Certification
FIPS
At any given time, a FIPS-validated version of the HSM is available, and a newer not-yet-validated version might also be available for newly introduced products that have not had time to go through the long evaluation and validation process. The usual practice is to ship units pre-loaded with the firmware and software at the FIPS-validated level by default, while providing the option to update the Client software, Appliance software, and HSM firmware to the newer version. This allows customers who need FIPS validation to have that configuration from the factory, and customers who need newer features (and do not need FIPS validation) to upgrade by simply installing the newer software and following the upgrade procedure. To check the progress of HSM versions that are submitted for FIPS 140-2 validation visit the NIST site at http://csrc.nist.gov/groups/STM/cmvp/validation.html.
Common Criteria
Some versions of the product are submitted for Common Criteria EAL evaluation.
You can check with Thales Customer Support to inquire about the certification status of Luna HSM products. If FIPS validation or CC EAL certification are not requirements for you, then the newest version is normally the preferred option.