Skip to content
CryptoHub is 2024 Data Protection Solution of the Year!
  • There are no suggestions because the search field is empty.
Check out the CryptoHub press release.

Vectera Plus HSM

General-purpose hardware security module (HSM)

vectera plus general purpose hardware security module (hsm)

Vectera Plus: High-Speed HSM for Versatile Encryption

The Vectera Plus is a hardware security module (HSM) designed for general-purpose encryption and key management. The Vectera Plus is capable of the industry’s fastest processing speeds and can integrate with a wide variety of host applications. It supports all major encryption algorithms and complies with strict international standards like FIPS 140-2 Level 3 and PCI PTS HSM. The Vectera Plus can even support payments processing, making it a highly scalable long-term solution.

Use Cases

Data Protection

  • Database encryption
  • File encryption
  • Application encryption
  • Vaultless tokenization

Key Management

  • Key lifecycle management
  • Payment key management

Third-party Application Integration

  • Oracle Key Vault
  • Check Point Security Gateway
  • VMware vSphere
  • Java Key Tool
  • R3 – Corda Enterprise
  • Microsoft Active Directory Certificate Services (AD CS)
  • Microsoft Active Directory Rights Management Services
  • Microsoft Active Directory Federation Services (AD FS)
  • Microsoft SQL Server
  • Venafi Trust Protection Platform (TPP)

Testing and Development

  • Perform testing, development, and rapid prototyping in a secure code environment (SCE).

Public Key Infrastructure

  • Digital certificate signing and verification
  • Management of root and certificate authority (CA) keys.
  • Integrity and authenticity of digital signatures.
  • Enabling secure code signing and verification processes.

Benefits of Vectera Plus Hardware Security Module (HSM)

icon_ca

HSM virtualization

Create dozens of virtual HSMs with hundreds of application partitions to expand functionality and use cryptographic resources more effectively.

icon_search

Universal support

Futurex solutions support all major encryption algorithms (symmetric and asymmetric), standard client libraries, and APIs for swift integration.

icon_encryption

Custom scripting

Load, test, and execute custom applications and code within the boundary of the Vectera Plus’s Secure Code Environment (SCE).

Why Vectera Plus HSM Fits Your Needs

The Vectera Plus is ideally suited for general-purpose cryptography, from securing applications, network, code and databases to public key infrastructures and smart devices (IoT). It supports all common APIs for easy integration with host applications. Like all Futurex solutions, the Vectera Plus’s functionality and performance can be scaled according to need. It can be deployed on-premises, in the cloud, or in a hybrid configuration.

icon_saas
Flexible functionality

The Vectera Plus is ideally suited for general-purpose encryption, but thanks to its flexible code base, can also take on payment and key management functions.

icon_code signing
Secure code environment

Application developers can run and test applications within an isolated FIPS 140-2 Level 3-compliant secure code environment (SCE) with custom scripting options.

icon_ca
HSM virtualization

You can divide the cryptographic functions of the Vectera Plus into different logical partitions, which allows it to function as completely independent HSMs serving different applications.

icon_web safety
Application partitioning

Multiple applications can simultaneously connect and use Vectera Plus resources securely through key storage table segmentation.

Features of Vectera Plus Hardware Security Module

icon_safety

General-purpose power

Whether securing databases, protecting emails, or encrypting files in compliance with HIPAA, the Vectera Plus can fill nearly any cryptographic role.

icon_web safety

Ease of use

The Vectera Plus can be controlled with an intuitive web interface or through APIs. Add the Excrypt Touch for point-and-click key loading and configuration.

icon_encryption

Swift integration

Thanks to a shared code base, the Vectera Plus easily integrates with other Futurex HSMs, key management servers, and cryptographic management tools.

icon_code signing

Algorithm support

The Vectera Plus supports all major cryptographic algorithms. Continuous support for new algorithms ensures your infrastructure remains secure.

icon_certificate folder

Secure code environment (SCE)

The Vectera’s SCE is a powerful tool for organizations to both protect and refine their host applications, custom code, and API extensions.

icon_data security

Strict compliance

Futurex solutions comply with strict regulatory requirements like PCI HSM, FIPS 140-2 Level 3, ANSI X9.24 part 1 and 2 – TR-39, and FCC part 15 – class B.

