Header-Banner

Luna SA – Network-Attached HSM

Award-Winning Hardware Security Module

Luna SA

image Luna SA

Luna SA is a future-friendly HSM with a wide range of configurations available.

Download Product Brief

Luna SA is designed with the security of your cryptographic keys in mind, and is the choice for enterprises requiring strong security for cryptographic keys.

As a general purpose hardware security module (HSM), Luna SA can be easily integrated into a wide range of applications to accelerate cryptographic operations, secure the crypto key lifecycle, and acts a root of trust for your entire encryption infrastructure.

Approach to Key Security: Keys in Hardware


Luna SA is the most trusted general purpose HSM on the market in part because of our unique approach to protecting cryptographic keys. Unlike other methods of key storage which move keys outside of the HSM into a “trusted layer,” the keys-in-hardware approach protects the entire key lifecycle within the FIPS 140-2 validated confines of the Luna SA HSM appliance. This method ensures that your keys always benefit from both physical and logical protections of the Luna SA.

Scalable Security for Virtual and Cloud Environments


Luna SA can be separated into twenty cryptographically isolated partitions, with each partition acting as if it was an independent HSM. This provides a tremendous amount of scalability and flexibility, as a single HSM can act as the root of trust that protects the cryptographic key lifecycle of twenty dependent applications.

What’s more, Luna SA partitions are designed to protect key material from other tenants on the appliance, meaning different lines of business, or customers in the case of service provides, can leverage the same appliance without fear of losing their keys to another tenants. 

Available in Two Performance Models


Luna SA is available in two performance models; Luna 7000 and Luna SA 1700.

Luna SA 7000 is a high performance HSM capable of best in class performance across a breadth of algorithms including ECC, RSA, and symmetric transactions. Luna SA 7000 also features a dual, hot-swappable power supply that ensures consistent performance and no down-time.

The Luna 1700 variant includes a single power supply, and is capable of 1700 RSA 1024-bit transactions per second.

Algorithm

 

Luna SA 1700 Model

 

Luna SA 7000 Model

 

RSA-1024

1,700

7,000

RSA-2048

350

1,200

ECC P256

500

2,000

ECIES

200

300

AES-GCM

3700

3700

View Specifications Resource Library

Operating System Support

OS Support

  • Windows, Linux, Solaris, AIX, HP-UX
  • Virtual: VMware, Hyper-V, Xen

Cryptographic Support

Cryptography

  • Full Suite B support
  • Asymmetric: RSA (1024-8192), DSA (1024-3072), Diffie-Hellman, KCDSA, Elliptic Curve Cryptography (ECDSA, ECDH, ECIES) with named, user-defined and Brainpool curves
  • Symmetric: AES, RC2, RC4, RC5, CAST, DES, Triple DES, ARIA, SEED
  • Hash/Message Digest/HMAC: SHA-1, SHA-2 (224-512), SSL3-MD5-MAC, SSL3-SHA-1-MAC
  • Random Number Generation: FIPS 140-2 approved DRBG (SP 800-90 CTR mode)

Crytographic APIs

PKCS#11, Java (JCA/JCE), Microsoft CAPI and CNG, OpenSSL

Physical Characteristics

Rack Mountable

Standard 19" EIA rack mount chassis (1U height)

Dimensions

19” x 21” x 1.725” (482.6mm x 533.4mm x 43.815mm)

Weight

28lb (12.7kg)

Input Voltage

100-240V, 50-60Hz

Power Consumption

180W maximum, 155W typical

Temperature

Operating 0° to 40°C

Relative Humidity

5% to 95% (38°C) non-condensing

Hardware Redundancy

2 redundant/hot-swappable power supplies

Security Certifications

Certifications

  • FIPS 140-2 Level 2 and Level 3
  • Common Criteria EAL4+
  • BAC & EAC ePassport Support

Safety and Environmental Compliance

Compliance

  • UL, CSA, CE
  • FCC, KC Mark, VCCI, CE
  • RoHS, WEEE

Management, Logging, and Monitoring

Management

M of N support for division of command

Logging

Syslog

Monitoring

SNMPv3

View Features & Benefits Resource Library

Luna SA HSM Features & Benefits

Hardware Security Module Icon

Sample Applications:

  • PKI key generation & key
  • Storage (online CA keys & offline CA keys)
  • Certificate validation & signing
  • Document signing
  • Transaction processing
  • Database encryption
  • Smart card issuance

Security at a Glance:

  • FIPS 140-2 (available in Level 2 and 3) validated
  • Common Criteria EAL 4+ certified cryptographic module
  • Keys in hardware
  • Remote management
  • Secure transport mode for high-assurance delivery
  • Multi-level access control
  • Multi-part splits for all access control keys
  • Intrusion-resistant, tamper-evident hardware
  • Secure Audit Logging
  • Strongest cryptographic algorithms
  • Suite B algorithm support
  • Secure decommission

Features:

  • Dual Hot Swap Power Supplies
  • Multi-level access control
  • Intrusion-resistant, tamper-evident hardware
  • Field Serviceable Components
  • Software upgradable
  • Up to 100 clients
  • Multiple Roles for Administration
  • Strong Separation of Duties
  • Partitioning and strong cryptographic separation
  • Load Balancing and Scalability
  • Host Trust Links – secure binding of client to HSM in Virtual Cloud Environment
View How To Buy Resource Library

Use this form to contact sales now.

Americas
Phone: 866-251-4269
Complete this short form
EMEA
Phone:+44-01276-608000
Complete this short form
APAC
Phone: 866-251-4269
Complete this short form

US Federal Sales Type 1
Phone: 443-327-1235
Complete this short form

 

Office Locations
Find a Partner
Order Inquiries? View contact information here.
View Overview Resource Library
Microsoft sql sol brief image
CTA Enterprise Key Managment CTA