RSA SRC FAQs RSA Data Protection Manager FAQs

May 2012

Frequently Asked Questions:

RSA Data Protection Manager 3.2 FAQs
Purpose of this Document
The purpose of this document is to provide clarity for the launch and product
details for RSA Data Protection Manager 3.2.

General Questions
What is being announced?
RSA is announcing its next-generation Data Protection Manager (DPM) platform that
combines our tokenization technology with our industry-leading application encryption to
give customers a comprehensive data protection suite for applications and the datacenter.
The latest release introduces server-side support for the Key Management Interoperability
Protocol (KMIP) along with a web services API for tokenization. Read below for more
information.

When was Data Protection Manager 3.2 released for GA?

RSA Data Protection Manager (DPM) 3.2 was made GA on June 11, 2012.

When is the external release date for DPM 3.2?

The external release date is scheduled for May 16, 2012. A press release focused on
KMIP was publicized.

Feature Questions
What are the major features available with this release?
This release introduces server-side KMIP support as well as a web services API for
tokenization.
The web services API for tokenization is something our customers have been asking for,
as this makes tokenization easier to implement. It joins C and Java as tokenization APIs.

What is KMIP?
KMIP stands for Key Management Interoperability Protocol. RSAs Bob Griffin is co-chair
of the OASIS KMIP Technical committee, and has been instrumental in leading the
development of this protocol. RSA is implementing this in our own DPM servers in order
to promote and further the adoption of KMIP in the market. KMIP enables a customer to
take advantage of a single protocol for key management, allowing them to leverage one
key management infrastructure instead of multiple, disparate systems. Imagine a
customer who has one key management system for tape, one for applications, one for
databases; now imaging all of the management and overhead that comes with three

RSA ConfidentialInternal Use Only

RSA SRC FAQs RSA Data Protection Manager FAQs

May 2012

separate systems. KMIP enables the customer to centralize and consolidate those,
leveraging one management platform instead of three.
In order for a customer to take advantage of KMIP, the endpoints in their environment
would have to be KMIP-enabled, just as our server now is. The more KMIP-enabled
endpoints, the more systems they will be able to manage from DPM. This protocol is still
in its infancy stage, but we do see it picking up in the market.

Do any of our competitors offer KMIP?

Yes, SafeNet and IBM both claim to offer KMIP-enabled servers. We believe KMIP-enabled
endpoints will become more prevalent as more key management servers become KMIPenabled and as more and more customers realize the potential of this protocol.

Why a web services API for tokenization?

The web services API for tokenization is something our customers have been asking for,
as this makes tokenization easier to implement. It joins C and Java as tokenization APIs,
giving customers more flexibility in choosing how to integrate tokenization into their
environments.

Is DPM 3.2 available as an appliance?

Yes, DPM 3.2 is available as an appliance, both virtual and hardware. It is also available in
the server form factor.

What databases are supported with DPM 3.2?

Please refer to product documentation.

Pricing and Licensing Questions

What is the pricing model for DPM 3.2?
The pricing model for DPM 3.2 is the same as that of DPM 3.1. The product is still priced
per application and is a client-server model. Customers decide if they want encryption,
tokenization, or both (the hybridApplication Data Protection) at the time of licensing. For
more details, see the pricing documentation on the SRC.

What are the SKUs I should use when quoting?

There are no new SKUs for DPM 3.2.

How are datacenter integrations priced with DPM 3.2?

Key management for the datacenter integrations are priced exactly as before. If a
customer purchases the DPM hardware appliance, they still need to purchase client-side
licenses for managing keys from datacenter devices, exactly as before.

Other Questions
How is this different than the old tokenization product that was
available?

RSA ConfidentialInternal Use Only

RSA SRC FAQs RSA Data Protection Manager FAQs

May 2012

The tokenization offering that we had on the market throughout 2010 was originally
developed by Professional Services as a standalone token server that leveraged RSA Key
Manager. With DPM 3.0, we merged the capabilities of tokenization, application
encryption, and key management into the same server for our customers. DPM 3.1
furthers the productization of tokenization by adding this feature to both the hardware and
virtual appliance. DPM 3.2 adds an easier-to-deploy API for tokenization (web services).

How is this different than TransArmor?

TransArmor is a service provided by FirstData Corporation that leverages our tokenization
technology. DPM 3.2 is an RSA product release. For more information on this, contact
Rob Sadowski.

How is this different than SafeProxy?

SafeProxy is offered through Professional Services and is the architecture used by
FirstData for their deployment. It is not a product, but rather a method of protecting
sensitive data. DPM is a product that can be used to implement the SafeProxy
architecture.

Do I still have to go through the FirstData approval process when

selling DPM?
Yes, the same approval process still exists.

Can tokenization be used for more than credit card numbers?

Yes. Tokenization can be applied to any data that is of alpha-numeric format (i.e. social
security numbers, bank account numbers, credit card numbers). PII and PHI use cases are
starting to spring up; customers are realizing that tokenization is not just for credit cards.
We are actively promoting the expanding value and changing nature of tokenization with
the market, analysts and customers.

Who can I contact for more information?

For Product-related questions:

Siva Subramaniam, Product Management, Sivakumar.subramaniam@rsa.com

Sudhir Muthuraj, Product Management, Sudhir.muthuraj@rsa.com
Liz Robinson, Product Marketing, Elizabeth.robinson@rsa.com

RSA ConfidentialInternal Use Only