nShield HSM

nCipher offers a comprehensive range of General Purpose HSMs offering secure cryptographic processing, key generation in a FIPS 140-2 certified environment.

SECURITY YOU CAN TRUST

nCipher Security’s nShield Hardware Security Modules (HSMs) are hardened, tamper-resistant devices that protect your company’s most sensitive data. These FIPS 140-2 certified modules perform cryptographic functions such as generating, managing and storing encryption and signing keys, as well as executing sensitive functions within their protected boundaries.

nShield HSMs also support a wide range of cryptographic algorithms, including elliptic-curve cryptography algorithms that deliver high-speed transactions ideally suited to today’s compact computing environments, as well as the industry’s most widely used operating systems and APIs.

The nShield Family comes in three convenient form factors:

nShield Connect

The Connect HSM is a network-attached appliance that delivers cryptographic services to applications distributed across the network.

nShield Connect HSMs are available in two series: classic nShield Connect+ HSMs and the high-performance nShield Connect XC HSM series.

nShield Solo

The Solo is a PCIe card for embedding in appliances or servers that delivers cryptographic services to applications hosted on a server or appliance.

nShield Solo HSMs are available in two series: classic nShield Solo+ HSMs and the high-performance nShield Solo XC HSM series.

nShield Edge

The Edge is a portable USB-based desktop device designed for convenience and economy. The Edge is ideal for developers as it supports applications such as low volume root key generation and offers an entry level security solution. The edge is also a perfect solution for off-line key generation for certificate authorities (CAs), low cost HSM development and Cloud Bring you Own Key (BYOK) environments.

Contact ID-3 to find out how we can help your business.

Get Demo

nShield HSMs

nShield HSMs are deployed to give high assurance to a variety of business applications including BACS-TEL, SEPA, public key infrastructures (PKI), SSL/TLS encryption key protection, code signing, digital signing and blockchain.

As growth in the Internet of Things creates greater demand for device IDs and certificates, nShield HSMs will continue to support critical security measures such as device authentication using digital certificates.

Contact ID-3 to help you with the following nShield services:

HSM Implementation
Formal Key Ceremonies
Workshops and Awareness Training
Documentation and Procedures

CLOUD-FRIENDLY WEB SERVICE INTERFACES

The optional nShield Web Services Crypto API streamlines the interface between your applications and HSMs by executing commands through web service calls. This innovative approach facilitates deployments by removing the need to integrate applications directly with nShield, and eliminates dependencies on OS and architecture design choices. A cloud-friendly solution, the Web Services Crypto API interfaces with applications hosted in the cloud as well as in traditional data centers.

STRONGER KEY MANAGEMENT FOR YOUR CLOUD DATA WITH NSHIELD BYOK

nShield BYOK lets you generate strong keys in your on-premises nShield HSM and securely export them to your cloud applications, whether you use Amazon Web Services, Google Cloud Platform, Microsoft Azure— or all three. With nShield BYOK, you strengthen the security of your key management practices, gain greater control over your keys and ensure that you are sharing in the responsibility of keeping your data secure in the cloud.

nShield BYOK brings you the following benefits:
Safer key management practices that strengthen the security of your sensitive data in the cloud
Stronger key generation using nShield’s high entropy random number generator protected by FIPS-certified hardware
Greater control over keys—use your own nShield HSMs in your own environment to create and securely export your keys to the cloud

STREAMLINED OPERATIONS USING REMOTE MONITORING AND MANAGEMENT

nShield Monitor and nShield Remote Administration, available for nShield Solo and Connect HSMs, help you cut operational costs while staying informed and in command 24×7 of your HSM estates.

nCipher’s remote monitoring and management products help you to:

Optimize HSM performance, infrastructure planning and uptime using nShield Monitor to inform your staff about load trends, usage statistics, tamper
events, warnings, and alerts
Reduce travel costs and save time by managing HSMs through nShield Remote Administration’s powerful and secure interface

CODESAFE - SECURE EXECUTION ENVIRONMENT

In addition to protecting your sensitive keys, nShield Solo and Connect HSMs also provide a secure environment for running your proprietary applications.
The CodeSafe option lets you develop and execute code within the nShield’s FIPS 140-2 Level 3 boundaries, safeguarding your applications from potential attacks.

CodeSafe helps you to:

Achieve high assurance by executing sensitive applications and protecting application data end points inside a certified environment
Protect security-sensitive applications against hazards such as insider attacks, malware and advanced persistent threats
Eliminate the risk of unauthorized application changes or malware infection using code signing

Why buy from ID-3?

ID-3 Personal Touch

A specialist supplier with industry experience can provide the assurance that you are speaking to the right person. We pride ourselves on being at hand to assist your delivery throughout its life-cycle. A single call to connect you to HSM expertise which you simply wont find at general re-sellers.

ID-3 Service Support

Unlike other re-sellers ID-3 is the UK’s only service led consultancy and re-seller who can offer comprehensive assistance for payShield 10k and its associated management tools to support your ITIL related service delivery.

