure or CipherTrust Manager firmware, you can perform a standard upgrade to deploy the latest CipherTrust Manager firmware.

CipherTrust Managers Changes from SafeNet KeySecure Classic

No hypervisor limitation - so it can run on any cloud
Improved User Interface
Addition of a RESTful interface
Addition of a full-featured, remote CLI interface
Backward compatibility with the KeySecure Classic NAE-XML interface and the suite of existing connectors
Key policies (time of day and rate limits) are no longer supported.
RC4, 56-bit DES, 112-bit Triple DES, and 168-bit Triple DES in ECB mode (CBC mode is okay) are not supported.
FPE is only supported with 256-bit keys. 128 and 192 are not supported.
RSA Export formats supported are PKCS 1 and 8 only.

On this page

CipherTrust Manager

© Copyright 2019-2025, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
Legal

© Copyright 2019-2025, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com