Vectera Plus HSM Integrations with Major Platforms

Apache HTTP Server and Tomcat logo

Apache: HTTP Server and Tomcat

The Vectera Plus offers easy integration with Apache HTTP Server and Apache Tomcat web server software.

axway logo

Axway

Use the Vectera Plus to validate digital certificates stored on CAC cards, PIV cards and in software, via Axway Validation Authority integration.

hashicorp vault logo

HashiCorp Vault: Seal Wrap & Entropy Augmentation and Managed Keys

The Vectera Plus integrates with two services offered by HashiCorp Vault: Seal Wrap & Entropy Augmentation and Managed Keys. Manage secure data vaults for certificates, tokens, credentials, and managed encryption keys.

bind 9 logo

BIND 9

Integrate with the flexible, open-source BIND 9 DNS software suite. Between the Vectera Plus’s support for numerous APIs and the full-featured BIND 9, integration options abound.

cyberark vault logo

CyberArk Vault

Create and configure secure credential storage vaults with the Vectera Plus. Use the CyberArk Vault integration to protect and manage privileged access across your organization’s on-premises and cloud infrastructure.

EJBCA by keyfactor logo

EJBCA

Bring high-performance general purpose encryption of the Vectera Plus to your open-source CA and PKI functionality in EJBCA. The platform-independent flexibility of EJBCA matches the many vendor-agnostic APIs supported by the Vectera Plus.

ISC certagent logo

ISC CertAgent

The Vectera Plus includes a range of vendor-neutral APIs which allow it to integrate with the customer-hosted and easy-to-use ISC CertAgent CA to issue X.509 certificates.

java jarsigner logo

Java Jarsigner

Establish digital signing operations for Java JAR files to authenticate them with the Vectera Plus’s support for Java Jarsigner.

microsoft sign tool

Microsoft SignTool

Digitally sign and verify signatures of files with Microsoft SignTool support.

microsoft windows certificate store

Microsoft Windows Certificate Store

Store certificates on local computers using the Microsoft Windows Certificate Store via the Vectera Plus. Certificate stores can accept certificates from different CAs.

open ssl engine logo

OpenSSL Engine

Easily integrate with OpenSSL to generate private keys and create CSRs with the Vectera Plus.

protegrity logo

Protegrity

Connect the Vectera Plus encryption functionality to the data protection capabilities of Protegrity.

microsoft active directory logo

Microsoft AD CS

Securely support Microsoft AD CS in creation and management of client Public Key Infrastructure (PKI) certificates by centralizing private key storage in the Vectera Plus hardware security module. For more information on Futurex’s AD CS integration methods, visit our Microsoft AD CS Technology Solutions page, or download our informational brochure.

oracle logo

Oracle Database TDE

Establish a Root-of-Trust (ROT) for Oracle databases in the Vectera Plus HSM and provide critical protection to the wallet password. The Vectera Plus provides high-assurance security for the Transparent Data Encryption (TDE) process without disrupting existing features.

microsoft sql server logo

Microsoft SQL Server

Take advantage of the vast set of features and administrative functionality the Vectera Plus HSM provides by using it to offload Transparent Data Encryption (TDE) keys for Microsoft SQL Server. Effectively manage the full key lifecycle, securely generate and issue database encryption keys, and configure specific key management functions like key rotation and aging. Read more about data encryption with SQL Server & HSMs.

versasec vsec:cms logo

Versasec vSEC:CMS

vSEC:CMS is a credential lifecycle management system. When implemented through the Vectera Plus, users can create and manage user authentication credentials throughout their organization.

java key tool logo

Java KeyTool

Seamlessly secure keys in the Vectera Plus HSM with Java KeyTool for use in a wide range of general-purpose applications.

venafi logo

Venafi Trust Protection Platform (TPP)

