Support for Thales Luna Network hardware security module
A non-FIPS Citrix ADC appliance stores the server’s private key on the hard disk. On a FIPS appliance, the key is stored in a cryptographic module known as a hardware security module (HSM). Storing a key in the HSM protects it from physical and software attacks. In addition, the keys are encrypted with special FIPS approved ciphers.
Only the Citrix ADC MPX/SDX 14000 FIPS appliances support a FIPS card. Support for FIPS is not available on other MPX/SDX appliances, or on the Citrix ADC VPX appliances. This limitation is addressed by supporting a Thales Luna network HSM on all Citrix ADC MPX, SDX, and VPX appliances except the MPX/SDX 14000 FIPS appliances.
Support for the appliances listed in Support for Intel Coleto and Intel Lewisburg SSL chip-based platforms is available in release 13.1 build 33.x and later.
A Thales Luna network HSM is designed to protect critical cryptographic keys and to accelerate sensitive cryptographic operations across a wide range of security applications.
Supported versions matrix
|Citrix ADC Version||Software Appliance Version||Firmware Version||Client Version|
|11.1, 12.0, 12.1||5.2.3-1||6.2.1||6.0.0|
|11.1, 12.0, 12.1||6.2.2-5||6.10.9||6.2.2|