Maximum flexibility when using Hardware Security Modules
Business critical information must be protected against un-authorised access, manipulation and theft. SafeGuard® SecurityServer is the ideal product package for all critical security processes.
- Integrated key management
- Simultaneous application access: Multiple applications can access the respective key container within the HSM at the same time
- Scalability and high-availability
- Remote administration
- Remote diagnostics via a network management system using SNMP
- Comprehensive product package: No additional client or connection licenses required
Some example fields of application
Based on Safeguard Security Server CS Series our eGovernment solution guarantees the maximum of security for critical infrastructures. With a complete set of all international algorithms, and an integrated true random number generator SafeGuard® CryptoServer CS Series underlie your critical processes. Next to standardized algorithms and methods, our certified SafeGuard® CryptoServers CS Series is in the evaluation process for the Common Criteria EAL4 + certification.
Banking and Finance
The SafeGuard® SecurityServer fulfills all the PCI DSS HSM Security requirements. Our solutions meet the demands for extremely high transaction volumes for cryptographic processes.
At the same time, we grant you maximum flexibility of our solution for the integration into your infrastructure, through the broad range of standard API's.
Our hardware security portfolio guarantees the integrity and confidentiality of your critical data and processes. Thanks to our broad network of technology partners we are supporting all standard interfaces – without any additional license structures. Our Business Processes solution can thus easily be integrated into your IT-infrastructure.
SafeGuard® SecurityServer is able to be used for DNS Security Extensions.
Benefit from the advantages of a hardware solution compared to software-only solutions:
- fast implementation process with the aid of our DNSSEC Simulator – creates low investment risk without hidden consequential costs
- highest security and tamper resistance
- certified compliance with FIPS 140-2 level 3 and 4
- relieves DNS servers from performing complex cryptographic calculations
- support for popular DNS servers and DNS signers such as BIND and OpenDNSSEC
- scalable to your needs and thus cost-effective
Cryptography & Tamper Technology
The most common usage of Hardware Security Modules is the tamper-proof preparation and storage of cryptographic keys. Within these mission-critical host applications Hardware Security Modules are included as the standard today.
With the SafeGuard® CryptoServer product line we are offering different kinds of security and performance levels in terms of tamper technology. With our experience of over 25 years in developing and manufacturing hardware security modules we are able to provide our customers the highest product quality and reliability in terms of tamper technology starting from standard tamper-proof devices up to the highly secure, tamper-responsive HSM SafeGuard® CryptoServer CSe.
SafeGuard® SecurityServer is available with the following cryptographic algorithms:
- DSA, ECDSA
- AES, DES, Triple DES
- AES MAC, Triple DES MAC, Retail MAC
- Hash algorithms SHA-1, SHA-2 family, RIPEMD-160, MD5
- Additional algorithms on request
SafeGuard® SecurityServer is available with the following certification levels:
- FIPS 140-2 level 3
- In certification: FIPS level 4 for „physical security“
- In certification: Common Criteria EAL4+
Random Number Generation
Safeguard SecurityServer comes with the following options:
- Physical random number generation in accordance with AIS 31 (class P2)
- Deterministic random number generation according to FIPS 186-3 or AIS 20 (class K4)
SafeGuard SecurityServer is available with the following tamper features:
- secure deletion if mechanical / physical / chemical attacs occur
- secure deletion in case of temperature fluctuation or if the energy supply is outside of defined limits
- possibility of manual deletion