You are here: Administration & Maintenance Manual > Appliance Administration > Administer the Appliance (outside the HSM)

Administer the Appliance (outside the HSM)

The maintenance and administrative tasks in this portion of the guide are primarily for the appliance outside of the HSM.
The HSM has its own dedicated section.
Some activities might encompass both portions of the Luna HSM server.

 

As an HSM Server, the HSM appliance provides increased operational flexibility over traditional HSMs. The HSM appliance includes an integrated FIPS 140-2 level 3 HSM, the SafeNet K6 Cryptographic Engine, which offers the same high level of security as traditional HSMs.

The HSM appliance that you have purchased has been factory configured to operate as either a:

The HSM appliance adds a secure service layer ( NTLS ) that allows the K6 SafeNet Cryptographic Engine (the HSM inside the appliance) to be shared as a service to network applications. Like traditional servers that provide e-mail, web pages, and file download (FTP) services to authenticated clients, the HSM appliance offers HSM services to clients on the network.

As an Ethernet-attached device, the HSM appliance can be shared among many applications on a network. Rather than requiring many HSMs to fulfill the security demands of many applications, one HSM appliance can be shared among many applications simultaneously.

 

For just a few Clients registered and connecting to the Luna SA, we recommend configuring Client connections by hostname (network info, certificates, etc.). However, if you intend to have dozens or hundreds of Clients registered against the appliance, then we recommend instead that you configure using IP addresses - otherwise, the DNS lookup overhead might result in timeout before all Clients can be connected. IP-based registration doesn't have that overhead.