Key Orchestration™ is a policy-driven key management solution that automates and simplifies the entire key lifecycle

Key Orchestration simplifies the key management process through automated encryption key management, making it easier to implement, resulting in better security. Key Orchestration was built on a fully-distributable, highly-scalable architecture, which supports clustering and backup/restore processes, while enforcing FIPS 140-2 compliant security standards – separating duties and allowing users to only have access to the parts of the key management process for which they are responsible.


Key policies define the rules around the who, what, when, where, and how of key lifecycle management.


Compositions and Jobs automate key generation, activation, rotation, and revocation.


Audit and tracking features extend your operational security posture by allowing fast and detailed event analysis.


Keys are managed via hierarchies and groups and can be applied to one or more devices.

What is interoperability?

Historically, encryption key management on separate devices is a manual, limiting, and costly process. However, as the need for encrypting data at rest and in motion grows, so does the need for a standard way to manage data encryption keys. When not managed properly, enterprises are not using the full ability of encryption, therefore, lending themselves to vulnerablility.

KMIP was created to help bring devices together by providing a standard protocol that allows devices (clients) to talk to centralized key management servers. Key management interoperability and KMIP allow you to:

  • Centralize and automate key management functions
  • Save operational time and money
  • Secure your enterprise
  • Avoid costly data breaches
  • Reduce cost of network change management

We work with you, not against you

At Fornetix, we are interoperability evangelists. Interoperability is crucial in providing effective and affordable key management. Our Key Orchestration Appliance, Clients, and Agents are KMIP-compliant.

As KMIP adoption grows and compliance becomes more prevalent, devices that are KMIP compliant can be quickly and easily integrated into Key Orchestration -- minimizing change management costs.

  • In cases where a client can be installed, the Key Orchestration Client provides KMIP interoperability.
  • In cases where a client cannot be installed, the Key Orchestration Agent provides KMIP interoperability by being a proxy to any device that does not talk KMIP.
  • In cases where neither the Key Orchestration Client or Agent can adequately communicate with an encryption device, Key Orchestration’s RESTful API and KMIP protocol builds custom applications that interoperate with the Key Orchestration Appliance.