diff --git a/source/core/security-encryption-at-rest.txt b/source/core/security-encryption-at-rest.txt index b81bd63e410..7f9caeecd11 100644 --- a/source/core/security-encryption-at-rest.txt +++ b/source/core/security-encryption-at-rest.txt @@ -107,38 +107,9 @@ Application Level Encryption Application Level Encryption provides encryption on a per-field or per-document basis within the application layer. To encrypt document or field level data, write custom encryption and decryption routines or -use a commercial solution such as the `Vormetric Data Security -Platform -`_. +use a commercial solution. -.. _third-party-storage-encryption: - -Third Party Storage Encryption ------------------------------- - -A number of third-party libraries can integrate with the operating -system to provide transparent disk-level encryption. For example: - -- Linux Unified Key Setup (LUKS) - LUKS is available for most Linux distributions. For configuration - explanation, see the `LUKS documentation from Red Hat`_. - -- IBM Guardium Data Encryption - `IBM Guardium Data Encryption`_ provides support for disk-level - encryption for Linux and Windows operating systems. - -- Vormetric Data Security Platform - The `Vormetric Data Security Platform`_ provides disk and - file-level encryption in addition to application level encryption. - -- Bitlocker Drive Encryption - `Bitlocker Drive Encryption`_ is a feature available on Windows - Server 2008 and 2012 that provides disk encryption. - -.. _`LUKS documentation from Red Hat`: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/sec-Encryption.html -.. _`Vormetric Data Security Platform`: http://www.vormetric.com/sites/default/files/sb-mongodb-letter-2014-0611.pdf -.. _`IBM Guardium Data Encryption`: http://www-03.ibm.com/software/products/en/infosphere-guardium-data-encryption -.. _`Bitlocker Drive Encryption`: http://technet.microsoft.com/en-us/library/hh831713.aspx +.. includes:: /includes/partners-security.rst .. class:: hidden diff --git a/source/includes/partners-security.rst b/source/includes/partners-security.rst new file mode 100644 index 00000000000..d3db26db6a9 --- /dev/null +++ b/source/includes/partners-security.rst @@ -0,0 +1,5 @@ +For a list of MongoDB's certified partners, +refer to the `Partners List `_. +To view security partners, select "Security" from the +:guilabel:`Technology` filter, and "Certified" from the +:guilabel:`Certified` filter. diff --git a/source/tutorial/configure-encryption.txt b/source/tutorial/configure-encryption.txt index 936fdc8d058..ae5065e26a0 100644 --- a/source/tutorial/configure-encryption.txt +++ b/source/tutorial/configure-encryption.txt @@ -46,9 +46,10 @@ stored in the key manager. MongoDB Enterprise supports secure transfer of keys with Key Management Interoperability Protocol (KMIP) compliant key management appliances. -While any appliance vendor that provides support for KMIP is expected -to be compatible, MongoDB has certified against SafeNet KeySecure and -Vormetric Data Security Manager (DSM). +Any appliance vendor that provides support for KMIP is expected +to be compatible. + +.. includes:: /includes/partners-security.rst .. admonition:: Recommended @@ -59,12 +60,10 @@ Vormetric Data Security Manager (DSM). Prerequisites ~~~~~~~~~~~~~ -- Your key manager must support the KMIP communication protocol, such - as Vormetric DSM and Safenet KeySecure. +- Your key manager must support the KMIP communication protocol. -- For Vormetric or Safenet, you must have a valid certificates issued - by the specific appliance vendor in order to authenticate MongoDB to - the KMIP server. +- To authenticate MongoDB to a KMIP server, you must have a valid + certificate issued by the key management appliance. .. _encrypt-with-new-key: