SafeNet Luna XML Hardware Security Module

SafeNet Protects Crypto Keys

Business Issues SafeNet Solution

Need to protect sensitive data, transactions & applications

Protect Data at Risk – Most secure HSM with encryption keys always stored in hardware

Need to implement controls for compliance

Comply w/ Legislation – Proven compliance with mandates such as PCI-DSS and EMV requiring data encryption, complete audit trail

Need to minimize cost of deployment and integration

Reduce Operational Cost – Unparalleled ease of integration and virtually no maintenance

SafeNet’s Hardware Security Modules are the fastest, most secure, and easiest to integrate solution for protecting identities, applications and transactions.

Network-Attached HSMs

Luna SA / SP

High assurance enterprise-grade HSM

• 4,000 ops/s

• Certifications: FIPS 140-2 Level 3, CC EAL 4+

• Full platform support

• Secure remote administration

• 10/100 Ethernet interface

• Protected application execution environment (Luna SP)

• Extensive algorithm support

ProtectHost EFT

High assurance HSM for financial payment systems

• PIN generation & verification

• Supports global payment processing, EMV, and Card Issuance APIs

• 1,200 Visa PIN Verify operations / sec

• Certifications: FIPS 140-2 Level 3, CC

• Easy GUI-based administration

Luna XML

High assurance enterprise-grade HSM for XML environments

• XML interface (WSDL) encapsulates crypto functions, enabling rapid integration development

• FIPS 140-2 Level 3

• Extensive algorithm support

• No client required

• 2,200 ops/sec

• OS independent

• Secure remote administration

• 10/100/1000 Ethernet interface

Luna SX

Central HSM Management Console

• Intuitive GUI

• Easy setup & management of multiple HSM appliances

• Reduces cost of administration

Internal HSMs

CA4 Luna PCI

Root key HSM for true hardware key management

• FIPS 140-2 Level 3 certified

• Extensive algorithm support

• Supports two-factor trusted path authentication

• Supports common certificate authorities (Microsoft, Entrust, Verisign, RSA, etc.)

Fast, high-assurancePCI HSM card forhardware key management and crypto acceleration

• 7,000 ops/s

• FIPS 140-2 Level 3, CC EAL 4+

• Supports two-factor trusted path authentication

• Extensive Algorithm support

Luna PCM

Portable, cost-effective PCMCIA HSM card for hardware key management and crypto acceleration

• Versions for document signing, key export for registration of tokens, and signing and back up of key material to a token

• FIPS 140-2 Level 3

• Extensive algorithm support

ProtectServer Gold

Cost-effective high-assurance PCI HSM card for customizable hardware key management

• 600 ops/s

• Easy GUI-based administration

• Customizable interface

• FIPS 140-2 Level 3

• Extensive algorithm support

• Secure remote administration

SafeNet Luna XML

Security Most secure HSM for B2B and B2C communications and processes with encryption keys always stored in hardware

Certifications: FIPS140-2 Level 3 Tamper resistant

Performance RSA signings up to 2,200 ops/sec XML signings up to 1,000 ops/sec

Ease of Integration Unparalleled ease and speed of integration XML interface encapsulates crypto functions Client-less Intuitive developer GUI HTTP interface OS & network independent 10/100/1000 Mbps Ethernet interface

Cost of Ownership Platform independent Secure remote administration

Rapid-to-deploy high-assurance HSM for XML environments

Rapid Deployment with Luna XML

Customer Application

Custom built XML service

JCA/JCE API

Cryptoki Layer

Customer XML Application

Custom Java layer

OS dependency

From months … … to days!

Jan | Feb | Mar | Apr | Jun | … ? Mon | Tue | Wed | Thu | Fri !

OS independent

Traditional HSM SafeNet Luna XML

XML Crypto Service

Luna XML Operational Use

Load balancer

XML Based Application

SSL

SSL

XML

SSL

SSL

XML

SSL

SSL

XML

Crypto object synchronizationXML crypto service

XML crypto service XML crypto service

Available across multiple sites

for DR

Luna XML (XML Interface)

Why?

Business applications move to XML based architecture.

Nature of XML is designed to allow for B2B, B2C inline communication/processing = Security Need!

What?

1U Appliance based HSM with an XML interface (WSDL)

FIPS validated HSM (4.6.1 FW)

10/100/1000 Mbps Ethernet interface

Benefits?

Clientless

OS independent

Customers don’t need to be crypto API gurus(P11/JCA/CAPI)

PED Auth only for

initial GA release

Performance:

RSA signings - up to 2200/sec

XML signings –up to 1000/sec

Luna XML Client Demo Interface

•Intuitive GUI interface

•Easy deployment

•User friendly management

•Reduced cost of administration