EncryptRIGHT® Architecture

Client-Server Architecture

EncryptRIGHT has a modular Client/Server architecture designed for scalability and resiliency to meet the data protection needs of any size enterprise. EncryptRIGHT clients, installed throughout the enterprise and cloud, support most cryptographic functions of EncryptRIGHT locally. EncryptRIGHT data protection policies (DPP) are centrally defined in the Primary Server and rolled out to each additional server and client across the enterprise and cloud, ensuring that each function of data protection is executed in accordance with its up-to-date policy.

ER-Architecture-2020-1

Designed for Compatibility

With out-of-the-box compatibility with IBM Mainframe (z/OS), IBM i (OS/400), Linux (RHEL), Solaris (SPARC), IBM AIX, and Windows, EncryptRIGHT is designed to deploy quickly wherever applications reside, without complex customization.

ER-Architecture-2020-2

Designed for Scalability

Additional EncryptRIGHT® servers can be deployed to share the processing workload with the Primary Server and for redundancy should any server fail. These servers can also assist in rolling out policies to EncryptRIGHT clients. Redundant Primary Servers synchronize all of the definitions and logic of EncryptRIGHT Primary Server and can be promoted to become the Primary Server, should the Primary Server fail.

Hardware Security Module Integration

While EncryptRIGHT contains full cryptographic functionality in software, enterprises can also leverage optional integration with general purpose hardware security modules (HSMs) that support the PKCS#11 standard, for a FIPS 140-2 compliant solution. Using the PKCS#11 standard, EncryptRIGHT can integrates to with HSMs on premise, in the cloud or hosted as a service for hardened key management cryptographic functionality, depending upon the needs of the enterprise.

Prime Factors is an authorized reseller of nCipher general purpose HSMs. If you have questions or need a quote on an nShield HSM, contact us.