EMBASSY® Key Management Server

To specialize your search, enter a keyword, phrase or question in the box below.

Frequently Asked Questions

Click on the question to show the answer. Expand All Answers

1. How do you administer EKMS?

   EKMS's administrative interface is through a Microsoft Management Console (MMC) snap-in application. EKMS Administrators are conventional domain members with privileges to execute actions through the EKMS console.

2. What is Key Transfer Manager (KTM)?

   Key Transfer Manager (KTM) is a key archive system for end-users and enterprises that need a simple, yet fully featured method to securely archive, restore, and transfer these keys and some associated data. When used with Wave's EMBASSY Key Manager Server (EKMS), enterprises have a way to manage this critical issue easily accross their network.

3. How does EKMS work with KTM?

   The Key Transfer Manager (KTM) client software formats the TPM-secured keys, certificates and passwords into individual migration packages and securely transmit them to the server for storage and subsequent recovery. Retrieval of the archived information requires authorized access based upon company's seucrity policy settings.

4. What is EMBASSY Key Manager Server?

   EMBASSY Key Manager Server (EKMS) is a server software product for secure backup and restoration of protected keys from one TPM-enabled system to another, according to seucrity policies defined on the server.

5. We want to install the Embassy Key Management Server, but our domain controller is NT4. If we install EKMS on a Windows 2003 server, can we use it in a mixed environment with a domain controller that isn't Windows 2003?

   These are several possible scenarios for EKMS installs; (1)Domain type is Win 3K Native or raised into 3k, the Active Directory schema is 3k, EKMS support=yes, Difference in install. Policy will be deployed into AD. (2)Domain type is Win 3K Mixed, the Active Directory schema is 2k, EKMS support-yes, Difference in install. Policy will be deployed into AD. (3)Domain type is Win 2K, the Active Directory schema is 2k, EKMS support-yes, the Difference in install. Policy will be deployed into XML file.

6. Is extended support available?

   Yes. Wave Systems offers options for support and maintenance to help IT organizations in their setup, configuration, integration or ongoing maintenance of the Embassy Key Management Server. Contact Wave Systems through the Online Support Request Form or by calling (877) 228-WAVE for more details.

7. What are some of the other features that the EKMS provides?

   The EKMS also provides key backup policy enforcement, two methods for enabling key sharing between users and groups, key distribution and key escrow. Please review the documentation or contact Wave Systems for more information.

8. How does the EKMS fit into my network environment?

   EKMS runs on Windows 2003 Server and works in conjunction with Microsoft Active Directory.

9. What are the advantages of using the Embassy Key Management Server (EKMS) over stand-alone KTM clients?

   The Embassy Key Management Server allows an IT organization to manage and control the backup of sensitive TPM key information, rather than leaving it up to individual users. The security of managing the TPM key archive and recovery process through the EKMS is increased. Management of PCs containing TPM chips is much easier through using EKMS and productivity is better during the times when keys need to be restored due to platform malfunction or replacement.

Additional Support

If you need additional information, please submit a Support Request Form. Customer Service will contact you within one business day with a response to your inquiry. To ensure quality customer service, please include your email address and a detailed description of the issue/inquiry.

Support Request Form