ProtectServer HSMs: Hardware Security for Server & Web Applications

ProtectServer Hardware Security Modules (HSMs) are designed to protect cryptographic keys against compromise while providing encryption, signing and authentication services to secure Java and sensitive web applications.
ProtectServer HSMs offer a unique level of flexibility for application developers to create their own firmware and execute it within the secure confines of the HSM. Known as functionality modules, the toolkits provide a comprehensive facility to develop and deploy custom firmware.

Available in Three Versions:

ProtectServer PCIe HSM

PCI Express x4-compliant card available in different performance levels to meet varied system requirements.

ProtectServer External HSM 2

Heavy-duty steel appliance with tamper-protected security that safeguards against physical and logical attacks.

ProtectServer HSM 2+

Security hardened network crypto server designed to protect cryptographic keys against compromise, while providing encryption, signing and authentication services to security sensitive applications, including native Blockchain algorithm support.

Features & Benefits

ProtectServer for Server and Web Applications Security

Sample Use Cases:

  • Encryption
  • User and data authentication
  • Message integrity
  • Secure key storage and key management for eCommerce
  • PKI
  • Document managment
  • Electronic bill presentation and payment
  • Database encryption
  • Financial EFT transactions
  • And more


  • Dual LAN
  • Up to 600 RSA signings/sec
  • WLD (Work Load Distribution)
  • Multi-threaded APIs
  • GUI HSM admin interface
  • CMD line interface
  • Infield upgrade
  • Remote HSM management
  • Swappable dual AC power supplies (Plus model only)

Additional Information

Safenet ProtectServer at a Glance:
Customizable and Scalable
Available in a broad range of symmetric and asymmetric cryptographic performance levels, Thales ProtectServer HSMS can be integrated on either the same or distinct sub-nets and be shared between different networks in order to protect multiple business domains.
Extensive APIs

Extensive APIs
Users and developers can facilitate seamless integration of cryptography and HSMs into a large array of pre-integrated third-party solutions or custom applications. The Customization Software Development Kit (ProtectProcessing) enables the development, download, and storage of custom-specific functionality modules (FMs) inside the secure boundary of the HSM.
Software Emulator
UA full-featured software emulator rounds out the flexible development tools, enabling developers to test and debug custom firmware from the convenience of a desktop computer.

This emulator also serves as an invaluable tool to test applications without the need to install a Thales ProtectServer HSM. When ready, a developer simply installs the HSM and redirects communication to the hardware – no software changes are necessary.
FIPS 140-2 Level 3 Validated
Thales ProtectServer HSMs contain a FIPS 140-2 Level 3 validated cryptographic module to perform secure cryptographic processing in a high-assurance fashion. Built for industry standard security applications, the Thales ProtectServer HSM functions within a tamper-protected environment, providing secure storage for highly sensitive information, cryptographic keys, PINs, and data.
Native Blockchain Algorithm Support
Thales ProtectServer Network HSMs now support the BIP32 algorithm, which is widely used as the standard to encrypt digital wallets. Also, support for the SECP256k1 elliptic curve has been added, which is used for signing entries in Blockchain.
Swappable Dual AC Power Supplies
Thales ProtectServer Network HSMs employ dual swappable AC power supplies for high-availability data centers to help protect against power failures, and enable business continuity by providing the ability to connect the appliance to two separate power sources to safeguard against the possible malfunction of one of the sources. This provides the necessary flexibility to perform maintenance on or replace a failed power supply or power feed with the assurance that your device will continue to operate.