Description of the illustration okvag_vm_004.png

This figure describes the Key Vault deployment architecture.

• In the center is the Key Vault Software Appliance connected to components on the left and the right.

• On the left are the following endpoint components reading from the top down:

  • Endpoint okvutil utility for backup and restore operations for credential files and wallets

  • Endpoint library, with the PKCS#11 library using a direct connection with KMIP for TDE

  • Endpoint, a third-party KMIP client

  All three endpoint components are connected to the Key Vault software appliance (Primary), through KMIP over Transport Layer Security (TLS)

• On the right are the following three components reading from the top down:

  • The browser-based Key Vault management console connected to Key Vault over HTTPS

  • Standby Oracle Key Vault Appliance (Failover), through Data Guard over TLS

  • Remote Backup Location, through a secure copy protocol (SCP) connection