KMES Series Hardware Security Module (HSM) – Product Review

A Complete, Hardware-Based, Certificate and Key Management Solution

The KMES Series of Hardware Security Module (HSM) provides a robust, easy-to-use solution for managing large volumes of encryption keys, certificates, and other cryptographic objects. It can create and store both symmetric and asymmetric key pairs for the encryption, decryption, signature, and validation of data. The extensive functionality of the KMES HSM series makes it an unrivalled solution for organizations relying on encryption key management.

Regulatory Standards Compliance

The KMES HSM series meets and exceeds the following industry-standard security and regulatory requirements:

  •   PCI DSS
  •   EMVCo
  •   FIPS 140-2 Level 3
  •   ANSI X9.24 Parts 1 & 2 for Symmetric and Asymmetric Key Management – TR-39
  •   RoHS
  •   FCC Part 15 – Class B

KMES HSM Series – Features and Benefits

Functionality

  •   Generates symmetric and asymmetric key pairs for the encryption, decryption, signature, and validation of arbitrary data
  •   Fully supports all major key types, algorithms, and protocols
  •   Signs manufactured devices, software code, individual or bulk files, SSL connections, and any item requiring a digital signature
  •   Tracks and exports certificate revocations through built-in Certificate Revocation Lists
  •   Stores millions of objects, with increased encryption key generation speed available via hardware upgrade
  •   Provides disaster recovery, redundancy, and high availability functionality using Masterless Peering with the Guardian9000 HSM

Automation Capabilities

  •   Full Host API functionality enables for programmatic automation of tasks
  •   Versatile, extensible command structure allows the incorporation of additional functionality
  •   Audit Tracking Capability
  •   Provides detailed audit records and the ability to generate certificate reports
  •   Easily manages internal and external audits
  •   Automatically transmits data logs to a remote syslog server
  •   Stores all tracking information and certificate authority activity
  •   Maintains complete, authenticated log files of all activity and access

Seamless Integration

Built around Futurex’s proven cryptographic technology, the KMES HSM Series’ modular system architecture provides custom solutions to fulfill the unique needs of organizations across a wide range of industries. For organizations wishing to implement the KMES hardware security module series into existing infrastructures, our solutions architects are highly experienced in crafting turnkey solutions.

The Futurex KMES HSM series functions as a complementary product to numerous other Futurex devices, including the Excrypt SSP9000 hardware security module series, Excrypt SSP9000 Enterprise, and Kryptos TLS Server. Futurex has significant project experience customizing the device to integrate directly into the proprietary environments of organizations requiring bulk digital signature operations.

Ease of Use

  •   Intuitive GUI reduces training requirements for operators
  •   Simplified method makes certificate creation quick and easy and per data privacy compliance
  •   Certificates export in PKCS #7 or X.509 formats with DER or PEM encoding, or in PGP format
  •   Granular user group permissions allow for separation of roles

Secure File Signing

  •   KMES HSM series digitally signs files using many cryptographic algorithms, including SHA-1 and PGP
  •   The KMES hardware security module series can expand .tar files, sign individual files within the archive, and then recompress with the signature of the chosen file(s)
  • Digital signing ensures file integrity, verifying file transfers with the assurance that they have not been tampered with and they come from a trusted source

KMES HSM Series – Specifications

  •   Space: 2U - 3.47 inches (8.81 cm)
  •   Weight: 40.5 lbs (18.4 kg)
  •   Power requirements: 100 - 240 VAC 50/60 Hz. 225 Watts
  •   Operating temperature: 50° to 95°F (10° to 35°C)
  •   Storage temperature: 41° to 149°F (5° to 65°C)
  •   Operating relative humidity: 20% to 80% non-condensing
  •   Storage relative humidity: 5% to 95% non-condensing

External Hardware Requirements of KMES HSM

  •   Keyboard: Standard USB
  •   Mouse: Standard USB
  •   Video: SVGA1024x768 at 75Hz refresh
  •   Printer: PostScript-compatible (optional)

© Kryptoagile Solutions Pvt. Ltd. All rights reserved (2017-2018).