2 SafeNet Protects Crypto Keys SafeNet’s Hardware Security Modules are the fastest, most secure, and easiest to integrate solution for protecting identities, applications and transactions.Business IssuesSafeNet SolutionNeed to protect sensitive data, transactions & applicationsProtect Data at Risk – Most secure HSM with encryption keys always stored in hardwareNeed to implement controls for complianceComply w/ Legislation – Proven compliance with mandates such as PCI-DSS and EMV requiring data encryption, complete audit trailNeed to minimize cost of deployment and integrationReduce Operational Cost – Unparalleled ease of integration and virtually no maintenance
3 Network-Attached HSMs Luna SA / SPProtectHost EFTLuna XMLLuna SX High assurance enterprise-grade HSM4,000 ops/sCertifications: FIPS Level 3, CC EAL 4+Full platform supportSecure remote administration10/100 Ethernet interfaceProtected application execution environment (Luna SP)Extensive algorithm support High assurance HSM for financial payment systemsPIN generation & verificationSupports global payment processing, EMV, and Card Issuance APIs1,200 Visa PIN Verify operations / secCertifications: FIPS Level 3, CCEasy GUI-based administration High assurance enterprise-grade HSM for XML environmentsXML interface (WSDL) encapsulates crypto functions, enabling rapid integration developmentFIPS Level 3Extensive algorithm supportNo client required2,200 ops/secOS independentSecure remote administration10/100/1000 Ethernet interface Central HSM Management ConsoleIntuitive GUIEasy setup & management of multiple HSM appliancesReduces cost of administration
4 Internal HSMs CA4 Luna PCM Luna PCI ProtectServer Gold Root key HSM for true hardware key managementFIPS Level 3 certifiedExtensive algorithm supportSupports two-factor trusted path authenticationSupports common certificate authorities (Microsoft, Entrust, Verisign, RSA, etc.) Portable, cost-effective PCMCIA HSM card for hardware key management and crypto accelerationVersions for document signing, key export for registration of tokens, and signing and back up of key material to a tokenFIPS Level 3Extensive algorithm support Cost-effective high- assurance PCI HSM card for customizable hardware key management600 ops/sEasy GUI-based administrationCustomizable interfaceFIPS Level 3Extensive algorithm supportSecure remote administration Fast, high-assurance PCI HSM card for hardware key management and crypto acceleration7,000 ops/sFIPS Level 3, CC EAL 4+Supports two-factor trusted path authenticationExtensive Algorithm support
5 SafeNet Luna XMLRapid-to-deploy high-assurance HSM for XML environmentsSecurityMost secure HSM for B2B and B2C communications and processes with encryption keys always stored in hardwareCertifications: FIPS140-2 Level 3Tamper resistantPerformanceRSA signings up to 2,200 ops/secXML signings up to 1,000 ops/secEase of IntegrationUnparalleled ease and speed of integrationXML interface encapsulates crypto functionsClient-lessIntuitive developer GUIHTTP interfaceOS & network independent10/100/1000 Mbps Ethernet interfaceCost of OwnershipPlatform independentSecure remote administration
6 Rapid Deployment with Luna XML Traditional HSMSafeNet Luna XMLOS dependencyOS independentCustomer ApplicationCustomer XML ApplicationCustom built XML serviceCustom Java layerJCA/JCE APICryptoki LayerXML Crypto ServiceFrom months …… to days!Jan | Feb | Mar | Apr | Jun | … ?Mon | Tue | Wed | Thu | Fri !
7 Luna XML Operational Use XML Based ApplicationSSLXMLSSLSSLXMLSSLSSLXMLSSLLoad balancerAvailable across multiple sites for DRXML crypto serviceXML crypto serviceXML crypto serviceCrypto object synchronization
8 Luna XML (XML Interface) Why?Business applications move to XML based architecture.Nature of XML is designed to allow for B2B, B2C inline communication/processing = Security Need!What?1U Appliance based HSM with an XML interface (WSDL)FIPS validated HSM (4.6.1 FW)10/100/1000 Mbps Ethernet interfaceBenefits?ClientlessOS independentCustomers don’t need to be crypto API gurus(P11/JCA/CAPI)PED Auth only for initial GA releasePerformance:RSA signings - up to 2200/secXML signings –up to 1000/sec
9 Luna XML Client Demo Interface Intuitive GUI interfaceEasy deploymentUser friendly managementReduced cost of administration