Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

CipherTrust Manager Lifecycle and Support

CipherTrust Manager Release Model

search

CipherTrust Manager Release Model

CipherTrust Manager distributes new firmware releases regularly on a predictable schedule to give customers the benefit of new functionality and bug fixes while allowing time to plan upgrades.

copy link to clipboardVersion Numbering

CipherTrust Manager firmware releases follow semantic versioning conventions. Version numbering format is <MAJOR>.<MINOR>.<PATCH>.

Most releases are minor versions and patches on minor versions, to introduce new functionality without breaking backward compatibility.

copy link to clipboardRelease Schedule and Support Time Frame

Starting with the 2.11.x release, a minor version is designated either a Long Term Support (LTS) Release or a Feature Release (FR).

The following table summarizes the release schedule and support time frame differences between the two release types:

Release CharacteristicFuture LTS versionsFR version
Technical Support TimeframeFour yearsTwo years
PatchesFour scheduled patches for two yearsAs needed for the current latest FR version only
Best strategy to fix bugsUpgrade to scheduled patchesUpgrade to the next minor release
CipherTrust Manager model supportEvery CipherTrust Manager model is supportedCipherTrust Manager k160 supported only on selected FR versions

  • Long Term Support Releases are enterprise-grade releases focused on stability. The CipherTrust Manager interfaces display the version with the suffix LTS. Future LTS releases will have the following characteristics:

    • Each LTS release will have four scheduled patches, which include the latest security fixes and other critical or low-risk functional fixes. These patches will be released twice a year for the two years following the initial release.

    • Technical support continues for four years past the original release. This support consists of updates to the support portal knowledge center, and availability of Thales technical staff to help troubleshoot problems. After the first two years, Thales will no longer issue further patches or bug fixes, and will provide technical support only.

    Note

    We are currently determining the schedule and designation for the next LTS release. We will update this page with that information as soon as it is finalized.

  • 2.11.x-LTS Release is the first LTS release. We have made some adjustments the standard LTS release model for 2.11.x.

    • There are seven scheduled patches, continuing into Q3 2025.

      Note

      2.11.6 was an unscheduled, hot fix release.

    • Technical support, consisting of updates to the support portal knowledge center, and availability of Thales technical staff to help troubleshoot problems, extends four and a half years into Q3 2027.

  • Feature Releases are production-quality releases providing early access to new features for evaluation, released three times a year.

    Patches for FR versions are created as needed for security fixes ranked as critical or major and bug fixes ranked as critical. If fixes are qualified for a patch, one is issued for the current latest FR.

    Note

    If you wish to apply non-critical bug fixes to an FR version, upgrade to the next minor version.

    Technical support continues for two years past the original release, until the end of the same quarter for that year. This support consists of updates to the support portal knowledge center, and availability of Thales technical staff to help troubleshoot problems.

The following diagram demonstrates support and scheduled patch time frames for the current planned LTS and FR versions:

Versions 2.10.x and older will reach end of support at the end of Q3 in 2025.

copy link to clipboardCipherTrust Manager k160 Release Model

Most CipherTrust Manager models are supported with every release. The CipherTrust Manager k160 will be supported on all future LTS releases. Support in FR versions is determined per release in order to offer early access to features specific to the k160 platform. Consult the release notes for an FR version to confirm whether k160 is supported.

copy link to clipboardRelease Distribution and Upgrade

All minor releases are available as an upgrade on physical and virtual appliances, and as new deployments of Virtual CipherTrust Manager on supported public and private clouds. Consult release notes for a specific version for more details. Minor releases contain new features and bug fixes for issues of any severity.

For new minor versions, x.y.0, upgrade paths and available upgrade methods for a cluster vary depending on LTS or FR designation. You can only upgrade to FR versions from the immediate previous release. For example, you are only able to upgrade a cluster directly from 2.12.x to 2.13.x. You will be able to upgrade directly to LTS versions from previous LTS versions. For example, you will be able to upgrade from 2.11.x to the next LTS version.

You can exercise an online in-place cluster upgrade, where the CipherTrust Manager remains available for requests during upgrade, from the immediate previous release. You can exercise the offline in-place cluster upgrade to skip intermediate versions if you are moving from an LTS release to an LTS release. For offline in-place cluster upgrade, the CipherTrust Manager requires true downtime and does not allow requests from connector or client applications. Refer to the System Upgrade/Downgrade page of the target release version for steps to exercise the upgrade.

The following diagram demonstrates upgrade paths for clusters between minor releases:

Scheduled patches for LTS releases are available as cumulative upgrades. You can upgrade from any LTS version to the latest patch for that LTS minor version. For example, if there are x.y.1, x.y.2, and x.y.3 patches released for the minor LTS version, you can upgrade from x.y.0 or x.y.1 to x.y.3 directly without having to pass through any intermediate versions.

Thales intends to make the latest LTS release available as an option for physical k570, k570, and k160 appliance orders.

Note

As of February 2023, you can order physical appliances with either 2.9.x or 2.0 pre-installed. These versions existed before Long Term Support and Feature Release designation.

Patches for FR versions are usually upgrade only. In some cases, new deployments for Virtual CipherTrust Manager are also made available on supported public and private clouds. Consult release notes for a specific version for supported upgrade paths.

On this page