ID-3 offers rapid over the phone or email advice and support to its customers from our team of in-house experts without depending on the vendors.

ID-3 has a proven track record of delivering HSMs into highly regulated environments and can offer an extensive range of professional service options and training options to help any team correctly implement the nShield in to any regulated environment.

ID-3 Documentation

Procedures are critical to every service. ID-3 HSM procedures are available to our customers via download from our portal and customised for your environment removing the arduous task of needing to become expert prior to business as usual handover and reducing the time it takes to get the service into production.

Specifications

Transaction Rates

nShield Connect & Solo Models (TPS)	500+	XC Base	1500+	6000+	XC Mid	XC High
2048 bit RSA Sig	150	430	450	3000	3500	8600
4096 bit RSA Sig	80	100	190	500	850	2025
256 bit ECC Sig	540	680	1260	2400	5500	14400

Wide support for APIs, cryptographic algorithms and OSs

Supported APIs

PKCS#11, OpenSSL, Java (JCE), Microsoft CAPI and CNG

Supported Cryptographic Algorithms

Asymmetric public key algorithms: RSA, Diffie-Hellman, ECMQV, DSA, KCDSA, ECDSA, ECDH, Edwards (X25519, Ed25519ph)
Symmetric algorithms: AES, AES-GCM, ARIA, Camellia, CAST, RIPEMD160 HMAC, SEED, Triple DES
Hash/message digest: SHA-1, SHA-2 (224, 256, 384, 512 bit), HAS-160
Full Suite B implementation with fully licensed ECC including Brainpool and custom curves

nShield HSMs offers support for the majority of these cryptographic algorithms as part of the standard feature set. For organizations wishing to use ECC or South Korean algorithms, optional activation licenses are needed.

Operating Systems

Microsoft Windows 7 x64, 10 x64; Windows Server 2008 R2 x64, 2012 R2 x64, 2016 x64
Red Hat Enterprise Linux AS/ES 6 x64, 6 x86, 7 x64, 5 x64 (libc6.5) (partial support); SUSE Enterprise Linux 11 x64 SP2, 12 x64,
Oracle Solaris 11 (SPARC), Oracle Solaris 11 x64
IBM AIX 7.1 (POWER6, POWER8), HP-UX 11i v3
Oracle Enterprise Linux 6.8 x64 and 7.1 x64

Virtual environment support: Microsoft Windows Hyper-V Server 2012 R2, 2016, VMware ESXi 6.5, Citrix XenServer 6.5, AIX LPARs

Benefits

Powerful architecture

All nShield hardware security modules integrate with the unique Security World architecture from nCipher. With this proven technology, you can combine different nShield HSM models to build a unified ecosystem that delivers scalability, seamless failover and load balancing.

Performance and versatility

With nShield hardware security modules, you only buy what you need to meet your specific performance requirements. nShield Connect and Solo are available in three models that offer varying levels of performance, including a wide range of ECC options that deliver industry-leading transaction rates.

Protect your proprietary applications and data

nShield Connect and Solo HSMs don’t just protect your sensitive keys and data; they also provide a secure environment for running sensitive applications. The CodeSafe option lets you execute code within nShield boundaries, protecting your applications and the data they process.

Product Uses

Public Key Infrastructures

nShield HSMs generate and protect root and certificate authority (CA) keys, providing support for PKIs across a variety of use cases.

Code Signing

nShield HSMs sign your application code so you can ensure that your software remains secure, unaltered and authentic.

Digital Certificates

nShield HSMs create digital certificates for credentialing and authenticating proprietary electronic devices for IoT applications and other network deployments.

Contact ID-3 to find out how we can help your business.

Get in touch

nShield HSM

SECURITY YOU CAN TRUST

HSM Implementation

Formal Key Ceremonies

Workshops and Awareness Training

Documentation and Procedures

CLOUD-FRIENDLY WEB SERVICE INTERFACES

STRONGER KEY MANAGEMENT FOR YOUR CLOUD DATA WITH NSHIELD BYOK

STREAMLINED OPERATIONS USING REMOTE MONITORING AND MANAGEMENT

CODESAFE - SECURE EXECUTION ENVIRONMENT

Transaction Rates

OUR PARTNERS

ABOUT

SERVICES ID3

CONTACT ID3

MY AREA

nShield HSM

SECURITY YOU CAN TRUST

CLOUD-FRIENDLY WEB SERVICE INTERFACES

STRONGER KEY MANAGEMENT FOR YOUR CLOUD DATA WITH NSHIELD BYOK

STREAMLINED OPERATIONS USING REMOTE MONITORING AND MANAGEMENT

CODESAFE - SECURE EXECUTION ENVIRONMENT

OUR PARTNERS

ABOUT

SERVICES ID3

CONTACT ID3

MY AREA

Cookie and Privacy Settings