For effective key & certificate lifecycle management, integrate the Vectera Plus HSM with Venafi’s Trust Protection Platform. Visit the Venafi.com Marketplace to download the integration guide and get started.

red hat certificate system logo

Red Hat Certificate System

Manage user identities and secure private communications with integration for Red Hat Certificate System. Red Hat integration protects traffic from security risks by streamlining PKI.

check point security gateway logo

Check Point Security Gateway

Integrate the Vectera Plus HSM into a Check Point Security environment to add an extra layer of security to the network. Configure the Check Point Security Gateway to effectively store cryptographic key pairs and distribute Certificate Authority (CA) certificates.

Frequently Asked Questions

What are the benefits of general-purpose hardware security modules (HSMs)?

General-purpose HSMs provide a high level of security for IT infrastructure, protecting it from unauthorized access or tampering. Being general-purpose, they support a wide range of cryptographic functions like symmetric and asymmetric encryption, key management, and digital signing. This makes them versatile and able to be used in a variety of applications. The level of physical and logical security of general-purpose HSMs enables them to meet industry standards for security and compliance, such as FIPS 140-2 and PCI HSM.

What is a general-purpose HSM?

A general-purpose HSM is a physically and logically secure device from which you can carry out cryptographic tasks. General-purpose HSMs are often used to encrypt data, sign digital certificates, and manage cryptographic keys. The descriptor “general-purpose” refers to the wide array of cryptographic use cases it is designed to handle. They can be integrated into a wide variety of different environments and customized for diverse use cases.

What is the Vectera Plus?

The Vectera Plus is a general purpose hardware security module (HSM) that excels in the most demanding cryptographic environments. It features high processing speeds, support for a wide range of encryption algorithms, and FIPS 140-2 Level 3 validation. Like all Futurex products, the Vectera Plus supports an array of vendor-neutral APIs for easy integration. From securing applications to encrypting sensitive customer data, the Vectera Plus fills varied roles across different industries.

What are the Vectera Plus HSM specifications?

Hardware features

  • Dual, redundant, hot-swappable power supplies
  • Dual gigabit Ethernet ports
  • Failover link with additional Vectera Plus devices using the Guardian Series 3 for system-wide redundancy
  • Secure Cryptographic Device (SCD) with tamper responsive barrier to protect sensitive data

Operating conditions

  • Power: 100 – 240 VAC 50/60 Hz. 225 Watts
  • Operating temp: -40° to 140°F (-40° to 60°C)
  • Storage temp: -40° to 140°F (-40° to 60°C)
  • Operating humidity: 20% to 80% non-condensing
  • Storage humidity: 5% to 95% non-condensing

Dimensions and weight

  • Weight: 36 lbs (16.33 kg)
  • Width: 19 inches (48.26 cm)
  • Height: 1U – 1.72 inches (4.37 cm)
  • Depth: 19.4 inches (49.38 cm)

Compliance

Industry compliance standards

  • FIPS 140-2 Level 3
  • PCI-HSM
  • ANSI X9.24 part 1 and part 2 – TR-39
  • RoHS
  • FCC Part 15- Class B

Key types and protocols

  • 3DES, AES (128-256), DSA (512-4096)
  • RSA (512-8192)
  • ECC (NIST recommended and user-defined)
  • HMAC (MD5, SHA- 1, SHA-256-512)
  • SHA-1
  • SHA-2 (256-512)

Do general-purpose HSMs work in the cloud?

Futurex’s VirtuCrypt cloud cryptography platform offers the ability to deploy the Vectera Plus in the cloud. Cloud versions of the Vectera Plus run out of VirtuCrypt data centers located in every geographic region, providing high availability, low latency, and maximum compliance. Users can acquire licenses to enable different Vectera features through the cloud just as they would with an on-premises deployment. Overall, the cloud offers the same functionality as an on-premises general-purpose HSM, but with the immediacy and ease of the cloud.

What’s the difference between a general-purpose HSM and payment HSM?

