About the SafeNet Luna G5 Backup HSM

The SafeNet Luna Backup HSM allows you to safeguard your important cryptographic objects by making secure backups, and restoring those backups to an application partition. It uses the Luna G5 architecture. This section contains the following information about the SafeNet Luna Backup HSM:

>Physical Features

>Backup HSM Functionality

>Storage and Maintenance

>Installing the Backup HSM

>Installing or Replacing the Backup HSM Battery

>Backup HSM Secure Transport and Tamper Recovery

>Initializing the Backup HSM Remote PED Vector

>Resetting the Backup HSM to Factory Conditions

Physical Features

The front panel of the SafeNet Luna Backup HSM (G5 model) is illustrated below, with important features labeled. In the second image, the front bezel has been removed, exposing the battery enclosure.

     

The rear panel of the SafeNet Luna Backup HSM (G5 model) is illustrated below, with important features labeled. The first image depicts a Backup HSM with an internal power supply. The second image depicts one that ships with an external power supply.

     

1

Status LEDs. When illuminated, they indicate:

>Active: The Backup HSM is performing a procedure. Do not disconnect or unplug the device when this light is illuminated.

>Tamper: The Backup HSM is in a tamper state. You must clear the tamper state before backing up or restoring partitions.

>Error: HSM device driver error. Contact Thales Customer Support (see Support Contacts).

2 Serial port for attaching a local SafeNet Luna PED using a 9-pin Micro-D to Micro-D cable.
3 USB port. Not applicable to backup/restore functions.
4 Battery enclosure. See Installing or Replacing the Backup HSM Battery.
5 Power connector for a SafeNet Luna Backup HSM with an internal power supply. See Storage and Maintenance for more information.
6 Index hole. Engages with the index post on a SafeNet Luna Backup HSM rack shelf.
7 Mini-USB port for connecting the SafeNet Luna Backup HSM to a SafeNet HSM or client workstation. See Installing the Backup HSM.
8 Power source connector for a SafeNet Luna Backup HSM with an external power supply (included).

Backup HSM Functionality

The SafeNet Luna Backup HSM allows you to back up application partitions from one or more Luna HSMs. Backup operations are performed on a per-partition basis.

Password or PED Authentication

The SafeNet Luna Backup HSM can be configured to back up either password- or PED-authenticated partitions. You must specify the authentication method when you initialize the Backup HSM (see ). Once initialized, the Backup HSM can only be used with partitions sharing the same authentication type. The only way to change the authentication method is to restore the Backup HSM to factory condition and re-initialize it.

Storage Capacity and Maximum Allowable Backup Partitions

The storage capacity and maximum number of backup partitions allowed on the Backup HSM is determined by the firmware. You can check the capacity using lunash:>token backup show -serial <serialnum> or lunacm:> hsm showinfo. To update the Backup HSM firmware to a version that allows more backups, see Updating the SafeNet Luna Backup HSM Firmware.

NOTE   Objects stored on a Backup HSM may be smaller than their originals. For example, symmetric keys are 8 bytes smaller when stored on a Backup HSM. This size difference has no effect on backup and restore operations.

Storage and Maintenance

The SafeNet Luna Backup HSM can be safely stored, containing backups, when not in use. When stored properly, the hardware has a lifetime of 10+ years. Newer Backup HSMs ship with an external power supply.

CAUTION!   The internal power supply on older SafeNet Luna Backup HSMs uses capacitors that may be affected if they are left unpowered for extended periods of time. If your Backup HSM has an internal power supply, power it on occasionally to recharge the capacitors. If the capacitors lose function, the Backup HSM will no longer receive power.

With the introduction of external power supplies, this is no longer a requirement. If the external power supply fails from being left unpowered, it can be easily replaced.

The Backup HSM Battery

The battery powers the NVRAM and Real-Time-Clock (RTC), and must be installed for use. The battery can be removed for storage, and this is generally good practice. Thales uses high-quality, industrial-grade batteries that are unlikely to leak and damage the HSM hardware, but an externally-stored battery will last longer. The battery must be stored in a clean, dry area (less than 30% Relative Humidity). Temperature should not exceed +30 ÂșC. When properly stored, the battery has a shelf life of 10 years.

If the battery dies or is removed, and the main power is not connected, NVRAM and the RTC lose power. Battery removal triggers a tamper event. After replacing the battery, the HSM SO must clear the tamper event before operation can resume. The working copy of the Master Tamper Key (MTK) is lost (see Backup HSM Secure Transport and Tamper Recovery). Backup objects are stored in non-volatile memory, so they are preserved and remain uncorrupted.

There is no low battery indicator, or other provision for checking the battery status. The voltage remains constant until the very end of battery life.