Crypto Store By ID3 > Products > Entrust > nShield as a Service (nSaaS)

nShield as a Service (nSaaS)

SKU: HSM-nShield5c-bCLD Categories: , , , , , , , , , ,

nShield as a Service (nSaaS)

Get subscription-based access to dedicated nShield hardware security modules (HSMs) for cloud-based cryptographic services.

nSaaS is a subscription-based solution for generating, accessing, and protecting cryptographic key material, separately from sensitive data, using dedicated FIPS 140-2 Level 3 certified nShield Connect HSMs. The solution delivers the same functionality as on-premises HSMs and the benefits of a cloud service deployment, without the need to host and maintain the appliances.

£1,500.00£30,000.00

Note: RRP shown only. Accurate pricing, specification and availability will be provided upon quote issuance.

Add to quote


Let Us Advise You
Share

Description

nShield as a Service (nSaaS)

Own the keys, not the HSM

The nShield 5c HSMs, whether hosted in the cloud or on-premises, enjoys the same distinctive Security World framework. This means you can effortlessly transition your cryptographic tasks from on-premises to the cloud, or opt for a hybrid strategy that combines both cloud-based and on-premises nShield HSMs to enhance redundancy and dependability.

*FIPS 140-3 Validated, Certificate #4745

Simplifying Your Cloud Migration

Today’s businesses are looking for the adaptability of cloud solutions. Yet, when the HSMs serving as your secure foundations are located within your data center, gaining access to your cloud applications becomes complicated and costly.

With nSaaS your applications can access your HSMs from anywhere—your datacenter, your cloud deployments, or both—while benefiting from:

  • Predictable Budgeting
    • Convert CapEx to OpEx with monthly performance-based pricing
  • Comprehensive Protection
    • Extend cryptography and key management across multiple clouds
  • Optimized Resources
    • Decrease time spent on maintenance and monitoring tasks

Migrate seamlessly

Seeking a hassle-free move without any discomfort? The Entrust Cloud Concierge service offers a smooth transfer from your on-site nShield HSM setup to nShield as a Service. Our Expert Services group will collaborate with you to organize and carry out the effortless relocation of your current keys, customers, and software.

 

Adopt cloud-based RESTful APIs

Developing new cloud-native applications and wishing to take advantage of efficient and dynamic scalability? Our nShield as a Service Web option allows you to easily access cryptographic resources with the flexibility that web services provide.

 

Choose the service and level that’s right for you

Basic, Standard, Premium or Enterprise as Self Managed or Fully Managed to meet your needs.

Additional information

Supported cryptographic algorithms

High-performance, next-generation, and crypto-agile hardware security modules

• Full NIST Suite B implementation
• Asymmetric algorithms: RSA, Diffie-Hellman, ECMQV, DSA, El-Gamal, KCDSA, ECDSA (including NIST, Brainpool & secp256k1 curves), ECDH, Edwards (Ed25519, Ed25519ph • Symmetric algorithms: AES, AES-GCM, Arcfour, ARIA, Camellia, MD5 HMAC, RIPEMD160 HMAC, SEED, SHA-1 HMAC, SHA-224 HMAC, SHA-256 HMAC, SHA-384 HMAC, SHA512 HMAC, Tiger HMAC, 3DES
• Hash/message digest: MD5, SHA-1, SHA-2 (224, 256, 384, 512 bit), HAS-160, RIPEMD160, SHA-3 (224, 256, 384, 512 bit)
• Elliptic Curve Key Agreement (ECKA) available via Java API and nCore APIs
• Elliptic Curve Integrated Encryption Scheme (ECIES) available via Java API, PKCS#11 and nCore APIs
• TUAK and MILENAGE algorithm support for mutual authentication and key generation (3GPP)
• NIST short-listed post-quantum cryptographic algorithms supported using the nShield PostQuantum Option Pack
Supported operating systems

• Windows and Linux operating systems including distributions from Red Hat, SUSE, and major cloud service providers running as virtual machines or in containers
Application programming interfaces (APIs)

• REST
• PKCS#11
• OpenSSL • Java (JCE)
• Microsoft CAPI/CNG
• Web Services
• nCore
Connectivity

• IPsec tunnel w/pre-shared keys
• Between customer Cloud IP space(s) and dedicated, managed nShield HSM environment
• TLS tunnel to Web Services hosted on AWS (nSaaS Web Option)
• Transparent to client hosts
• Takes entire path out of control scope
Security compliance

