Thales strengthens security appliances

By Dave Simpson

-- Thales (pronounced 'talus') today introduced a new line of hardware security modules (HSMs) under the nShield Connect 6000 moniker. The devices succeed the company's netHSM line of appliances, which are still available.

According to wikipedia, an HSM is a "secure cryptoprocessor targeted at managing digital keys for server applications . . . The goals of an HSM are the (a) secure generation, (b) secure storage, (c) and use of cryptographic and sensitive data."

"An HSM is a system for protecting encryption keys, managing the keys, and performing encryption and digital signatures," explains Kevin Bocek, Thales' director of product marketing.

Key enhancements in the nShield Connect 6000 appliance (vs. Thales existing HSM appliances) include:

• Performance enhancements. The company claims that the appliance can process up to 6,000 signing transactions per second (TPS) with RSA 1,024-bit keys, or 3,000 TPS with the more secure 2,048-bit keys. Standards bodies such as NIST have advised organizations to move to 2,048-bit encryption keys by 2010.

• Support for up to 100 client applications (physical servers, virtual machines or other application instances), vs. 20 applications in previous versions.

• Dual power supplies, enabling onsite servicing.

The network-attached nShield Connect 6000, which is part of Thales' nCipher product line, supports shared security infrastructure applications such as Microsoft Certificate Services, Entrust Authority Security Manager, RSA Certificate Manager, Oracle 11G, and Microsoft SQL Server. The appliance is validated to FIPS 140-2 level 3 and Common Criteria EAL 4+.

Pricing for the nShield Connect 6000 starts at $39,000.

Thales will be hosting a webinar on the product July 20. To register, visit www.thalesgroup.com/iss.

Related articles:
Thales addresses encryption key management
Evaluating options for tape encryption

This article was originally published on July 15, 2009