General Purpose HSM

DATA PROTECTION WITH BROAD APPLICATION

All things protected by encryption or digital signatures can be protected even further with an HSM. The user areas range from PKI (Public Key Infrastructure) to encryption of web servers.

General purpose HSMs enable companies to add hardware security to critical applications such as PKIs, databases and web- and application servers. The use of standardized cryptographic interfaces makes Thales nShield range easy to integrate with Microsoft Certificate Services (PKI), Entrust Authority Security Manager, RSA Certificate Manager, Oracle Database, Microsoft SQL Server, and several other applications.

nShield Connect+

Thales nShield Connect+ is a network-attached, general purpose HSM that protects up to 100 clients by safeguarding their encryption and digital signing keys and processing sensitive data on the trusted appliance.

Technical Specifications – Brief Summary:

Network-attached HSM with enhanced performance
Manages cryptographic operations as a shared resource for distributed and virtual applications
Redundant hardware suitable for data centres with high access requirements
The network architecture supports both traditional an virtualized deployment, as well as cloud based installations
The nShield Connect+ security boundary is validated for FIPS 140-2 Level 3 and Common Criteria EAL4+

For more information on nShield Connect+, please visit the Thales product page.

nShield Solo+

Thales nShield Solo+ is a product family of embedded, general purpose HSMs for servers and appliances that safeguard encryption and digital signing keys. nShield Solo+ can optionally run custom applications on the module to protect data in use.

Technical Specifications – Brief Summary:

Embedded HSM card available in either PCI or PCIe format
Unburdens cryptographic calculations and enables increased speed and enhanced system performance
Ideal for use within security appliances to achieve FIPS grade security hardening
The security boundary of the nShield Solo+ family is validated for FIPS 140-2 Level 3 and Common Criteria EAL4+. All models are also available at a lower price as a FIPS 140-2 Level 2 variant

For more information on nShield Solo+, please visit the Thales product page.

nShield Edge

Thales nShield Edge is a portable HSM for use in root certification authorities (CAs), registration authorities (RAs), code signing and remote HSM operations. nShield Edge combines a full-featured HSM with a smart card reader in one and the same device, offering secure backup and dual access control of an organization’s high-value keys with low transaction volumes. Its USB connectivity makes it especially suitable for use with laptops and virtual machines.

Technical Specifications – Brief Summary:

Portable format and USB connectivity enable flexible deployment
Intrusion-protected epoxy cast shell reveals tampering attempts
User authentication through built-in smart card reader
The security boundary for nShield Edge is validated for FIPS 140-2 level 3

For more information on nShield Edge, please visit the Thales product page.

Customer information from Thales

netHSM end of life

The netHSM 500 and netHSM 2000 hardware security modules, together with the associated software has reached end of life as of April 10th, 2014. To find about more about the withdrawal, please click on the link below.

Product Retirement Announcement netHSM

Connect and Solo end of sales

Thales has announced the end of sales and support for previous generation nShield Solo & Connect (non+) models. End of Sales is per December 31st, 2015 while end of support is December 31st, 2018. For more information regarding the Eos plans, please click on the link below.

End of support for previous generation nShield Solo & Connect (non+) models

PKI White Paper

A new White Paper from Thales which describes todays threats, challenges and security requirements for PKIs. Is your PKI secure enough for you business applications? Does your PKI make the security grade? Click on the link below to download.