Network HSM / HSM Plus
Device Information HSM/HSM Plus
Hardware Security for Server & Web Applications
SafeNet ProtectServer Hardware Security Modules (HSMs) are designed to protect cryptographic keys against compromise while providing encryption, signing and authentication services to secure Java and sensitive web applications.
SafeNet ProtectServer HSMs offer a unique level of flexibility for application developers to create their own firmware and execute it within the secure confines of the HSM. Known as functionality modules, the toolkits provide a comprehensive facility to develop and deploy custom firmware.
Safenet ProtectServer at a Glance:
Customizable and Scalable
Available in a broad range of symmetric and asymmetric cryptographic performance levels, SafeNet ProtectServer HSMS can be integrated on either the same or distinct sub-nets and be shared between different networks in order to protect multiple business domains.
FIPS 140-2 Level 3 Validated
SafeNet ProtectServer HSMs contain a FIPS 140-2 Level 3 validated cryptographic module to perform secure cryptographic processing in a high-assurance fashion. Built for industry standard security applications, the SafeNet ProtectServer HSM functions within a tamper-protected environment, providing secure storage for highly sensitive information, cryptographic keys, PINs, and data.
Users and developers can facilitate seamless integration of cryptography and HSMs into a large array of pre-integrated third-party solutions or custom applications. The Customization Software Development Kit (ProtectProcessing) enables the development, download, and storage of custom-specific functionality modules (FMs) inside the secure boundary of the HSM.
Native Blockchain Algorithm Support
SafeNet ProtectServer Network HSMs now support the BIP32 algorithm, which is widely used as the standard to encrypt digital wallets. Also, support for the SECP256k1 elliptic curve has been added, which is used for signing entries in Blockchain.
UA full-featured software emulator rounds out the flexible development tools, enabling developers to test and debug custom firmware from the convenience of a desktop computer.
This emulator also serves as an invaluable tool to test applications without the need to install a SafeNet ProtectServer HSM. When ready, a developer simply installs the HSM and redirects communication to the hardware – no software changes are necessary.
Swappable Dual AC Power Supplies
SafeNet ProtectServer Network HSMs employ dual swappable AC power supplies for high-availability data centers to help protect against power failures, and enable business continuity by providing the ability to connect the appliance to two separate power sources to safeguard against the possible malfunction of one of the sources. This provides the necessary flexibility to perform maintenance on or replace a failed power supply or power feed with the assurance that your device will continue to operate.
|SafeNet Luna Network HSM 7 Specifications:|
|OS Support||Windows, Linux, Solaris, AIX
Virtual: VMware, Hyper-V, Xen, KVM
|Cryptography||Full Suite B support
Asymmetric: RSA, DSA, Diffie-Hellman, Elliptic Curve Cryptography (ECDSA, ECDH, Ed25519, ECIES) with named, user-defined and Brainpool curves, KCDSA, and more
Symmetric: AES, AES-GCM, DES, Triple DES, ARIA, SEED, RC2, RC4, RC5, CAST, and more
Hash/Message Digest/HMAC: SHA-1, SHA-2, SM3, and more
Key Derivation: SP800-108 Counter Mode
Key Wrapping: SP800-38F
Random Number Generation: designed to comply with AIS 20/31 to DRG.4 using HW based true noise source alongside NIST 800-90A compliant CTR-DRBG
|Crytographic APIs||PKCS#11, Java (JCA/JCE), Microsoft CAPI and CNG, OpenSSL
REST API for Administration
|Rack Mountable||Standard 1U 19" rack mount appliance|
|Dimensions||19” x 21” x 1.725” (482.6mm x 533.4mm x 43.815mm)|
|Input Voltage||100-240V, 50-60Hz|
|Power Consumption||110W maximum, 84W typical|
|Temperature||Operating 0° to 35°C, storage - 20° to 60°C|
|Relative Humidity||5% to 95% (38°C) non-condensing|
|Reliability||2 dual hot-swap power supplies
Mean Time Between Failure (MTBF) 171,308 hrs
|Certifications||FIPS 140-2 Level 3 – Password and multi-factor (PED)|
|Compliance||UL, CSA, CE
FCC, CE, VCCI, C-TICK, KC Mark
|Host-Interface||4 Gigabit Ethernet ports with Port Bonding IPv4 and IPv6|
|Management||M of N support for division of command
HA disaster recovery