skip to Main Content

Trusted Security Foundation® (TSF®) Key and Policy Manager

Centralized and vendor-neutral encryption key management solution, designed to easily address the toughest challenges in key management

Product Sheet
IMG 8722 1 RU SIDE 503

TSF Key and Policy Manager Overview

Encryption key management is one of the most complex challenges in data security.
To have a successful enterprise-wide encryption solution, building Enduring Trust® with our centralized and highly compatible key and policy management solution to manage keys and implement policies that appropriately control access and privileges.

The Trusted Security Foundation (TSF) key and policy manager is fully interoperable and can seamlessly integrate with legacy devices, reducing the overall cost of your security system, while providing stronger encryption solutions for data in use, in motion or at rest. The TSF also allows centralized key and policy management with full key lifecycle management, and usage and policy controls enabling strong and comprehensive end-to-end encryption.

TSF supports the OASIS Key Management interoperability protocol (KMIP) and is tested with many third-party devices, applications and environments.


Key Management
Best Practices

Learn important concepts for cryptographic key management and how they are met by QuintessenceLabs encryption key management and policy management solutions

Read more

Data Security

Learn how QuintessenceLabs provides all-in-one security solutions that address key and policy management challenges, while delivering quantum resilience for the future

Read more


Vendor-neutral enterprise
key and policy manager

Speak with a QuintessenceLabs expert to learn how our TSF
can work with your existing devices to give you stronger enterprise-wide data protection

TSF Specs

• Secure replication of policies and managed cryptographic objects — up to 16 nodes per replication group
• Supports both synchronous and asynchronous replication

Cryptography & Security:
• FIPS 140-2 Level 3 cryptographic modules
• Supports one-time pad (OTP), symmetric key and asymmetric key ciphers, key derivation, random objects, and certificates
• Granular, hierarchical and auditable access control
• Attended and unattended secure startup
• Event log, audit log, date and time of transaction, management and user reports
• Thousands of end-client systems per node, 8,000 key requests/minute per node

Standards & Interoperability:
• OASIS KMIP: Conformant with standards 1.0/1.1/1.2/1.3/1.4/2.0
• Supports PKCS#11 over KMIP via qClient 100
• Fully implements all requirements in NIST SP800-57 Part 1
Common Criteria EAL 2 certified

TSF Benefits

• Centralized management of cryptographic objects with full lifecycle, usage and policy controls
• Fully interoperable, protects data at rest, in transit and in use
• Seamlessly integrates into legacy infrastructure
• Enables strong end-to-end encryption
• Cost-effective
• Flexible configuration, can be deployed as a separate appliance or virtual machine

Integrating TSF

TSF is part of a comprehensive portfolio of data protection products which can be deployed separately or together



Get the best quality cryptographic keys to strengthen your encryption with our high speed random number generator

Learn more



Protect confidential information in uncontrolled environments with our one-time pad encryption and automatic key destruction known as “Virtual Zeroization”

Learn more



Integrate our powerful and secure cryptographic key manager into any application with our software development kit (SDK)

Learn more

TSF® Key and Policy Manager Portfolio

TSF® 100

A key and policy manager virtual machine for easy and quick integration. Delivered with our qClient 100 SDK.

Read more

TSF® 200

A  key and policy manager hardware appliance. Delivered with our qClient 100 SDK.

Read more

TSF® 300

An appliance that combines the qStream 100 QRNG random number generator with the advanced TSF key and policy manager. Delivered with our qClient 100 SDK.

Read more

TSF® 400

A highly secure platform combining our top products with unrivaled capabilities to deliver an integrated and centrally managed solution. The TSF appliance integrates our advanced key and policy manager and high-speed quantum random number generator (QRNG) with a hardware security module (HSM).  Delivered with our qClient 100 SDK.

Read more

Product Resources