Luna Network HSMs

High Assurance Hardware Security Modules

Secure your sensitive data and critical applications by storing, protecting and managing your cryptographic keys in Luna Network Hardware Security Modules (HSMs) – high-assurance, tamper-resistant, network-attached appliances offering market-leading performance.

Easily integrate these network-attached HSMs into a wide range of applications to accelerate cryptographic operations, secure the crypto key lifecycle, and act as a root of trust for your entire crypto infrastructure.

Contact TSSL

Approach to Key Security: Keys in Hardware

Protect the entire lifecycle of your keys within the FIPS 140-2 validated confines of the SafeNet Luna Network HSM. Our unique approach to protecting cryptographic keys in hardware positions our appliances as the most trusted general purpose HSMs on the market. Unlike other methods of key storage which move keys outside of the HSM into a “trusted layer,” the keys-in-hardware approach ensures that your keys always benefit from both physical and logical protections of the SafeNet Luna Network HSM.

Internet of Things

Guard against evolving threats and capitalize on emerging technologies including the Internet of Things (IoT), Blockchain , and more, with Gemalto’s unparalleled combination of products and features.

Ease of Use – Centralized Crypto Resources

Quickly secure a large number of standard applications with our broad partner ecosystem – documented, out-of-the-box integrations with SafeNet Luna Network HSMs.

Scalable Security for Virtual and Cloud Environments

Separate SafeNet Luna Network HSMs into up to 100 cryptographically isolated partitions, with each partition acting as if it was an independent HSM. A single HSM can act as the root of trust that protects the cryptographic key lifecycle of hundreds of independent applications, providing you with a tremendous amount of scalability and flexibility.

Keys and partitions are cryptographically separated from each other, enabling Enterprises and Service Providers to leverage the same hardware for multiple tenants and appliances.

Largest Ecosystem of Partners Available

Quickly secure a large number of standard applications with our broad partner ecosystem – documented, out-of-the-box integrations with SafeNet Luna Network HSMs.


Meet compliance and audit needs for GDPR, eIDAS, FIPS 140, Common Criteria, HIPAA, PCI-DSS, and others, in highly-regulated industries including Financial, Healthcare and Government.

The De Facto Standard for the Cloud

As the de facto standard in the cloud, SafeNet Luna Network HSMs are deployed in more public cloud environments than any other HSM. Scale to meet your cryptographic performance requirements regardless of the environment be it on-premises, private, public, or hybrid and multi-cloud environments.

Market-Leading Performance – Built for Speed

Faster than other HSMs on the market, SafeNet Luna Network HSM 7 is ideally suited for use cases that require high performance such as the protection of SSL/TLS keys and high volume code signing.

Sample Applications

- PKI key generation & storage (online and offline CA keys)


- Code Signing

- Certificate Signing & Validation

- Document signing

- HSMaaS – Private & Public Cloud Environment

- Transaction processing

- Database encryption

- Smart card issuance

- Hardware root of trust for the Internet of Things (IoT)

- Blockchain

- Compliance including GDPR, PCI-DSS, HIPAA, eIDAS, and more

Security at a Glance

- Keys always remain in FIPS 140-2 Level 3-validated, tamper-evident hardware

- High-assurance delivery with secure transport mode

- De facto standard for the cloud

- Multiple roles for strong separation of duties

- Multi person MofN with multi-factor authentication for increased security

- Meet compliance needs for GDPR, HIPAA, PCI-DSS, eIDAS, and more

- Secure audit logging

- Remote management

- Multi-part splits for all access control keys

- Strongest cryptographic algorithms including Suite B algorithm support

- Secure decommission


- Dual Hot Swap Power Supplies

- Field Serviceable Components

- Software upgradable

- Multiple Roles for Administration

- Strong Separation of Duties

- Partitioning and strong cryptographic separation

- Load Balancing and Scalability

Additional Information

Thales Luna Network HSM 7 Specifications:
OS Support
Windows, Linux, Solaris, AIX
Virtual: VMware, Hyper-V, Xen, KVM
Full Suite B support
Asymmetric: RSA, DSA, Diffie-Hellman, Elliptic Curve Cryptography (ECDSA, ECDH, Ed25519, ECIES) with named, user-defined and Brainpool curves, KCDSA, and more
Symmetric: AES, AES-GCM, DES, Triple DES, ARIA, SEED, RC2, RC4, RC5, CAST, and more
Hash/Message Digest/HMAC: SHA-1, SHA-2, SM3, and more
Key Derivation: SP800-108 Counter Mode
Key Wrapping: SP800-38F
Random Number Generation: designed to comply with AIS 20/31 to DRG.4 using HW based true noise source alongside NIST 800-90A compliant CTR-DRBG
Crytographic APIs
PKCS#11, Java (JCA/JCE), Microsoft CAPI and CNG, OpenSSL
REST API for Administration
Rack Mountable
Standard 1U 19" rack mount appliance
19” x 21” x 1.725” (482.6mm x 533.4mm x 43.815mm)
28lb (12.7kg)
Input Voltage
100-240V, 50-60Hz
Power Consumption
110W maximum, 84W typical
Operating 0° to 35°C, storage - 20° to 60°C
Relative Humidity
5% to 95% (38°C) non-condensing
2 dual hot-swap power supplies
Field-servicable components
Mean Time Between Failure (MTBF) 171,308 hrs
FIPS 140-2 Level 3 – Password and multi-factor (PED)
4 Gigabit Ethernet ports with Port Bonding IPv4 and IPv6
M of N support for division of command
HA disaster recovery

Related Products

About TSSL

Established in 1978, TSSL is a privately held Hong Kong company with subsidiary in Macau, providing advanced enterprise solutions to clients in neighborhood regions.


Document Inspection
ID Autofill System (OCRM)
Visitor Management




About Us
Contact Us