nShield HSM Remote Administration
Why Remote Administration
nShield HSMs often run in physically secure, lights-out data centers in locations distant from the people who manage them. Many organizations find it impractical to gain access to their remote HSMs for routine management tasks. Remote Administration lets you manage your HSMs—including adding applications, upgrading firmware, checking status, and more—from your location, and whenever you choose. This means far less travel to data centers, helping you cut costs and optimize your resources.
- Eliminates travel to data centers, cutting costs and saving time
- Reduces downtime
- Eliminates the risk of carrying cards to remote locations
- Provides 24 x 7 access to nShield HSMs
Remote Administration is versatile and works with nShield Connect and Solo HSMs. Remote Administration Client software, running in your local office, supports both Windows and Linux.
Remote Administration was designed with security paramount among its attributes, and incorporates the following functions to safeguard your transactions:
- Authentication between Remote Administration Cards (smart cards) & HSM
•Remote Administration Cards (in the local office) and the target HSM mutually authenticate by recognizing each other’s factory-issued warrants (like digital certificates)
- HSM verification
•Card-holder confirms the electronic serial number of the HSM
- User authentication
•Quorum of card-holders must present passphrases in the presence of a Security Officer, the same as if physically present with the HSM
- VPN channel
•Communication between the local workstation and remote HSM secured via VPN and runs over a remote desktop (RDP) or secure shell session
- FIPS 140-2 certification
•Remote Administration Cards are designed for FIPS 140-2 Level 3 certification
- Firewall protection
•Trusted Verification Devices (secure card readers) equipped with a firewall to help deter malware from the laptop
Remote Administration allows the vast majority of functions that are otherwise performed in the physical presence of your HSM to be carried out remotely, letting you do the following from the location of your choice:
- Configure new HSMs once installed in data center—less time in the data center, and security officers needn’t be present—lower overhead
- Add new HSM applications
- Upgrade firmware and software for maintenance and other updates
- Monitor HSM status and re-boot
- Perform both Operator and Administrator management tasks
- Easily navigate functions using a simple GUI on the Remote Administration Client (RAC) software
Remote Administration Cards
Trusted Verification Devices (TVD)
nShield HSMs: Remote Administration works with Solo and Connect nShield HSMs. Remote Administration does not support legacy nShield Solo PCIs.
Remote Administration Client OS compatibility: The Remote Administration Client software, the user interface running locally, is compatible with Windows or Linux operating systems.
nShield software compatibility: Remote Administration must be used with v12.00 software and accompanying firmware*. V12.00 can be upgraded from the software versions listed below. (Earlier versions of software will need to be upgraded to these versions before upgrading to v12.00.)
Note: nShield Edge is designed as a local HSM and is not compatible with Remote Administration.
下載 -- nShield Remote Administration
玉山科技 版權所有 © Copyright AsiaPeak 2006, All Rights Reserved