Physical Features
The SafeNet Luna Network HSM is 1U high and fits into standard 19-inch equipment racks.
Front Panel
The front panel is illustrated below, with the secure locking bezel removed:
Item | Name | Description |
---|---|---|
A | Front ear brackets | Connect to the front of the appliance chassis with the provided screws, allowing it to be mounted in a standard 19-inch equipment rack. The extending tabs act as posts for the locking bezel. |
B | Mounts for locking bezel | The secure locking bezel connects to the appliance faceplate here. |
C | Front-panel display | Displays basic configuration and status information for the appliance. See also Front-panel LCD Display |
D | USB 3.0 ports | The appliance has a total of four (4) USB 3.0 ports (two on the front panel and two on the back), for connecting to such devices as card readers and backup HSMs. |
E | Start/stop switch | Powers the appliance on or off. See also Power-on, Power-off, or Reboot the Appliance. |
F | Fan status LEDs | The appliance has three (3) cooling fans. If these lights are illuminated, the fans are working correctly. |
G | Ventilation fan filter cover | Removable cover allows cleaning of air filter. See also Power Supply and Fan Maintenance. |
H | Fan bay securing screw |
Torx screw secures the fan bay. CAUTION! Opening to swap fan modules triggers a tamper event on the appliance. See also Power Supply and Fan Maintenance. |
Rear Panel
The rear panel is illustrated below:
Item | Name | Description |
---|---|---|
A | Sliding rail brackets | Connect to the sliding rails mounted on the sides of the appliance chassis, allowing it to be mounted in a standard 19-inch appliance rack. |
B | Kensington lock connector | Allows the appliance to be secured to a desk or equipment rack using a Kensington lock. |
C | HSM card USB port | When authenticating with a PED, the PED must be connected directly to the HSM card. The other USB ports on the appliance will not work for PED connection. |
D | LAN ports |
The appliance has a total of four (4) 1Gbit LAN ports that can be bonded in active-backup mode. They are labeled on the illustration above as follows: >Bond0: eth0 and eth1 >Bond1: eth2 and eth3 |
E | USB 3.0 ports | The appliance has a total of four (4) USB 3.0 ports (two on the front panel and two on the back), for connecting to such devices as card readers and backup HSMs. |
F | RJ45 serial port | Connect a terminal to this port using the included RJ45 to USB cable (see SafeNet Luna Network HSM Required Items). See also Installing the SafeNet Luna Network HSM Hardware. |
G | Decommission button | This button should only be pressed as part of decommissioning and zeroizing the appliance. See also Decommissioning the HSM Appliance. |
H | Power supplies | Connect the appliance to power. For proper redundancy and best reliability, the power cables should connect to two completely independent power sources. See also Power Supply and Fan Maintenance. |
SafeNet Luna Network HSM Network Interface Configuration Variants
The configuration of the network interfaces on the SafeNet Luna Network HSM depends on the model, as follows:
>The 1G model provides four 1G RJ45 copper Ethernet network interfaces.
>The 10G model provides two 10G SFP optical Ethernet network interfaces, and two 1G RJ45 copper Ethernet network interfaces.
The mapping of the network interfaces to their software equivalents (eth0, eth1, eth2, and eth3) is different on each model, as detailed in the following sections. The network interface mappings are not configurable.
1G Model Network Interface Mapping
The 1G model provides four 1G RJ45 copper Ethernet network interfaces. You can optionally bond eth0 and eth1 to bond0, or eth2 and eth3 to bond1, to provide a redundant active/standby virtual interface.
10G Model Network Interface Mapping
The 10G-equpped SafeNet Luna Network HSM provides two 10G SFP optical Ethernet network interfaces (mapped to eth0/eth1), and two 1G copper RJ45 network interfaces (mapped to eth2/eth3). You can optionally bond eth0 and eth1 to bond0, or eth2 and eth3 to bond1, to provide a redundant active/standby virtual interface.