The use cases fulfilled by HSMs tend to be oriented toward either general-purpose encryption or payment encryption. Both involve running cryptographic operations inside the HSM’s secure boundary, but there are some major differences. Payment HSMs are tailored toward the high-performance environments of the payment industry: payment processors, issuing and acquiring banks, and fintech companies. They carry out specialized use cases centered around encrypting and processing payment data. This type of data requires payment HSMs to meet specific compliance requirements, such as those of PCI. General-purpose HSMs, on the other hand, are geared more toward securing communications, managing or authenticating identities, and managing encryption keys. However, some general-purpose HSMs can manage payment keys, and can use many of the same algorithms of a payment HSM.

What interfaces do general-purpose HSMs support?

The types of client libraries and application programming interfaces (APIs) that an HSM supports depends on the manufacturer. Futurex HSMs are designed to support the widest range of APIs available, enabling easy integration between our HSMs and client applications. Futurex HSMs also feature the Excrypt API, a vendor-neutral interface that simplifies HSM-to-application communication. Futurex’s integration engineers have coded to the standards PKCS#11, Microsoft CNG, and others, creating our own versions of these libraries. That way, if a client is using PKCS#11 commands, their application can send those commands to our library, which translates them into commands for our HSMs. This simplifies things for the customer, who doesn’t have to do any additional coding to make this happen.

Does the Vectera Plus have a secure code environment?

The Vectera Plus’ secure code environment is an isolated environment in which to develop and run applications. This provides an easy way to increase the value of HSM infrastructure by developing applications in common cryptographic libraries, such as Java or PKCS #11.

Can I get an overview of the Vectera Plus general purpose HSM?

Boundless cryptographic tasks
  • General purpose data protection tasks, including encryption, decryption, validation, and certifications
  • Secure corporate domains with DNSSEC
  • Secure data for manufactured Internet of Things (IoT) devices
  • Tokenize sensitive information for data types like medical, academic, insurance, military, or corporate IP, at rest or in transit
User-friendly interface
  • Full graphical user interface (GUI) makes configuration simple and easy
  • No command line interface required for installation and initial setup
  • Scalable architecture, with the ability to increase processing throughput rates without downtime
Hardware features
  • Hardened steel 1U tamper-resistant chassis
  • Dual, redundant, hot-swappable power supplies
  • Dual gigabit ethernet ports
  • Battery backup for keys in SCD memory
  • Secure Cryptographic Device (SCD) with tamper-responsive barrier to protect sensitive data
Reporting and audit logging
  • Automatically transmit data logs to a remote server for audits
  • Digitally sign log files, ensuring that data integrity is maintained and that logs cannot be altered
  • Remotely access and audit internal logs via web-based interface
Industry-leading compliance
  • FIPS 140-2 Level 3
  • PCI HSM 2.X
  • ANSI X9.24 Part 1
  • ANSI X9.24 Part 2 – TR-39
  • FCC Part 15 – Class B
  • RoHS
On-demand scalability

Effortlessly increase your infrastructure’s throughput capacity without downtime.

Cryptographic interfaces

Broad support for common interfaces makes integration painless.

  • RESTful API
  • PKCS #11
  • JCA/JCE
  • MS CAPI/CNG
  • Open SSL
Web-based management interface
  • Upgrade firmware
  • Update network settings
  • Execute secure application code
  • Alter host software application parameters
  • Performs all configuration functions

Featured Resources

"To ensure the highest levels of security while working with multiple clients, we have a segregated cryptographic key architecture. Thanks to Futurex’s solutions, we generate, transport, and use these keys intuitively..."

 

- Franco Pinto
Staff Software Engineer

Pomelo

Enterprise Hardware Security Module (HSM) Solutions

Futurex provides HSMs and key management servers that handle encryption, bring-your-own-key (BYOK). Futurex helps enterprise organizations deploy a modern cloud data security environment that complies with the latest standards and regulations.

bc4595180ea915c553ac6ecf67ca4b0b
Bank_of_America_logo
wells fargo
RBC_Bank logo
Discover_Card_logo