• FIPS 140-2 Level 3
• eIDAS and Common Criteria EAL4 + AVA_VAN.5 and ALC_FLR.2 certification against EN 419 221-5
• Protection Profile, under the Dutch NSCIB scheme
• Can form the basis of an EN 419 241-2 certified remote signing system for eIDAS
• Compliant with BSI AIS 31 for true and deterministic random number generation
Management and monitoring

• KeySafe 5, nShield Remote Configuration
• nShield Remote Administration (purchased separately)
• Secure audit logging
• Syslog diagnostics support and Windows performance monitoring
• SNMP monitoring agent
Data Center Certifications

Cloud Security Alliance (CSA) Security Trust Assurance and Risk (STAR) – Level 1
Self-Managed and Fully-Managed Features

Customer has remote access to dedicated nShield Connect hardware hosted in secure data centers
The nShield Remote Administration kit lets you securely connect to and interact with your cloud-based nShield HSM(s)
Maintenance & Support
• Service monitoring
• Pre-tested upgrades/patches applied during annual or emergency maintenance windows
• 24/7 support
Features Exclusive to Fully-Managed Service

• Full Management of installation
• Security Officer role fulfilled by trusted Entrust personnel
• Security World creation
• HSM enrollment
• Signing ceremonies
• Policy and process development
• Under ISO 27001 compliant policies & procedures
• All operational staff BS7858 cleared (non-US data centers only)
• Firmware upgrades, completed with customer consent
Cloud Disaster Recovery

Increase redundancy and reliability of on-premises deployments.

• Subscription-based service
• Adds off-site HSM resources
• Convenient and cost-effective

Customer Reviews

Customer Rating

£1,500.00£30,000.00
0
0 Ratings
Stars 5
(0)
Stars 4
(0)
Stars 3
(0)
Stars 2
(0)
Stars 1
(0)
Be the first to review “nShield as a Service (nSaaS)”

Your email address will not be published. Required fields are marked *

Reviews

There are no reviews yet.

Related products

  • Utimaco SecurityServer Se Gen2

     £11,100.00£24,500.00
    The SecurityServer Se Gen2 from Utimaco ensures the security of cryptographic key material for servers and applications. It includes integration software that supports the industry standard PKCS#11, Microsoft CSP/CNG/SQLEKM and JCE interfaces. It can therefore be used for numerous applications, including e.g. public key infrastructures (PKIs), database encryption. The SecurityServer Se Gen2 is available as a PCIe plug-in card or as network-attached appliance.   Note: Various hardware extensions and accessories available and priced on request.
    Select options This product has multiple variants. The options may be chosen on the product page
    Select options This product has multiple variants. The options may be chosen on the product page

    Utimaco SecurityServer Se Gen2
    Category: Hardware Security Modules Utimaco | SKU: 5464534
    The SecurityServer Se Gen2 from Utimaco ensures the security of cryptographic key material for servers and applications. It includes integration software that supports the industry standard PKCS#11, Microsoft CSP/CNG/SQLEKM and JCE interfaces. It can therefore be used for numerous applications, including e.g. public key infrastructures (PKIs), database encryption. The SecurityServer Se Gen2 is available as a PCIe plug-in card or as network-attached appliance.   Note: Various hardware extensions and accessories available and priced on request.
    £11,100.00£24,500.00
    Select options

    Note: RRP shown only. Accurate pricing, specification and availability will be provided upon quote issuance.

    £11,100.00£24,500.00

  • Luna G5 HSM for Government

     £4,100.00£10,100.00
    The Luna G5 for Government is a small form factor HSM that is widely used by government agencies for data, applications and digital identities to reduce risk and ensure regulatory compliance. Derived from industry-leading technology, the FIPS 140-2 certified Luna G5 for Government is manufactured, sold, and supported exclusively by Thales TCT.
    Select options This product has multiple variants. The options may be chosen on the product page
    Select options This product has multiple variants. The options may be chosen on the product page

    Luna G5 HSM for Government
    Category: Backup Hardware Security Modules HSM Management PCI Card Thales | SKU: 654678
    The Luna G5 for Government is a small form factor HSM that is widely used by government agencies for data, applications and digital identities to reduce risk and ensure regulatory compliance. Derived from industry-leading technology, the FIPS 140-2 certified Luna G5 for Government is manufactured, sold, and supported exclusively by Thales TCT.
    £4,100.00£10,100.00
    Select options

    Note: RRP shown only. Accurate pricing, specification and availability will be provided upon quote issuance.

    £4,100.00£10,100.00

  • Guardian Series 3

     £15,000.00£30,000.00
    Centralised Cryptographic infrastructure Management Critical access, exactly when you need it, Guardian allows authorised users to centralise management of Futurex devices, physical and virtual, pool resources and commands through synchronous peering and remote configuration, making in-person physical management of your cryptographic infrastructure virtually obsolete.
    Select options This product has multiple variants. The options may be chosen on the product page
    Select options This product has multiple variants. The options may be chosen on the product page

    Guardian Series 3
    Category: Futurex Futurex Key Management Hardware Security Modules Key Management | SKU: fut-guardian-s3
    Centralised Cryptographic infrastructure Management Critical access, exactly when you need it, Guardian allows authorised users to centralise management of Futurex devices, physical and virtual, pool resources and commands through synchronous peering and remote configuration, making in-person physical management of your cryptographic infrastructure virtually obsolete.
    £15,000.00£30,000.00
    Select options

    Note: RRP shown only. Accurate pricing, specification and availability will be provided upon quote issuance.

    £15,000.00£30,000.00

  • Black Vault HSM.RAS – Remote Access and Smart Card Reader

     £6,400.00£6,700.00
    The BlackVault HSM.RAS is a versatile and highly yet fully functional compact network attached general purpose FIPS 140-2 Level 3 Hardware Security Module with unique functionality making authentication, security, compliance, and ease of use paramount. Its compact “hard drive” form-factor and redundant, battery-backed, solid state key storage allow BlackVaultHSM.RAS to be moved to a secure room or safe without loss or compromise of root keys or other cryptographic material. Its small form factor with USB connection and power also supports mounting BlackVaultHSM.RAS within application servers and other compact environments.
    Select options This product has multiple variants. The options may be chosen on the product page
    Select options This product has multiple variants. The options may be chosen on the product page

    Black Vault HSM.RAS – Remote Access and Smart Card Reader
    Category: BlackVault HSM EngageBlack HSM Hardware Security Modules | SKU: 87585
    The BlackVault HSM.RAS is a versatile and highly yet fully functional compact network attached general purpose FIPS 140-2 Level 3 Hardware Security Module with unique functionality making authentication, security, compliance, and ease of use paramount. Its compact “hard drive” form-factor and redundant, battery-backed, solid state key storage allow BlackVaultHSM.RAS to be moved to a secure room or safe without loss or compromise of root keys or other cryptographic material. Its small form factor with USB connection and power also supports mounting BlackVaultHSM.RAS within application servers and other compact environments.
    £6,400.00£6,700.00
    Select options

    Note: RRP shown only. Accurate pricing, specification and availability will be provided upon quote issuance.

    £6,400.00£6,700.00

  • Excrypt SSP Enterprise v.2

     £29,750.00
    Enterprise-Level Hardware Security Protect your sensitive data and transactions with the industry-leading security and revolutionary functionality of Futurex hardware security modules. The Excrypt SSP Enterprise v.2 hardware security module makes the encryption and security of your sensitive data the top priority. Highly scalable and able to integrate into existing infrastructures with ease, the Excrypt SSP Enterprise v.2 allows you to reduce overall rack footprint while increasing capacity and speed in transaction processing.
    Select options This product has multiple variants. The options may be chosen on the product page
    Select options This product has multiple variants. The options may be chosen on the product page

    Excrypt SSP Enterprise v.2
    Category: Futurex General purpose Hardware Security Modules Payment HSM Quantum HSM | SKU: 8758875-1-1
    Enterprise-Level Hardware Security Protect your sensitive data and transactions with the industry-leading security and revolutionary functionality of Futurex hardware security modules. The Excrypt SSP Enterprise v.2 hardware security module makes the encryption and security of your sensitive data the top priority. Highly scalable and able to integrate into existing infrastructures with ease, the Excrypt SSP Enterprise v.2 allows you to reduce overall rack footprint while increasing capacity and speed in transaction processing.
    £29,750.00
    Select options

    Note: RRP shown only. Accurate pricing, specification and availability will be provided upon quote issuance.

    £29,750.00
Item added To cart