Contact Us

SafeNet Network HSM

Award-Winning Hardware Security Module

SafeNet Network HSM - Luna SA Chasis Photo

SafeNet Network HSM – formerly Luna SA – is designed with the security of your cryptographic keys in mind, and is the choice for enterprises requiring strong security for cryptographic keys.

As a network-attached hardware security module (HSM), SafeNet Network HSM can be easily integrated into a wide range of applications to accelerate cryptographic operations, secure the crypto key lifecycle, and acts a root of trust for your entire encryption infrastructure.

Approach to Key Security: Keys in Hardware

 SafeNet Network HSM is the most trusted general purpose HSM on the market in part because of our unique approach to protecting cryptographic keys. Unlike other methods of key storage which move keys outside of the HSM into a “trusted layer,” the keys-in-hardware approach protects the entire key lifecycle within the FIPS 140-2 validated confines of the SafeNet Network HSM appliance. This method ensures that your keys always benefit from both physical and logical protections of the SafeNet Network HSM.

SafeNet Network HSM Diagram

Scalable Security for Virtual and Cloud Environments

SafeNet Network HSM can be separated into up to 100 cryptographically isolated partitions, with each partition acting as if it was an independent HSM. This provides a tremendous amount of scalability and flexibility, as a single HSM can act as the root of trust that protects the cryptographic key lifecycle of hundreds of dependent applications.

What’s more, SafeNet Network HSM partitions are designed to protect key material from other tenants on the appliance, meaning different lines of business, or customers in the case of service provides, can leverage the same appliance without fear of losing their keys to another tenants. 

Available in Two Performance Models

SafeNet Network HSM is available in two performance models: Safenet Network HSM 7000 and SafeNet Network HSM 1700.

SafeNet Network HSM 7000 is a high performance HSM capable of best in class performance across a breadth of algorithms including ECC, RSA, and symmetric transactions. SafeNet Network HSM 7000 also features a dual, hot-swappable power supply that ensures consistent performance and no down-time.

The 1700 variant includes a single power supply, and is capable of 1700 RSA 1024-bit transactions per second.


SafeNet Network HSM 1700 Model

SafeNet Network HSM 7000 Model

RSA-1024 1,700 7,000
RSA-2048 350 1,200
ECC P256 570 2,000
ECIES 200 300
AES-GCM 3600 3600

SafeNet Network HSM Specifications:




OS Support  
  • Windows, Linux, Solaris, AIX, HP-UX
  • Virtual: VMware, Hyper-V, Xen
  • Cloud: AWS, SoftLayer, Azure, vCloudAir
  • Full Suite B support
  • Asymmetric: RSA (1024-8192), DSA (1024-3072), Diffie-Hellman, KCDSA, Elliptic Curve Cryptography (ECDSA, ECDH, ECIES) with named, user-defined and Brainpool curves
  • Symmetric: AES, RC2, RC4, RC5, CAST, DES, Triple DES, ARIA, SEED
  • Hash/Message Digest/HMAC: SHA-1, SHA-2 (224-512), SSL3-MD5-MAC, SSL3-SHA-1-MAC, SM3
  • Random Number Generation: FIPS 140-2 approved DRBG (SP 800-90 CTR mode)
Crytographic APIs   PKCS#11, Java (JCA/JCE), Microsoft CAPI and CNG, OpenSSL
Rack Mountable   Standard 19" EIA rack mount chassis (1U height)
Dimensions   19” x 21” x 1.725” (482.6mm x 533.4mm x 43.815mm)
Weight   28lb (12.7kg)
Input Voltage   100-240V, 50-60Hz
Power Consumption   180W maximum, 155W typical
Temperature   Operating 0° to 40°C
Relative Humidity   5% to 95% (38°C) non-condensing
Hardware Redundancy   2 redundant/hot-swappable power supplies
  • FIPS 140-2 Level 2 and Level 3
  • Common Criteria EAL4+
  • FIPS 186-4
  • NIST SP800-131A
  • UK AMI Spec Compliance
  • BAC & EAC ePassport Support
  • UL, CSA, CE
  • FCC, KC Mark, VCCI, CE
  • RoHS, WEEE
Management   M of N support for division of command
Logging   Syslog
Monitoring   SNMPv3

SafeNet Network HSM Features & Benefits

Hardware Security Module Icon

Sample Applications:

  • PKI key generation & key
  • Storage (online CA keys & offline CA keys)
  • Certificate validation & signing
  • Document signing
  • Transaction processing
  • Database encryption
  • Smart card issuance
  • Hardware root of trust for the Internet of Things

Security at a Glance:

  • FIPS 140-2 (available in Level 2 and 3) validated
  • Common Criteria EAL 4+ certified cryptographic module
  • Keys in hardware
  • Remote management
  • Secure transport mode for high-assurance delivery
  • Multi-level access control
  • Multi-part splits for all access control keys
  • Intrusion-resistant, tamper-evident hardware
  • Secure Audit Logging
  • Strongest cryptographic algorithms
  • Suite B algorithm support
  • Secure decommission


  • Dual Hot Swap Power Supplies
  • Multi-level access control
  • Intrusion-resistant, tamper-evident hardware
  • Field Serviceable Components
  • Software upgradable
  • Up to 100 clients
  • Multiple Roles for Administration
  • Strong Separation of Duties
  • Partitioning and strong cryptographic separation
  • Load Balancing and Scalability
  • Host Trust Links – secure binding of client to HSM in Virtual Cloud Environment
Back to Top

Contact Us

Thank you for your interest in our products. Please fill out and submit the form to receive more information about Gemalto or to be contacted by a Gemalto specialist.

Your Information

* Email Address:  
* First Name:  
* Last Name:  
* Company Name:  
* Phone:  
* Country:  
* State (US Only):  
* Province (Canada/Australia Only):  

By submitting this form I agree to receive information from Gemalto and its affiliates as described in our Privacy statement.