Luna General Purpose HSMs

Cryptography is only as strong as the security afforded to your cryptographic keys. Luna HSMs are designed with the highest key security in mind.

With our unique keys-in-hardware approach, cryptographic keys are securely isolated inside the tamper-resistant hardware of the HSM. Applications communicate with the keys stored in the Luna HSM via a client – but keys never leave the HSM.

With an unparalleled combination of features — including central key and policy management, robust encryption support, flexible integration and more – Luna Hardware Security Modules enable organisations to guard against evolving threats and capitalise on the emerging opportunities presented in technological advances.

Achieving FIPS and Common Criteria certification can be a lengthy process for each product certified. As our sole focus is security, we make third-party certifications a priority.

Our team has years of experience in designing products that adhere to FIPS 140-2 and Common Criteria. Our Luna HSMs are certified to FIPS 140-2 (Level 2 and 3) and Common Criteria EAL 4+. as follows:

Thales Luna HSM 7

• Thales Luna HSM 7 (PCIe and Network) FIPS 140-2 Level 3 – password and multi-factor (PED)
• Thales Luna HSM (PCIe and Network) – remote Qualified Electronic Signature resp. Seal Creation Device (QSCD) – for eIDAS compliance

Thales Luna HSM 6

• Thales Luna HSM 6 (PCIe and Network) 140-2 Level 2 NIST Certificate #3208
• Thales Luna HSM 6 (PCIe and Network) 140-2 Level 3 NIST Certificate #3268
• Thales Luna HSM 6 (PCI-E Cryptographic Module 6.10.9 when embedded within a Thales Luna Network HSM 6) – OCSI QSigCD) and QSealCD for remote digital signature use cases.
• Certificate of Attestation of Conformity
• Thales Luna HSM 6 (PCI-E Cryptographic Module 6.10.9 when embedded within a Thales Luna Network HSM 5/6) – QsigCD and QSealCD for remote digital signature use cases
• Certificate Direct
• EU Commission Published List of QSCD approved devices

Today, organisations depend on IT infrastructure that is spread across the globe. Activating, managing and administering HSMs across many decentralised data centres could be a time consuming and costly process.

With Thales’s two-factor authenticated Remote PIN Entry Device (PED), Luna HSMs can be securely managed and administered remotely. Luna HSMs also benefit from secure transport mode, a feature which allows HSMs to be placed in a locked state to ensure key material is secure and untampered as it travels to a data centre or remote office.

Crypto Command Centre is an innovative provisioning tool that enables organisations to establish their own internal HSM-as-a-Service offering.

Crypto Command Centre allows a centralised IT team to establish a pool of pre-configured HSM resources, and provide those resources to the teams that need them via an on-demand catalogue of resources. Crypto Command Centre represents a dramatic reduction in the time required to stand-up and manage Luna Network HSM resources.