SafeNet ProtectServer PCI-E

Cryptographic Acceleration from an Embedded HSM

Luna PCI-E can be embedded directly in an appliance or application server for an easy-to-integrate and cost-efficient solution for cryptographic acceleration and security.  The high-security hardware design of Luna PCI-E ensures the integrity and protection of encryption keys throughout their life cycle. All digital signing and verification operations are performed within the hardware security module (HSM) to increase performance and maintain security.

Achieve FIPS 140-2 and Common Criteria Validation without Investing in Costly Certifications

Achieving FIPS and Common Criteria certification can be a lengthy process and cost hundreds of thousands of dollars for each product certified. As SafeNet’s sole focus is security, we make third-party certifications a priority. Our team has years of experience in designing products that adhere to FIPS 140-2 and Common Criteria.  Leveraging Luna PCI-E in your appliance or service represents a cost effective way to bring FIPS 140-2 and Common Criteria validated solutions to market.

Develop Solutions for Resource Constrained Environments with ECC Support

As the need to provide security for resource constrained devices (smart phones, tablets, smart meters) grows, vendors must be able to provide solutions that leverage ECC algorithms. ECC Algorithms offer high key strength, at a greatly reduced key length when compared to RSA keys. SafeNet Luna PCI-E offers hardware accelerated ECC algorithms that can be used in the development of solutions without the need to purchase additional licenses.

Embed the SafeNet Luna General Purpose HSM Feature Set for Operational Cost Savings

Luna PCI-E benefits from a robust and forward thinking feature set. These features, including remote management, secure transport, and remote backup, will greatly reduce the management and operational costs of a deployment that utilizes Luna PCI.

Sample Applications

  • PKI key generation & key
  • Storage (online CA keys & offline CA keys)
  • Card Issuance & Management
  • Code & Document Signing
  • Database & File Encryption
  • Email Encryption
  • Infrastructure Security
  • Identity & Rights Management
  • Key Management
  • Timestamping
  • SSL & TLS

Security at a Glance

  • Keys in hardware
  • Remote Management
  • Secure transport mode for high-assurance delivery
  • Multi-level access control
  • Multi-part splits for all access control keys
  • Intrusion-resistant, tamper evident hardware
  • Secure Audit Logging
  • Strongest cryptographic algorithms
  • Suite B algorithm support
  • Secure decommission


  • Intrusion-resistant, tamper-evident hardware
  • Field Serviceable Components
  • Software upgradable
  • Multiple Roles for Administration
  • Strong Separation of Duties
  • Load Balancing and Scalability

Additional Information

Operating System Support
OS SupportWindows, Linux, Solaris
Cryptographic Support
CryptographyFull Suite B support
Asymmetric: RSA (1024-8192), DSA (1024-3072), Diffie-Hellman, KCDSA, Elliptic Curve Cryptography (ECDSA, ECDH, ECIES) with named, user-defined and Brainpool curves
Symmetric: AES, RC2, RC4, RC5, CAST, DES, Triple DES, ARIA, SEED
Hash/Message Digest/HMAC: SHA-1, SHA-2 (224-512), SSL3-MD5-MAC, SSL3-SHA-1-MAC
Random Number Generation: FIPS 140-2 approved DRBG (SP 800-90 CTR mode)
Crytographic APIsPKCS#11, Java (JCA/JCE), Microsoft CAPI and CNG, OpenSSL
Physical Characteristics
DimensionsFull Height, Half Length 4.16" x 6.6" (106.7mm x 167.65mm)
Power Consumption12W maximum, 8W typical
TemperatureOperating 0°C to 50°C
Host InterfacePCI-Express X4, PCI CEM 1.0a
Security Certifications
CertificationsFIPS 140-2 Level 2 and Level 3
Common Criteria EAL4+
BAC & EAC ePassport Support
Safety and Environmental Compliance
ComplianceUL, CSA, CE
Management, Logging, and Monitoring
ManagementM of N support for division of command