Products

Luna PCIe HSM 7

Vendor:
Thales
Category:
Embedded PCIe Hardware Security Module
Deployment:
On-premises (internal PCIe card)
Product Page:
https://cpl.thalesgroup.com/encryption/hardware-security-modules/pcie-hsms

Overview

Luna PCIe HSM 7 is an internal PCIe card form factor HSM for applications requiring very low latency, on-box cryptographic processing. Installed directly into the server, it eliminates network latency between the application and HSM, making it suitable for high-throughput transaction systems, CA signing operations, payment applications, and specialised appliances where cryptographic performance is critical.

Unsung implements Luna PCIe HSMs for UK customers with performance-sensitive applications that benefit from embedded HSM processing, including high-volume certificate authority operations and purpose-built cryptographic appliances.

The Challenge

Network-attached HSMs serve most organisational requirements, but certain applications demand the lowest possible cryptographic latency. High-frequency signing operations, payment processing systems, and purpose-built security appliances need cryptographic responses within microseconds rather than the milliseconds typical of network-attached HSM communication. For these applications, the network round trip to an external HSM introduces unacceptable delay.

Embedded HSMs also address deployment scenarios where the cryptographic function is integral to a specific server or appliance rather than shared across the network. CA signing servers processing high volumes of certificate requests, or payment processing nodes handling transaction authentication, benefit from having the HSM co-located within the same server chassis.

What It Does

Luna PCIe HSM 7 provides the same FIPS 140-2/3 Level 3 validated key protection as its network-attached counterpart, but in an internal PCIe card that installs directly into the server’s expansion slot. By eliminating network communication between the application and the HSM, it delivers the lowest available latency for cryptographic operations.

The PCIe form factor supports the same range of cryptographic algorithms and the same firmware capabilities as the Luna Network HSM, including post-quantum mechanism support via functionality modules. It provides the same tamper-resistant key storage and hardware-enforced key management policies, ensuring that keys generated within the PCIe HSM never exist outside its protected boundary. Organisations can deploy Luna PCIe HSMs alongside Luna Network HSMs, using the embedded form factor for latency-sensitive applications whilst network-attached units serve general-purpose requirements.

How Unsung Helps

Unsung helps clients determine when an embedded PCIe HSM is appropriate for their performance requirements and implements Luna PCIe HSMs within server and appliance architectures. Our Hardware Security Modules service covers platform selection, installation, configuration, and integration with the target application, including CA platforms and purpose-built cryptographic systems.

Related Unsung Services

Hardware Security Modules — HSM platform selection, deployment, and application integration.

PKI Design & Build — CA and PKI implementation with embedded HSM key protection.

PKI Consultancy — Advisory on HSM form factor selection and performance architecture.

Contact us

Our team would love to hear from you.
0141 673 8416
info@unsungltd.com
Unsung Limited (Reg: 07100820),
Suite 181, 61 Praed Street, Paddington,
London, W2 1NS
Contact us
logo
Services
Insights
Contact us
Case Studies
About us
Careers
Privacy Policy