The nShield Solo is a FIPS 140-2 certified, hardened, tamper-resistant, PCI-Express HSM that provides cryptographic services for one or more server applications. The nShield Solo offers high performance cryptography, making it suitable for high demand operations. Its capability to work in tandem with other nShield products allows the nShield Solo to create a secure ecosystem for your organization.
-
Certified hardware solutions
nCipher has earned a broad set of certifications for nShield products. These certifications help our customers to demonstrate compliance while also giving them the assurance that their nShield HSMs meet stringent industry standards.
Security compliance:
Safety and environmental standards compliance:
- FIPS 140-2 Level 2 and Level 3
- Common Criteria EAL4+ (AVA_VAN.5) for nShield Solo+ models
- Recognition of nShield Solo as a Qualified Signature Creation Device (QSCD)
- UL, CE, FCC, C-TICK, Canada ICES
- RoHS2, WEEE
-
High transaction rates
nShield HSMs boast high rates of elliptic curve cryptography (ECC) and RSA transaction. ECC, one of the most efficient cryptographic algorithms, is particularly favored where low power consumption is crucial, such as applications running on small sensors or mobile devices
-
Wide support for APIs, cryptographic algorithms and OSs
Supported APIs
Supported Cryptographic Algorithms
nShield HSMs offers support for the majority of these cryptographic algorithms as part of the standard feature set. For organizations wishing to use ECC or KCDSA algorithms, optional activation licenses are needed.
Operating Systems
- PKCS#11, OpenSSL, Java (JCE), Microsoft CAPI and CNG
- Asymmetric public key algorithms: RSA, Diffie-Hellman, ECMQV, DSA, KCDSA, ECDSA, ECDH
- Symmetric algorithms: AES, AES-GCM, ARIA, Camellia, CAST, RIPEMD160 HMAC, SEED, Triple DES
- Hash/message digest: SHA-1, SHA-2 (224, 256, 384, 512 bit), HAS-160
- Full Suite B implementation with fully licensed ECC including Brainpool and custom curves
- Windows and Linux
- nShield Solo+ additionally supports Solaris, IBM AIX, HP-UX and virtual environment AIX LPARs
- nShield Solo XC also supports virtual environments Citrix XenServer 6.5, VMware ESXi 5.5, and Windows Server 2012R2 Hyper-V
- Performance Ratings and Options
To meet the performance that your application needs, nCipher e-Security provides a variety of nShield Solo models (see specifications above). You can select among the performance models shown. For the ultimate flexibility, you can purchase in-field upgrades from lower to higher performance models
- CodeSafe
CodeSafe is a powerful, secure environment that lets you execute applications within the secure boundaries of nShield HSMs. Sample applications include digital meters, authentication agents, digital signature agents and custom encryption processes. CodeSafe is available with FIPS 140-2 Level 3 certified nShield Solo and nShield Connect HSMs
- Remote Administration Kits
nShield Remote Administration lets operators manage distributed nShield HSMs—including adding applications, upgrading firmware, checking status, re-booting and more—from their office, reducing travel and costs. Remote Administration Kits contain the hardware and software needed to set up and use the tool. These kits are available for nShield Solo and nShield Connect HSMs.
-
CipherTools Developer Toolkit
The CipherTools Developer Toolkit is a set of tutorials, reference documentation, sample programs and additional libraries. With this toolkit, developers can take full advantage of the advanced integration capabilities of nShield HSMs. In addition to offering support for standard APIs, the toolkit enables you to run custom applications with nShield HSMs
-
Database Security Option Pack
Databases often contain an organization's most sensitive data. To help customers protect their data, major database vendors have implemented native encryption in their products. The nShield Database Security Option Pack adds support for Microsoft’s Extensible Key Management (EKM) API, helping organizations to better protect the keys that safeguard sensitive data in Microsoft SQL Server
-
Time Stamping Option Pack
The Time Stamping Option Pack and optional Time Stamping Developer Software used with nShield Solo 500+ HSM helps companies to securely apply a time-stamped signature to a document. These time stamping signatures deliver high-assurance integrity to digital records management and can support a wide variety of applications, including code signing, financial transactions, legal filings, lotteries and gaming, security logs, long-term archives and more
-
Elliptic Curve Cryptography (ECC) Activation
The ECC activation license enables EC-DH, EC-DSA and EC-MQV to be used on an nShield HSM
-
KCDSA Activation
With the KCDSA activation license, you can use the Korean Certificate-based Digital Signature Algorithm (KCSDA) as well as HAS-160, SEED and ARIA algorithms on an nShield HSM
-
Smart card reader rackmount
For organizations deploying one or more nShield Solo modules in a 19" rack, the optional nShield smart card reader rackmount provides a practical and clean solution for attaching card readers in the data center. The rackmount is 1U in height and can be equipped with up to four smart card readers, which come standard with nShield Solo cards. Each unit is packaged with three vanity panels to cover any unused slots
