Thales Luna HSMs

Thales Luna HSMs

Secure your devices, identities and transactions with
Thales Luna HSM – the foundation of digital trust

Get in Touch

High Assurance Hardware Security Modules

Secure your sensitive data and critical applications by storing, protecting and managing your cryptographic keys in Luna Network Hardware Security Modules (HSMs) - high-assurance, tamper-resistant, network-attached appliances offering market-leading performance.

Easily integrate these network-attached HSMs into a wide range of applications to accelerate cryptographic operations, secure the crypto key lifecycle, and act as a root of trust for your entire crypto infrastructure.

Introducing Luna 7 HSM by Thales

Thales Luna Network HSM - Product Brief

Thales Luna Network HSM - Product Brief

Secure your sensitive data and critical applications by storing, protecting and managing your cryptographic keys in Thales Luna Network Hardware Security Modules (HSMs) - high-assurance, tamper-resistant, network-attached appliances offering market-leading performance.

Contact a specialist about Thales Luna HSMs
  • Overview
  • Features
  • Specifications

Approach to Key Security: Keys in Hardware

Protect the entire lifecycle of your keys within the FIPS 140-2 validated confines of the Thales Luna Network HSM. Our unique approach to protecting cryptographic keys in hardware positions our appliances as the most trusted general purpose HSMs on the market. Unlike other methods of key storage which move keys outside of the HSM into a “trusted layer,” the keys-in-hardware approach ensures that your keys always benefit from both physical and logical protections of the Thales Luna Network HSM.

Market-Leading Performance – Built for Speed

Faster than other HSMs on the market, Thales Luna Network HSM 7 is ideally suited for use cases that require high performance such as the protection of SSL/TLS keys and high volume code signing.

Scalable Security for Virtual and Cloud Environments

Separate Thales Luna Network HSMs into up to 100 cryptographically isolated partitions, with each partition acting as if it was an independent HSM. A single HSM can act as the root of trust that protects the cryptographic key lifecycle of hundreds of independent applications, providing you with a tremendous amount of scalability and flexibility.

Keys and partitions are cryptographically separated from each other, enabling Enterprises and Service Providers to leverage the same hardware for multiple tenants and appliances.

Ease of Use – Centralised Crypto Resources

Simplify the administration of multiple HSMs using Thales Crypto Command Centre to provide on-demand provisioning and monitoring of crypto resources.

The Dae Facto Standard for the Cloud

As the dae facto standard in the cloud, Thales Luna Network HSMs are deployed in more public cloud environments than any other HSM. Scale to meet your cryptographic performance requirements regardless of the environment be it on-premises, private, public, or hybrid and multi-cloud environments.

Largest Ecosystem of Partners Available

Quickly secure a large number of standard applications with our broad partner ecosystem – documented, out-of-the-box integrations with Thales Luna Network HSMs.

Internet of Things

Guard against evolving threats and capitalise on emerging technologies including the Internet of Things (IoT), Blockchain , and more, with Thales unparallelled combination of products and features. 


Meet compliance and audit needs for GDPR, eIDAS, FIPS 140, Common Criteria, HIPAA, PCI-DSS, and others, in highly-regulated industries including Financial, Healthcare and Government.

Luna Network HSM 7 Features & Benefits

Sample Applications:

  • PKI key generation & storage (online and offline CA keys)
  • Code Signing
  • Certificate Signing & Validation
  • Document signing
  • HSMaaS – Private & Public Cloud Environment
  • Transaction processing
  • Database encryption
  • Smart card issuance
  • Hardware root of trust for the Internet of Things (IoT)
  • Blockchain
  • Compliance including GDPR, PCI-DSS, HIPAA, eIDAS, and more

Superior Performance:

  • Luna Network HSM 7 is the fastest HSM on the market with over 20,000 ECC and 10,000 RSA Operations per second for high performance use cases
  • Lower latency for improved efficiency

Security at a Glance:

