EncryptRIGHT® Architecture

Client-Server Architecture

EncryptRIGHT has a modular Client/Server architecture designed for scalability and resiliency to meet the data protection needs of any size enterprise. EncryptRIGHT clients, installed throughout the enterprise and cloud, support most cryptographic functions of EncryptRIGHT locally. EncryptRIGHT data protection policies (DPP) are centrally defined in the Master Server and rolled out to each additional server and client across the enterprise and cloud, ensuring that each function of data protection is executed in accordance with its up-to-date policy.

ER-Architecture-new-graphic1

Designed for Compatibility

With out-of-the-box compatibility with IBM Mainframe (z/OS), IBM i (OS/400), Linux (RHEL), Solaris (SPARC), IBM AIX, and Windows, EncryptRIGHT is designed to deploy quickly wherever applications reside, without complex customization.

ER Architecture new graphic2

Designed for Scalability

Additional EncryptRIGHT® servers can be deployed to share the processing workload with the Master Server and for redundancy should any server fail. These servers can also assist in rolling out policies to EncryptRIGHT clients.. Redundant Master Servers synchronize all of the definitions and logic of EncryptRIGHT Master Server and can be promoted to become the Master Server, should the Master Server fail.

Hardware Security Module Integration

While EncryptRIGHT contains full cryptographic functionality in software, enterprises can also leverage optional integration with general purpose hardware security modules (HSMs) that support the PKCS#11 standard, for a FIPS 140-2 compliant solution. Using the PKCS#11 standard, EncryptRIGHT can integrates to with HSMs on premise, in the cloud or hosted as a service for hardened key management cryptographic functionality, depending upon the needs of the enterprise.

Prime Factors is an authorized reseller of nCipher general purpose HSMs. If you have questions or need a quote on an nShield HSM, contact us.