|
Home > |
|---|
The SafeNet HSM Product team is proud to provide customers with advanced access to new features via our Technology Preview program. Features that are in the Technology Preview program are features that have completed development and are waiting for customer feedback from a functionality and usability perspective. Features classified in the Technology preview program should be implemented and used with caution to ensure that the functionality implemented meets customer’s operational requirements.
Gemalto has developed a simplified, streamlined method to configure SafeNet Network HSM appliances for network trust link (NTL), using one command. See "PREVIEW: [Optional] One-step NTLS Setup" on page 1. [applicable to Network HSM, only]
Appliance-side logging of HSM activity moves HSM logging directly into the appliance file system. The purpose is to record HSM operations while freeing the HSM to perform cryptographic operations. "Appliance-side HSM Audit Logging" on page 1 and "Appliance-side Audit Logging Compared with Secure Audit Logging " on page 1 [applicable to Network HSM, only]
Named roles can be customized, allowing compartmentalization of HSM management. A custom administrative user role is defined by a simple list of the commands that it can run. The role is then applied to named users to give them only the required access. Roles can be removed from a user or added to a user, see Defined Ability Sets and Named Roles for Named Users and user role import [applicable to Network HSM, only]
To aid in provisioning and redeployment, customers managing multiple HSMs can now directly query the API to discover the version of any HSM appliance. This removes the need to open an SSH session and run shell commands, allowing more convenient management and smoother automation. [applicable to Network HSM, only]
HSM appliance port bonding is now supported for all Linux-standard port-bonding modes, where previously only mode 0 was supported. "SafeNet Network HSM Appliance Port Bonding" on page 1 [applicable to Network HSM, only]
Large enterprises providing crypto as a service now have ability to update the appliance without needing SO authentication. [applicable to Network HSM, only]
Audit logs can now be rotated, allowing uninterrupted HSM operation if the log space is permitted to approach full. audit log logappliance rotation [applicable to Network HSM, only]