safenet luna xml hardware security module. safenet protects crypto keys business issuessafenet...
Post on 14-Dec-2015
226 Views
Preview:
TRANSCRIPT
SafeNet Protects Crypto Keys
Business Issues SafeNet Solution
Need to protect sensitive data, transactions & applications
Protect Data at Risk – Most secure HSM with encryption keys always stored in hardware
Need to implement controls for compliance
Comply w/ Legislation – Proven compliance with mandates such as PCI-DSS and EMV requiring data encryption, complete audit trail
Need to minimize cost of deployment and integration
Reduce Operational Cost – Unparalleled ease of integration and virtually no maintenance
SafeNet’s Hardware Security Modules are the fastest, most secure, and easiest to integrate solution for protecting identities, applications and transactions.
Network-Attached HSMs
Luna SA / SP
High assurance enterprise-grade HSM
• 4,000 ops/s
• Certifications: FIPS 140-2 Level 3, CC EAL 4+
• Full platform support
• Secure remote administration
• 10/100 Ethernet interface
• Protected application execution environment (Luna SP)
• Extensive algorithm support
ProtectHost EFT
High assurance HSM for financial payment systems
• PIN generation & verification
• Supports global payment processing, EMV, and Card Issuance APIs
• 1,200 Visa PIN Verify operations / sec
• Certifications: FIPS 140-2 Level 3, CC
• Easy GUI-based administration
Luna XML
High assurance enterprise-grade HSM for XML environments
• XML interface (WSDL) encapsulates crypto functions, enabling rapid integration development
• FIPS 140-2 Level 3
• Extensive algorithm support
• No client required
• 2,200 ops/sec
• OS independent
• Secure remote administration
• 10/100/1000 Ethernet interface
Luna SX
Central HSM Management Console
• Intuitive GUI
• Easy setup & management of multiple HSM appliances
• Reduces cost of administration
Internal HSMs
CA4 Luna PCI
Root key HSM for true hardware key management
• FIPS 140-2 Level 3 certified
• Extensive algorithm support
• Supports two-factor trusted path authentication
• Supports common certificate authorities (Microsoft, Entrust, Verisign, RSA, etc.)
Fast, high-assurancePCI HSM card forhardware key management and crypto acceleration
• 7,000 ops/s
• FIPS 140-2 Level 3, CC EAL 4+
• Supports two-factor trusted path authentication
• Extensive Algorithm support
Luna PCM
Portable, cost-effective PCMCIA HSM card for hardware key management and crypto acceleration
• Versions for document signing, key export for registration of tokens, and signing and back up of key material to a token
• FIPS 140-2 Level 3
• Extensive algorithm support
ProtectServer Gold
Cost-effective high-assurance PCI HSM card for customizable hardware key management
• 600 ops/s
• Easy GUI-based administration
• Customizable interface
• FIPS 140-2 Level 3
• Extensive algorithm support
• Secure remote administration
SafeNet Luna XML
Security Most secure HSM for B2B and B2C communications and processes with encryption keys always stored in hardware
Certifications: FIPS140-2 Level 3 Tamper resistant
Performance RSA signings up to 2,200 ops/sec XML signings up to 1,000 ops/sec
Ease of Integration Unparalleled ease and speed of integration XML interface encapsulates crypto functions Client-less Intuitive developer GUI HTTP interface OS & network independent 10/100/1000 Mbps Ethernet interface
Cost of Ownership Platform independent Secure remote administration
Rapid-to-deploy high-assurance HSM for XML environments
Rapid Deployment with Luna XML
Customer Application
Custom built XML service
JCA/JCE API
Cryptoki Layer
Customer XML Application
Custom Java layer
OS dependency
From months … … to days!
Jan | Feb | Mar | Apr | Jun | … ? Mon | Tue | Wed | Thu | Fri !
OS independent
Traditional HSM SafeNet Luna XML
XML Crypto Service
Luna XML Operational Use
Load balancer
XML Based Application
SSL
SSL
XML
SSL
SSL
XML
SSL
SSL
XML
Crypto object synchronizationXML crypto service
XML crypto service XML crypto service
Available across multiple sites
for DR
Luna XML (XML Interface)
Why?
Business applications move to XML based architecture.
Nature of XML is designed to allow for B2B, B2C inline communication/processing = Security Need!
What?
1U Appliance based HSM with an XML interface (WSDL)
FIPS validated HSM (4.6.1 FW)
10/100/1000 Mbps Ethernet interface
Benefits?
Clientless
OS independent
Customers don’t need to be crypto API gurus(P11/JCA/CAPI)
PED Auth only for
initial GA release
Performance:
RSA signings - up to 2200/sec
XML signings –up to 1000/sec
top related