  • Keys always remain in FIPS 140-2 Level 3-validated, tamper-evident hardware
  • High-assurance delivery with secure transport mode
  • Dae facto standard for the cloud
  • Multiple roles for strong separation of duties
  • Multi person MofN with multi-factor authentication for increased security
  • Meet compliance needs for GDPR, HIPAA, PCI-DSS, eIDAS, and more
  • Secure audit logging
  • Remote management
  • Multi-part splits for all access control keys
  • Strongest cryptographic algorithms including Suite B algorithm support
  • Secure decommission


  • Dual Hot Swap Power Supplies
  • Field Serviceable Components
  • Software upgradable
  • Multiple Roles for Administration
  • Strong Separation of Duties
  • Partitioning and strong cryptographic separation
  • Load Balancing and Scalability

Luna Network HSM 7 Specifications:

Specifications listed below are for Thales Luna Network HSM 7



OS Support
  • Windows, Linux, Solaris, AIX
  • Virtual: VMware, Hyper-V, Xen, KVM
  • Full Suite B support
  • Asymmetric: RSA, DSA, Diffie-Hellman, Elliptic Curve Cryptography (ECDSA, ECDH, Ed25519, ECIES) with named, user-defined and Brainpool curves, KCDSA, and more
  • Symmetric: AES, AES-GCM, DES, Triple DES, ARIA, SEED, RC2, RC4, RC5, CAST, and more
  • Hash/Message Digest/HMAC: SHA-1, SHA-2, SM3, and more
  • Key Derivation: SP800-108 Counter Mode
  • Key Wrapping: SP800-38F
  • Random Number Generation: designed to comply with AIS 20/31 to DRG.4 using HW based true noise source alongside NIST 800-90A compliant CTR-DRBG
Cryptographic APIs
  • PKCS#11, Java (JCA/JCE), Microsoft CAPI and CNG, OpenSSL
  • REST API for Administration
Rack Mountable Standard 1U 19" rack mount appliance
Dimensions 19” x 21” x 1.725” (482.6mm x 533.4mm x 43.815mm)
Weight 28lb (12.7kg)
Input Voltage 100-240V, 50-60Hz
Power Consumption 110W maximum, 84W typical
Temperature Operating 0° to 35°C, storage - 20° to 60°C
Relative Humidity 5% to 95% (38°C) non-condensing
  • Dual hot-swap power supplies
  • Field-serviceable components
  • Mean Time Between Failure (MTBF) 171,308 hrs
  • UL, CSA, CE
  • FCC, CE, VCCI, C-TICK, KC Mark
  • RoHS2, WEEE
  • TAA
  • 4 Gigabit Ethernet ports with Port Bonding IPv4 and IPv6
Management MofN support for division of command
Logging Syslog
Monitoring SNMP



Luna Network HSM 7 is available in the following performance models to suit your needs:

Luna Network "A" HSM Series:

Luna Network HSM A700, A750, and A790 offer FIPS 140-2 Level 3-certification, and password authentication for easy management.

Luna Network “S” HSM Series:

Luna Network HSMs S700, S750, and S790 feature Multi-factor (PED) Authentication, for high-assurance use cases.

All Luna Network HSMs offer the highest levels of performance. Across a breadth of algorithms including ECC, RSA, and symmetric transactions. Additional product highlights include enhanced tamper and environmental failure protection, key ownership regardless of the cloud environment, enhanced multi-tenancy, and dual hot-swappable power supplies that ensures consistent performance and no down-time.


Luna Network HSM 700 Models

Luna Network HSM 750 Models

Luna Network HSM 790 Models

RSA-2048 signing ops 1,000 5,000 10,000
ECC P256 signing ops 2,000 10,000 20,000
AES-GCM small packet encryption ops 2,000 10,000 20,000


Download the Luna Network HSM 7 Product Brief

Risk Management Strategies for Digital Processes - White Paper

Risk Management Strategies for Digital Processes with HSMs - White Paper

An Anchor of Trust in a Digital World Business and governmental entities recognize their growing exposure to, and the potential ramifications of, information incidents, such as: Failed regulatory audits Fines Litigation Breach notification costs Market set-backs Brand...