Fortanix® Inc., the Runtime Encryption® company, today announced it has partnered with F5 to deliver cloud-scale hardware security module (HSM) and advanced key management service (KMS) capabilities for BIG-IP ® and NGINX ® customers. With the company’s growing portfolio of FIPS-compliant offerings, F5 customers can now leverage the Fortanix Self-Defending Key Management Service™ for FIPS 140-2 level 3 security to protect encryption keys, securely migrate to the cloud, and scale to meet their cloud-scale performance requirements.
“Key Management Services and Hardware Security Modules are critical components of managing, securing, and scaling TLS encryption,” said Frank Strobel, Director, Cybersecurity Alliances at F5. “A KMS/HSM solution needs to be cloud-agnostic, secure, scalable, and available to handle crypto operations offloaded from web applications deployed on a variety of platforms across the globe.”
The Fortanix solutions for BIG-IP and NGINX each deliver a cloud-scale data security platform that provides cryptographic services, shared secrets, and tokenization across cloud and on-premises environments from a single centralized point of management, control and audit. With this partnership, F5 customers benefit from a single integrated HSM and KMS platform across BIG-IP or NGINX deployment architectures to ensure that cryptographic operations are secure, provide optimal performance, and scale to execute cryptographic operations across on-premises, hybrid cloud and public cloud deployments.
“We are pleased to highlight this partnership, and that Fortanix now offers Self-Defending KMS to secure the encryption keys of our customers across on-premises and cloud,” added Strobel. “With Fortanix, joint customers benefit from cloud-scale HSM and KMS solutions that meet advanced performance requirements, provide military grade protection, and support a variety of on-premises, cloud and multi-cloud environments.”
F5® solutions, including BIG-IP and NGINX, provide critical SSL/TLS encryption services, which require HSM and KMS capabilities to execute and protect the cryptographic operations and keys. As more F5 customers expand from on-premises systems to cloud environments—and seek to use software offerings such as BIG-IP Virtual Edition and NGINX Plus —they realize significant advantages with an HSM and KMS solution that supports both environments. This approach avoids implementing separate systems, which is costly, complex, and increases the risk of security incidents. Fortanix Self-Defending KMS integrates with both BIG-IP and NGINX deployments on premises and across multiple cloud environments to store and manage all the SSL keys and perform additional crypto operations when called by F5 platforms.
“F5 is a leader in application services, and like so many companies today, they are addressing customer challenges around migrating encryption systems and keys from on-premises to hybrid, public and multi-cloud environments,” said Patrick Conte, Vice President of Business Development. “We are excited to partner with them to offer our scalable and high-performance data security solutions to support the evolving needs of multi-cloud and hybrid cloud BIG-IP and NGINX customers.”
The Fortanix integrations with F5 and NGINX are available immediately. For more information, see the blog Cloud-Scale HSM and Key Management for BIG-IP and NGINX TLS.
- Integrating Fortanix SDKMS with the BIG-IP
- Integrating Fortanix Self-Defending KMS with NGINX and NGINX Plus
- Lightboard Lesson: Secure, Scalable, Multi-cloud Key Management for F5 BIG-IP and NGINX Plus
Fortanix unlocks the power of organizations’ most valuable data by securing it throughout its lifecycle, on premises and in the cloud. Fortanix provides unique deterministic security by encrypting applications and data everywhere – at rest, in motion, and in use with its Runtime Encryption® technology built upon Intel® SGX. Fortanix secures F100 customers worldwide and powers IBM Data Shield and Equinix SmartKey™ HSM-as-a-service. Fortanix is venture backed and headquartered in Mountain View, Calif. For more information, see https://fortanix.com/
Fortanix and Runtime Encryption are registered trademarks of Fortanix, Inc. Self-Defending Key Management Service is a trademark of Fortanix, Inc. All other marks and names mentioned herein may be trademarks of their respective companies.
FIPS 140-1 and FIPS 140-2 TM: A Certification Mark of NIST, which does not imply product endorsement by NIST, the U.S. or Canadian Governments