General Purpose HSM

What do Hardware Security Modules do?

A hardware security module (HSM) is a dedicated crypto processor that is specifically designed for the protection of the crypto key lifecycle. Hardware security modules act as trust anchors that protect the cryptographic infrastructure of some of the most security-conscious organizations in the world by securely managing, processing, and storing cryptographic keys inside a hardened, tamper-resistant device. Enterprises buy hardware security modules to protect transactions, identities, and applications, as HSMs excel at securing cryptographic keys and provisioning encryption, decryption, authentication, and digital signing services for a wide range of applications.

Why you should use Luna HSMs?

Thales is the leading provider of general purpose hardware security modules (HSMs) worldwide. Our Thales Luna HSM product family represents the highest-performing, most secure, and easiest-to-integrate HSM solution available on the market today.
Luna HSMs are purposefully designed to provide a balance of security, high performance, and usability that makes them an ideal choice for enterprise, financial, and government organizations.

With Thales Hardware Security Modules, You Can

Reduce your risk and meet your compliance needs with solutions for PKI, database encryption, blockchain, code signing, document signing, eIDAS, GDPR, PCI DSS, DNSSEC and more
Protect cryptographic keys wherever your applications / workloads run with flexibility and at scale
Secure your digital transformation with technology designed for modern data centers

Luna HSM Features & Benefits

For more than 30 years, Thales payment HSMs have been involved in a wide range of applications. The main role of a payment HSM is to protect cryptographic keys and sensitive data in a highly secure manner such that the integrity of two fundamental processes is maintained:

Defense in Depth: Keys in Hardware

Cryptography is only as strong as the security afforded to your cryptographic keys. Luna HSMs are designed with the highest key security in mind.
With our unique keys-in-hardware approach, cryptographic keys are securely isolated inside the tamper-resistant hardware of the HSM. Applications communicate with the keys stored in the Luna HSM via a client – but keys never leave the HSM.

Flexibility for the Next Generation of PKI

With an unparalleled combination of features—including central key and policy management, robust encryption support, flexible integration, and more – Luna Hardware Security Modules enable organizations to guard against evolving threats and capitalize on the emerging opportunities presented in technological advances.

FIPS 140-2, Common Criteria & eIDAS Validation

Cryptography is only as strong as the security afforded to your cryptographic keys. Luna HSMs are designed with the highest key security in mind.
With our unique keys-in-hardware approach, cryptographic keys are securely isolated inside the tamper-resistant hardware of the HSM. Applications communicate with the keys stored in the Luna HSM via a client – but keys never leave the HSM.

Secure Remote Management and Activation

Today, organizations depend on IT infrastructure that is spread across the globe. Activating, managing and administering HSMs across many decentralized data centers could be a time consuming and costly process.
With Thales’s two-factor authenticated Remote PIN Entry Device (PED), Luna HSMs can be securely managed and administered remotely. Luna HSMs also benefit from secure transport mode, a feature which allows HSMs to be placed in a locked state to ensure key material is secure and untampered as it travels to a data center or remote office.

Payment HSM’s Products

Luna Network HSM

Luna Network HSM is a network-attached HSM protecting encryption keys used by applications in on-premises, virtual, and cloud environments. Luna Network HSMs are both the fastest and most secure HSMs on the market. Increase your return on investment by allowing multiple applications or business units to share a common HSM platform.

Secure your sensitive data and critical applications by storing, protecting and managing your cryptographic keys in Luna Network Hardware Security Modules (HSMs) - high-assurance, tamper-resistant, network-attached appliances offering market-leading performance.

Luna PCIe HSM

An embedded HSM, Luna PCIe HSM protects cryptographic keys and sensitive cryptographic operations. The ideal solution for dedicated performance or application security use cases.

Thales Luna PCIe Hardware Security Modules (HSMs) can be embedded directly in an appliance or application server for an easy-to-integrate and cost-efficient solution for cryptographic acceleration and security. The high-security hardware design of Thales Luna PCIe HSM ensures the integrity and protection of encryption keys throughout their life cycle.

Luna USB HSM

Luna USB HSM is an USB-attached HSM that is ideal for storing root cryptographic keys in an offline key storage device. Ideal for offline solutions, such as PKI root key protection.

The Luna USB HSM delivers high assurance key protection, maintaining all key materials encrypted within the confines of the tamper-resistant hardware. The small form factor and offline key storage capability set the product apart, making it ideal for protecting business critical keys in a secure offline environment.

Luna USB HSM delivers industry leading key management in a portable appliance with an USB interface. All key materials are maintained exclusively within the confines of the hardware. The Luna USB HSM is a small form factor HSM that is widely used by governments, financial institutions and large enterprises to protect data, applications and digital identities in order to reduce risk and ensure regulatory compliance. It is well suited for the strong protection of PKI root keys.

Luna Backup HSM Solutions

Thales offers flexible options to help maintain business continuity, with offline backup HSM and cloud backup HSM solutions that follow security best practices by maintaining keys in hardware throughout their lifecycle, protecting those keys even when not in use and reducing the attack surface.

Luna Backup Hardware Security Modules (HSMs) are widely used by enterprises, financial institutions and governments to securely backup high value cryptographic key material. This accessory to Luna Network and PCIe HSMs enables you to reduce risks, maintain SLAs, and ensure regulatory compliance, ensuring your critical data is securely stored offline.

Luna Cloud HSM

Luna Cloud HSM services are available on the Thales Data Protection on Demand (DPoD) online marketplace. With Luna Cloud HSM services, customers can store and manage cryptographic keys, establishing a common root of trust across all applications and services, while retaining complete control of their keys at all times. HSMs are also used to perform cryptographic operations such as encryption/ decryption of data encryption keys, protection of secrets (passwords, SSH keys, etc.), and more, across environments.

Enjoy the flexibility to move freely between cloud, hybrid and on-premises environments for cloning, backup and more in a purpose-built hybrid solution while always remaining in control with Thales hybrid Luna HSMs.

ProtectServer HSM

Available in network attached and PCIe form factors, ProtectServer Hardware Security Modules (HSMs) are designed to protect cryptographic keys against compromise while providing encryption, signing and authentication services to secure Java and sensitive web applications.

ProtectServer HSMs offer a unique level of flexibility for application developers to create their own firmware and execute it within the secure confines of the HSM. Known as functionality modules, the toolkits provide a comprehensive facility to develop and deploy custom firmware.

General Purpose HSM

Wherever your data resides we can help you own your data