Feature spotlights

Application Encryption

Application Encryption, you can encrypt specific files or columns in databases, big data nodes, and platform-as-a-service (PaaS) environments. The application encryption solution features a set of documented, standards-based APIs that can be used to perform cryptographic and key management operations. Application Encryption eliminates the time, complexity, and risk of developing and implementing an in-house encryption and key management solution.

Centralized Key and Policy Management

IBM Guardium for Application Encryption helps organizations establish centralized control of application-layer encryption and file system encryption. With this solution, all policy and key management is done through the Data Security Manager. Consequently, the solution simplifies the data security operations environment, reducing the number of management consoles that administrators have to learn and maintain.

Flexible Implementation Options

Enables developers to use NIST standard solutions for both Advanced Encryption Standard (AES) and format preserving encryption (FPE), which helps organizations implement encryption without changing the database schema. IBM Guardium for Application Encryption features a library that implements a subset of the PKCS#11 APIs.

Scalable Batch Data Transformation Utility

Customers can also take advantage of the Batch Data Transformation Utility as part of IBM Guardium for Applicatoin Encryption. Batch Data Transformation helps organizations encrypt large data sets without lengthy maintenance windows and downtime—and without changing applications, networking configurations, or storage architectures.

Technical details

Software requirements

Guardium for Application Encryption requires a virtual data security module (DSM) virtual appliance depolyed on a VMWare hypervisor (ESXi Server 5.5 or higher).

The DSM virtual appliance may require additional resources based on the number of agents that are being managed.

There are no specific system requirements as the SDK runs as a shared library as part of the customer’s application.

  • DSM Number of CPU Cores: 2 (min) and 6 (recommended)
  • DSM RAM: 4-16 GB minimum
  • DSM Hard Disk space: 100-200 GB
  • Agent server OS: Windows, Linux, & Unix - Please talk to an IBM expert for more information

Hardware requirements

See software requirements.