|
Home > |
HSM Administration Guide > Capabilities and Policies
|
|---|
HSM capabilities describe the SafeNet Luna Network HSM's configuration, and are displayed
HSM policies correspond to a subset of capabilities that allow you to customize the HSM functions. Policies can be modified to provide greater security based on your specific needs. For example, you can restrict the HSM to use only FIPS-approved algorithms by setting HSM policy 12.
Partitions inherit the capabilities and policy settings of the HSM. Partitions also have policies that can be set to customize the partition functions. Partition policies can never be modified to be less secure than the corresponding HSM capability/policy. For example, if the HSM's cloning policy is disallowed (see HSM policy 7), partition policies 0 and 4, which allow cloning of private or secret keys, cannot be set.
The following sections list and describe the HSM and partition capabilities and policies: