Luna S Series: Multi-factor (PED) Authentication for high assurance use cases.
Secure your sensitive data and critical applications by storing, protecting and managing your cryptographic keys in SafeNet Luna Network Hardware Security Modules (HSMs) – high-assurance, tamper-resistant, network-attached appliances offering market-leading performance.
Strong security – keys remain in hardware
The ultimate level of protection is afforded to sensitive cryptographic processing that often operates within the less secure environment of servers. SafeNet HSM is FIPS 140-2 Level 3-validated, and features tamper-protected security that safeguards against physical attacks on the HSM to obtain sensitive information.
Upon detection of a physical attack, the internal key storage memory is completely erased. Further, cryptographic keys are never exposed outside the HSM in clear form.
Secure storage and processing offers customers a level of security unavailable from software alternatives, while providing a certified level of confidentiality and integrity that meets customer expectations and the security demands of industry organizations.
Extensive APIs/toolkits and customization
A wide range of application programming interfaces (APIs) are available to assist in adherence of the cryptographic application to industry security standards and platform
environments. This includes the broadest suite of PKCS#11 function sets available on the market, a Java JCA/JCE, JCProv, and Microsoft CryptoAPI/ CNG provider implementation, and seamless integration with Open SSL. The software development kit allows an unsurpassed level of flexibility and extensibility—providing the ability to produce custom cryptographic applications – including completely new algorithms—and to be securely downloaded and executed within the protected confines of the HSM.
The intuitive graphic user interface (GUI) simplifies HSM device administration and key management using easy-to-understand navigation and user interaction. Urgent and time-critical management tasks—such as key modification, addition, and deletion—can be securely performed from remote locations, reducing management costs and response times.
SafeNet ProtectServer HSMs offer a unique level of flexibility for application developers to create their own firmware and execute it within the secure confines of the HSM. Known as functionality modules, the toolkits provide a comprehensive facility to develop and deploy custom firmware. A full-featured software emulator rounds out the flexible development tools, enabling developers to test and debug custom firmware from the convenience of a desktop computer. This emulator also serves as an invaluable tool to test
applications without the need to install a SafeNet ProtectServer HSM. When ready, a developer simply installs the HSM and redirects communication to the hardware. No software changes are necessary.
Smart cards provide the highest security and administrative convenience for secure backup, recovery, and transfer of cryptographic keys. Upgrades can be cost-effectively performed at the infield location, avoiding the expense of returning the product to the service location.
SafeNet ProtectServer PCIe HSM supports multiple cryptographic key storage slots. Storage slots function similarly to a smart card reader with multiple card slots, but without the need for a physical card reader. These virtual slots are effectively secure folders for keys, with each folder secured by a unique user and security officer password. This allows a single ProtectServer HSM to be used by multiple applications, for greater cost savings and flexibility.