KMS Integration and Compatibility Guide
Validated Key Management Server (KMS) integrations and supported software versions for the Hitachi VSP One Block storage models
Validated Key Management Server (KMS) integrations and supported software versions for the Hitachi VSP One Block storage models
The following KMS vendors and models, along with their supported versions, have been validated for integration with Hitachi VSP One Block storage models
Thales | CipherTrust Manager k170v CipherTrust Manager k470v CipherTrust Manager k570 Supported version: v2.14 |
Entrust | KeyControl Supported version: v10.2 |
IBM | Security Guardium Key Lifecycle Manager Supported version: v4.2.1 |
Utimaco | Virtual Enterprise Secure Key Manager Supported version: v8.52 |
Fortanix | Data Security Manager Supported version: v4.19 |
Fortanix | VaultCore Supported version: v2.6.2 |
The following Hitachi VSP One Block models are compatible with the validated KMS integrations:
For detailed integration steps and guidelines, refer to the KMS integration documents listed below:
Thales CipherTrust Manager: | Integration Guide - v2.14 |
Entrust KeyControl: | Integration Guide - v10.2 |
IBM Security Guardium Key Lifecycle Manager: | Integration Guide - v4.2.1 |
Utimaco Security Guardium Key Lifecycle Manager: | Integration Guide - v8.52 |
Fortanix Data Security Manager: | Integration Guide - v4.19 |
Fornetix VaultCore: | Integration Guide - v2.6.2 |
The purpose of this policy is to establish a method all Hitachi Vantara customers and external stakeholders should follow to report any potential vulnerabilities and threats.
This policy’s objective is to ensure Hitachi Vantara’s customers trust by continuously addressing potential vulnerabilities and threats to reduce potential risks that may have an impact to Hitachi Vantara operations, infrastructure, and services.
This policy applies to all divisions and geographies, unless noted otherwise within this document, and is intended for all employees with a direct or indirect relationship with customers and third parties to whom Hitachi Vantara does business.
The following situations are excluded from this policy:
3.1. Any Hitachi Vantara customer or third party may submit a report to notify about potential vulnerabilities or threats. A report submission should include the following information, but not limited to:
3.2. Contact information to report any potential vulnerability or threat:
3.3. With the agreement of the reporting customers or third party, Hitachi Vantara must recognize the customer or third party with credit for the discovery of the vulnerability as part of the official Hitachi Vantara process. Hitachi Vantara does not have a “Bug Bounty” program in place. Therefore, Hitachi Vantara does recognize the vulnerability researchers through the vulnerability (CVE - Common Enumeration of Vulnerabilities) publication when applies, or a recognition letter for their contributions.
3.4. Hitachi Vantara’s product vulnerability handling generally consists of the following:
While Hitachi Vantara makes all effort to timely remediate vulnerabilities posing a high risk for Hitachi Vantara, its customers, and third parties, remediation times may vary depending on vulnerability complexity or threat conditions. Assuming the reported information is not known publicly, it is the intention of the customer or third-party reporting a vulnerability and Hitachi Vantara do not release any related information until there is remediation.
The information contained herein is subject to change at any time without notice. The statements in this policy do not modify, supersede, or otherwise amend any customer rights, obligations, or terms between Hitachi Vantara LLC and any other party. The use of the information or links included in this policy is done at your own risk.