Agents (Encryption Endpoints)

Agents are devices or applications that use cryptographic keys to encrypt and decrypt data.

Agents obtain encryption key material from OKM over a secure (TLS) session and communicate with KMAs through the agent API (a set of software interfaces incorporated into the agent hardware or software). See How Agents Retrieve Keys from a KMA.

Agents must remain connected to the OKM network in the event an encryption key is needed. KMAs and agents can be logically grouped to create a site, where agents reference KMAs within the site to which they are assigned. Always install and test encryption end points before adding the encryption capability to them.

Types of endpoints include:

• Oracle Database with Transparent Data Encryption (TDE)
• Oracle Solaris 11 ZFS Encryption
• ZFS Storage Appliance
• Encryption Capable Tape Drives

See also: Enroll Agents.