Release Change History

The following changes were made in past DataControl/KeyControl releases. For details about the current DataControl/KeyControl release, see https://www.hytrust.com/docs. For details about previous releases, visit our Customer Portal at https://www.hytrust.com/support.

Changes in Release 5.3

Upgrade Path: For HyTrust KeyControl, upgrade to 5.3 is allowed from version 5.2 and 5.2.1 only. For the HyTrust DataControl Policy Agent, upgrade to 5.2 is allowed from release 5.0, 5.1, 5.1.1, 5.1.2, 5.2, and 5.2.1. For details, see KeyControl Upgrades and Policy Agent Upgrades.

Changes in this release:

  • Added support for Luna Cloud HSM.

    • You can now use the Luna Cloud HSM as a single HSM or in a cluster with Luna HSM.
    • You can now encrypt KMIP objects with keys stored in the Luna Cloud HSM.
  • You can now add a Key Encryption Key (KEK) to an existing Cloud VM Set.
  • The htadmin user can now reset the credentials for the Security Administrator (secroot) account. If you do not want to allow htadmin to reset the secroot credentials, you can disable this option.

  • You can now set an expiration date for the secroot user account or set it to never expire.

Changes in Release 5.2

Upgrade Path: For HyTrust KeyControl, upgrade to 5.2 is allowed only from release 5.1.1. For the HyTrust DataControl Policy Agent, upgrade to 5.2 is allowed from release 5.0, 5.1, 5.1.1, and 5.1.2. For details, see KeyControl Upgrades and Policy Agent Upgrades.

Changes in this release:

  • Security administrators can now enforce two-factor authentication for all users. Two-factor authentication is now supported for all -managed user accounts that use local, RADIUS or LDAP authentication, as well as Active Directory users who access KeyControl using their AD login.
  • KeyControl clusters now use certificate-based cluster authentication to join nodes to a cluster and communicate between nodes.
  • You can now use the nShield Connect HSM as a System HSM.
  • You can now encrypt KMIP objects with keys stored in either IBM HPCS, the nShield Connect HSM, or the SafeNet Luna HSM.
  • KeyControl now takes snapshots before you upgrade. You can delete them if you need more space in your system.
  • You can now uninstall on Windows silently.
  • The new secrets vault provides centralized secure storage for managing and controlling access to secrets required to access systems and resources.
  • You can now deploy and run DataControl/KeyControl from the Google Cloud Platform (GCP).