Scribd Logo
Upload

Welcome to Scribd!

  • Luna SA PB EN A4 v7 JUN052014 Web1

    Uploaded by

    Carlos Guzman
    6 views2 pages

    Original Title

    Luna_SA_PB__EN__A4_v7_JUN052014_web1

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views2 pages

    Luna SA PB EN A4 v7 JUN052014 Web1

    Uploaded by

    Carlos Guzman

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Luna SA

    Hardware Security Module


    PRODUCT BRIEF

    Luna SA is the choice for enterprises requiring strong security for digital
    Benefits & Features
    signatures, cryptographic key storage, transactional acceleration, certificate
    Most Secure signing, code signing, bulk key generation, data encryption, DNSSEC, and more.
    • Keys in hardware
    • Remote Management Approach to Key Security: Keys in Hardware
    • Secure transport mode for Luna SA is the most trusted general purpose HSM on the market in part because of its unique
    high-assurance delivery approach to protecting cryptographic keys. Unlike other methods of key storage which move
    • Multi-level access control keys outside of the HSM into a “trusted layer,” the keys-in-hardware approach protects the
    keys throughout their lifecycle within the FIPS 140-2 validated confines of the Luna SA HSM.
    • Multi-part splits for all access
    control keys This method ensures that your keys always benefit from both physical and logical protections
    of the Luna SA and reduces your audit burden.
    • Intrusion-resistant, tamper-
    evident hardware
    Scalable Security for Virtual and Cloud Environments
    • Suite B algorithm support
    Luna SA can be separated into cryptographically isolated partitions, with each partition
    • Secure decommission acting as if it was an independent HSM This provides a tremendous amount of scalability
    • Secure Audit Logging and flexibility, as a single HSM can protect the cryptographic keys of several independent
    • Strongest cryptographic applications. What’s more, Luna SA partitions are designed with independent access controls
    algorithms and key storage, allowing use in multi-tenant environments.

    Sample Applications Provision with Crypto Command Center


    • PKI key generation & key
    Crypto Command Center revolutionizes how high-assurance cryptographic resources are
    storage (online CA keys &
    provisioned. For the first time, HSMs can be delivered with the dynamic, agile, and elastic
    offline CA keys)
    nature of cloud and virtualized environments.
    • Certificate validation & signing
    • Document signing Robust High Availability
    • Transaction processing Multiple Luna SAs can be grouped together to provide high availability, load balancing and
    • Database encryption scalable performance. The HA Group technology shares the transaction load, synchronizes data
    • Smart card issuance among members of the group, and redistributes the processing capacity in the event of failure
    in a member appliance to maintain uninterrupted service to up to 100 clients. The HA capability
    also enables easy recovery when a unit returns to service.

    Flexible Backup and Disaster Recovery Options


    Luna SA provides secure, auditable and flexible options to simplify backup, duplication, and
    disaster recovery. Key backups can be performed locally or remotely to the Luna Backup HSM,
    Small Form Factor eTokens or other Luna HSMs.

    Secure Audit Logging


    Luna SA can be configured to selectively log HSM events for security auditing purposes. This
    allows for separation of duties between an Audit Officer/Team and the people they are auditing –
    preventing both the administrative and user personnel from tampering with the log files and the
    auditors from doing anything administrative or accessing keys.

    Luna SA Product Brief 1


    Network Shareable for Easy Deployment
    Technical Specifications Ethernet connectivity enables flexible deployment and scalability. Built-in TCP/IP support
    Operating System ensures that Luna SA deploys easily into existing network infrastructures and communicates
    • Windows, Linux, Solaris, AIX, HP-UX
    with other network devices. Multiple application servers can share cryptographic capabilities
    • Virtual: VMware, Hyper-V, Xen
    through Network Trust Links (NTLs).
    Cryptographic APIs
    • PKCS#11, Java (JCA/JCE), Microsoft
    CAPI and CNG, OpenSSL
    Common Luna Architecture
    All Luna HSMs benefit from a Common Luna Architecture where the supported client, APIs,
    Cryptography
    algorithms, and authentication methods are consistent across the entire Luna HSM product
    • Full Suite B support
    • Asymmetric: RSA (1024-8192), DSA line. This eliminates the need to design applications around a specific HSM, and provides the
    (1024-3072), Diffie-Hellman, KCDSA, flexibility to move keys from form factor to form factor.
    Elliptic Curve Cryptography (ECDSA,
    ECDH, ECIES) with named, user-defined
    and Brainpool curves
    Available in Two Performance Models
    • Symmetric: AES, RC2, RC4, RC5, CAST, Luna SA is available in two performance models; Luna 7000 and Luna SA 1700. Luna SA 7000 is
    DES, Triple DES, ARIA, SEED a high performance HSM capable of best in class performance across a breadth of algorithms
    • Hash/Message Digest/HMAC: SHA-1, including ECC, RSA, and symmetric transactions. Luna SA 7000 also features a dual, hot-
    SHA-2 (224-512), SSL3-MD5-MAC,
    swappable power supply that ensures consistent performance and no down-time. The low
    SSL3-SHA-1-MAC
    • Random Number Generation: FIPS performance variant, Luna 1700, includes a single power supply, and is capable of 1700 RSA
    140-2 approved DRBG (SP 800-90 CTR 1024-bit transactions per second.
    mode)

    Physical Characteristics
    Model
    • Standard 1U 19in. rack mount chassis Algorithm Luna SA 1700 Luna SA 7000
    • Dimensions: 19” x 21” x 1.725” (482.6mm
    RSA-1024 1,700 7,000
    x 533.4mm x 43.815mm)
    • Weight: 28lb (12.7kg) RSA-2048 350 1,200

    • Input Voltage: 100-240V, 50-60Hz ECC P256 570 2,000


    • Power Consumption: 180W maximum,
    ECIES 200 300
    155W typical
    • Temperature: operating 0°C – 35°C, AES-GCM 3,600 3,600
    storage -20°C – 60°C
    • Relative Humidity: 5% to 95% (38°C)
    non-condensing

    Security Certifications
    • FIPS 140-2 Level 2 and Level 3
    • Common Criteria EAL4+**
    • BAC & EAC ePassport Support
    **Under evaluation

    Safety and Environmental Compliance


    • UL, CSA, CE
    • FCC, KC Mark, VCCI, CE
    • RoHS, WEEE

    Host Interface
    • Dual Gigabit Ethernet ports

    Reliability
    • Mean Time Between Failure (MTBF)
    66,561 hrs

    Contact Us: For all office locations and contact information, please visit www.safenet-inc.com
    Follow Us: www.safenet-inc.com/news-media/.
    ©2014 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet.
    All other product names are trademarks of their respective owners. PB (EN)-06.05.14

    Luna SA Product Brief 2

    You might also like