Management Zones

CyberArk Trust Protection Foundation gives administrators the ability to manage which servers provide services for which objects in the Policy tree. This distribution of services is handled at the Policy level. If there are multiple CyberArk Trust Protection Foundation servers in your encryption environment, you can assign different servers, or “processing engines,” to each Policy object. That server will then run the services for the Policy’s subordinate objects.

This functionality is particularly useful in WAN environments where you want the local CyberArk Trust Protection Foundation server at each site to manage processing for the local certificates and keys.