Vectera Plus Hardware Security Module (HSM) – Product Overview

The Unparalleled HSM Solutions in Your Reach

Best Hardware Security Module (HSM) for digital signing - Vectra Plus Series HSM

The Vectera Plus is an industry standards-compliant, network-attached hardware security module (HSM) designed for high security data encryption. Incorporating the world’s most advanced encryption algorithms within an industry-leading secure cryptographic device, the Vectera series accommodates unlimited applications across a wide range of industries. The unparalleled extensibility and versatility of the Vectera Plus ensures that your organization will not have to sacrifice quality or usability in exchange for a cost-effective solution. The result is an efficient, best-in-class solution for an enterprise’s encryption needs.

Vectera Plus HSM – Features and Benefits

Secure, Convenient, and Easy to Use

Users can easily configure Vectra Plus HSMs. These elegantly designed key management devices - HSMs improve security and reduce risk, while making key management as convenient as possible. The automated, and network-based log output of this HSM unit easily accommodates the centralized monitoring of multiple geographically dispersed Vectera Series units.

High Performance

The Vectera Plus builds upon Futurex’s legacy of proven technology with features designed to deliver high performance cryptographic solutions that exceed expectations. With scalability features to increase processing throughput rates without removing units from production, the Vectera series ensures organizations don’t have to worry about downtime or loss of functionality.

Industry Regulation−Compliant

Adhering to industry standards, the Vectera Plus is compliant with audit requirements for both current and emerging data security standards. It adheres to FIPS 140-2 Level 3 requirements, giving you the robust protection you need to secure your growing network.

Robust Security

The Vectera Plus HSM includes the following physical and logical security features:

  •   1U tamper-resistant hardened steel interlocking rack-mounted case
  •   Two unique faceplate bezel locks to protect the configuration port
  •   Software enforcement of dual control and split knowledge principles
  •   Secure Cryptographic Device (SCD) with epoxy barrier and sensor wires to protect processor and system memory
  •   User-serviceable battery backup for the better management of sensitive information

Advanced Reporting and Audit Logging Abilities

  •   Automatically transmit data logs to a remote syslog server for internal and external audits
  •   Maintain data and log integrity by digitally signing files
  •   Remotely access internal logs via the web-based management interface designed according to data privacy compliance

Universal Compatibility

  •   Able to execute custom applications in the Secure Code Environment
  •   Compatible with major host application software products sold around the world
  •   Intuitive GUI reduces training and administrative costs and brings ease to HSM configuration

Easy-to-Use GUI

  •   Simple point and click application allows for easy configuration
  •   Ability to perform many key management functions, including key loading and generation

Optional Features

Using the Guardian9000 hardware security module, users manage multiple Vectera Plus HSMs from a secure, centralized location, enabling additional features such as:

  •   Customized, real-time monitoring and alerting based on user-defined thresholds
  •   Notification functionality available via SMS, SMTP, and SNMP
  •   Cloud-based scalability, enabling resource modification depending on current needs
  •  Centralized, remotely accessible storage of log files

Using the Securus, organizations can remotely load encryption/decryption keys and configure the Vectera series from virtually anywhere in the world.

  •   Establish a Public Key Infrastructure (PKI) to securely and remotely load master Keys per standard cryptography guidelines
  •   Replicate device configuration details across multiple units, reducing initial setup time

Cryptographic Algorithms Supported

The Vectera Series can support numerous cryptographic algorithms for general purpose data encryption. These algorithms include:

  •   3DES
  •   AES
  •   RSA
  •   ECC
  •   HMAC
  •   SHA-2

Functional Interfaces Supported

The following represents some of the many APIs and interfaces supported by the Vectera Series:

  •   Excrypt API
  •   PKCS #11
  •   Java

Graphical User Interface

The Vectera Series includes, by default, an intuitive native GUI application for managing the most important HSM security and configuration settings.

Secure Code Environment

The Vectera Series of hardware security module provides a protected secure code environment, which allows organizations to internally load and execute their own custom code and applications. Companies can load their own software directly into the Vectera Series, promoting ease of use and flexibility while maintaining highest security.

Hardware Security Module (HSM) Virtualization

The Vectera series hardware security modules may divide into multiple logical partitions, or into several “virtual” HSMs through a process known as HSM Virtualization. While reducing maintenance, this process allows users to access the power of many HSMs through an automated API, the Guardian9000, the VirtuCrypt Intelligence Portal (VIP) Dashboard, or through the host HSM itself. Each logically separated virtual HSM can dynamically operate using unique firmware, key storage space, network settings, user permissions, and more.

Remote Management Capabilities Via the Securus

The process of configuring and maintaining off-site data centers is typically very difficult. To alleviate that, the Vectera HSM series incorporates a Public Key Infrastructure (PKI) when communicating with the Securus, Futurex’s portable, touchscreen-based remote management and configuration device.
Using Securus along with the remote management functionality within the Vectera Series eliminates the need for organizations to spend time and money traveling to perform routine maintenance, key management/loading operations, and firmware updates. All activities normally performed at the HSM directly are now performed securely from anywhere in the world. This feature is ideal for organizations that have remote datacenters that make physical access to the HSM difficult, time-consuming, or expensive.

Dual, Hot-Swappable Power Supplies

The Vectera Series contains dual, redundant, hot-swappable power supplies, allowing both for redundancy in physical hardware and redundancy in power source, if an organization wishes to use two separate circuits.

Dual Ethernet Ports – An add-on HSM Feature

The Vectera Series hardware security module contains dual Ethernet ports, adding another layer of hardware redundancy.

Integrated Smart Card Reader

Key components require secure storage. Organizations have typically used pen and paper methods to record key components, but our innovative support of smart card-based key loading/management removes that cumbersome requirement. When storing key components, each smart card is itself certified as a FIPS 140-2 Level 3 Secure Cryptographic Device, adding an additional layer of security.

Syslog Support

Maintaining accurate and complete logs is a critical element of a robust payment processing environment. The Vectera Series outputs log files directly to an external syslog server, which simplifies troubleshooting, development, and auditing. This elegant feature is designed per payment card industry data security standards.

M-of-N Key Fragmentation

Typically, organizations must have all key officers present for key loading ceremonies, which requires them to travel and take time out of their schedules. The M-of-N key fragmentation support available on the Vectera Series, however, allows organizations to conduct key loading ceremonies with fewer key officers, if desired. For instance, if an organization has five total key officers, they may set a minimum of three officers that must be present for the ceremony. This allows organizations to maintain security while dramatically reducing the inconvenience of coordinating busy schedules around key ceremonies.

Vectera Plus HSM – Specifications

  •   Space: 1U – 1.72 inches (4.37 cm)
  •   Weight: 36 lbs (16.33 kg)
  •   Power requirements: 100 - 240 VAC 50/60 Hz. 120 Watts
  •   Operating temperature: 50° to 95°F (10° to 35°C)
  •   Storage temperature: -4° to 149°F (-20° to 65°C)
  •   Operating relative humidity: 20% to 80% non-condensing
  •   Storage relative humidity: 5% to 95% non-condensing

© Kryptoagile Solutions Pvt. Ltd. All rights reserved (2017-2018).