Luna as a Service – FedRAMP® High Authorized Cloud HSM Delivered Through AuthentX Cloud
Thales Trusted Cyber Technologies’ (TCT) flagship Luna T-Series Network Hardware Security Module (HSM) is now available as a cloud HSM, Luna as a Service, delivered through XTec’s FedRAMP High authorized AuthentX Cloud. Thales TCT’s Luna T-Series Network HSM is the choice for government agencies when generating, storing, protecting, and managing cryptographic keys used to secure sensitive data and critical applications. Meeting government mandates for U.S. Supply Chain, the high assurance, tamper-resistant Luna T-Series HSM is designed, developed, manufactured, and supported in the United States by Thales TCT. The Luna T-Series HSM addresses government compliance requirements with a FIPS 140 Level 3 certification and CNSS approval for use in National Security Systems PKI.
Luna as a Service extends the capabilities of the traditional Luna T-Series HSM appliance which is widely-deployed throughout the U.S. Federal Government. Luna as a Service provides three FedRAMP High authorized service offerings, supported by Thales TCT in the United States in partnership with XTec.
Luna as a Service Options
Luna as a Service is available as either a dedicated HSM, managed HSM, or credential system service. All options offer agencies the features and security of an on-premises HSM with the convenience of a cloud HSM service.
Luna as a Service Dedicated HSM
The Luna as a Service Dedicated HSM provides agencies full cryptographic control of the entire HSM without the administrative burden and up-front costs of deploying an on-premises HSM. Offered with either five or twenty cryptographic partitions, the Luna as a Service Dedicated HSM can accommodate multiple applications and enterprise use cases.
Luna as a Service Managed HSM
The Luna as a Service Managed HSM provides agencies HSM cryptographic capabilities in a scalable, cost-effective model. With capacity for hundreds of objects, the Luna as a Service Managed HSM supports a wide range of integrations while maintaining security and compliance requirements. Administrative tasks such as provisioning, configuring, monitoring, and patching are all performed by U.S.-based Luna as a Service engineers. The Luna as a Service Managed HSM includes access to high availability operations and secure cryptographic object replication across HSMs located in three geographically separated cloud regions.
Luna as a Service Credential System
The Luna as a Service Credential System provides agencies a cloud service model of Thales TCT’s Luna Credential System (LCS). LCS offers a new approach to multi-factor authentication by maintaining user credentials in a centralized hardware device that is securely accessible through the cloud service by endpoints in a distributed network. It unites the familiarity of certificate-based authentication with the security of a FIPS 140 Level 3 certified HSM, supporting a number of use cases including Windows Logon and authentication to PK-enabled applications and websites. LCS is a multi-purpose, secure credential system ideally suited for an environment in which the endpoints or users, like RPA bots or other non-person entities, cannot use a traditional authentication token.
XTec AuthentX Cloud
Thales TCT has partnered with XTec to deliver Luna as a Service to U.S. Federal Government agencies. Luna as a Service is provided through XTec’s FedRAMP High AuthentX Cloud Software as a Service platform. Customers benefit from XTec’s full time maintenance and support for services that reduce overhead and the burden within your agency. AuthentX Cloud is housed across three geographically separated facilities within the U.S.
About XTec
XTec offers enterprise solutions for identity, credential and access management programs on a wide scale for various industries. XTec supplies similar security solutions for over 85 federal agencies, banking and financial institutions, state and local governments as well as healthcare providers and is a leader in secure, interoperable authentication and verification systems. XTec develops, produces and licenses Authentication, Validation, and Authorization solutions for enterprise-level security on information systems and electronic commerce for a wide range of government and commercial uses.
XTec’s focus is providing a secure foundation from which customers can build secure enterprise Web-based applications and cryptographic systems. XTec is a leading solutions provider for smart card-based identity and access management and is recognized as a leader in both government and commercial circles for its expertise and products for credentialing, identity, secure payment and access control.
Cloud deployment model flexibility
- Easily integrate with your cloud and IT services supporting a broad integration ecosystem
- Zero upfront capital investment and pay-as-you go pricing
- Focus on your mission, not managing hardware
- High availability included in service offering
- Supports agency Cloud Smart initiatives
Security and Compliance
- Address compliance requirements with FIPS 140 Level 3 and CNSS Approval
- Keys and certificates automatically generated and stored in hardware and accessible through the cloud
- FedRAMP High authorized
- Accelerate adoption of requirements in Executive Order 14028 and National Security Memorandum 8
Industry leading performance & security
- Industry leading cryptographic performance
- Performance optimized for government mandated algorithms and key lengths
- Crypto agile architecture supports in-field introduction of new post-quantum crypto algorithms
Security first providers based in the U.S.
- All employees are U.S. citizens
- All data centers located in U.S.
- All development in the U.S.
- All support requests answered from U.S. (no outsourcing or foreign call centers)
