End-of-Life for Vormetric Data Security Manager: Choose the Better Alternative

As an IT leader or security professional, you may have encountered a frustrating situation: after investing considerable budget and effort in a business-critical security product, the vendor announces its end-of-life (EOL). Now, you're faced with several critical questions:

- How much work will be migrating take?

- What will the costs be?

- How will I train my team?

- Is the upgrade/migration as straightforward as the vendor claims?

If you are facing this difficult migration, you should be sure to do your due diligence and evaluate all your options. In this blog, I share some of the challenges you might face in migrating to CipherTrust, and some of the advantages of the Fortanix alternative.

The End of an Era for Vormetric

On April 16, 2021, Thales officially announced the EOL for the Vormetric Data Security Platform (DSP), giving affected customers until June 2024 to migrate to CipherTrust or find alternatives.

Challenges with Migrating to CipherTrust

Migrating from Vormetric to CipherTrust is not a trivial task. The cost of Thales CipherTrust is significantly higher than Vormetric, and if you purchased the appliance in 2020 or 2021, you might face a forced infrastructure replacement, effectively paying twice.

Moreover, whether you chose an alternative from Thales, or another vendor, you will still have to update or completely rewrite core management assets like runbooks, standard operating procedures (SOPs), and architecture/design documents.

A migration to CipherTrust has some clear disadvantages, such as:

• Ease of day-to-day operations due to lack of remote management (IPMI) which impacts things such as disaster recovery drills, periodic maintenance, etc.
• Enterprise risk in managing PIN Entry Device which if lost can be disasterous
• Backward compatability of KMIP (Key Management Interoperability Protocol) versions
• Scalability of underlying Luna HSM

If you use Thales for capabilities beyond Transparent Encryption, such as Cloud Key Management (CCKM), Application Encryption (VAE), or Tokenization Server (VTS), you'll need comprehensive migration plans for each of those products as well.

Fortanix: A Better Vormetric Alternative

For those looking to transition away from Thales, Fortanix offers a compelling solution. Fortanix's File System Encryption, running on our unified Data Security Manager platform, provides equivalent capabilities to Thales with significantly reduced operational burdens. Major players in financial services and healthcare have successfully migrated to Fortanix with effort.

Why Switch to Fortanix?

Fortanix is a trusted partner to leading organizations for key management and hardware security modules, and encryption, offering significant advantages over Thales.

1. Stay Ahead with Advanced Technology: Fortanix uses advanced cryptography and confidential computing, integrating seamlessly with modern tech stacks and eliminating the need for multiple HSM and KMS devices. Load balancers and quorum-based deployment streamline capacity across nodes.

2. Simplify Maintenance: Operating at the OS level, Fortanix File System Encryption avoids kernel-level challenges (such as continuous OS maintenance patching, etc.), ensuring smoother OS upgrades and reduced maintenance complexities. The Fortanix Data Security Manager includes IPMI support for disaster recovery.

3. Regulatory Compliance: Fortanix meets regulatory standards like PCI DSS, Singapore Monetary Authority, etc. Fortanix offers comprehensive key governance and addresses audit log inconsistencies when working at the partition level.

4. Cloud and On-Premise Flexibility: As enterprises move to the cloud, Fortanix provides scalable cloud encryption solutions, supporting both SaaS and physical deployments for flexible and compliant implementation.

5. Reduce Operational Burden: Fortanix is designed to support load balancing, so it efficiently uses all the appliances deployed, minimizing the need for additional appliances. This is in stark contrast to Thales where the traffic is concentrated on the primary node. This architecture has significant upfront and ongoing cost savings.

Conclusion

Facing the EOL of the Vormetric Data Security Platform requires careful planning and consideration, it is the right time to explore Fortanix and take the advantage of best vormetric alternaitves, ensuring your data security infrastructure remains robust and compliant for the next coming years.

By asking the right questions and evaluating all options, you can implement this transition and maintain the integrity of your data protection strategy.

For more information, refer to “Fortanix File System Encryption” or contact us!