ADC

Support for Thales Luna Network hardware security module

A non-FIPS NetScaler appliance stores the server’s private key on the hard disk. On a FIPS appliance, the key is stored in a cryptographic module known as a hardware security module (HSM). Storing a key in the HSM protects it from physical and software attacks. In addition, the keys are encrypted with special FIPS approved ciphers.

Only the NetScaler MPX/SDX 14000 FIPS appliances support a FIPS card. Support for FIPS is not available on other MPX/SDX appliances, or on the NetScaler VPX appliances. This limitation is addressed by supporting a Thales Luna network HSM on all NetScaler MPX, SDX, and VPX appliances except the MPX/SDX 14000 FIPS appliances.

Note

Support for the appliances listed in Support for Intel Coleto and Intel Lewisburg SSL chip-based platforms is available in release 13.1 build 33.x and later.

A Thales Luna network HSM is designed to protect critical cryptographic keys and to accelerate sensitive cryptographic operations across a wide range of security applications.

Supported versions matrix

NetScaler Version Software Appliance Version Firmware Version Client Version
11.1, 12.0, 12.1 5.2.3-1 6.2.1 6.0.0
11.1, 12.0, 12.1 6.2.2-5 6.10.9 6.2.2
13.0 7.2.0-220 7.0.3 7.2.2 (7.2.0-220)
13.1 7.2.0-220 7.0.3 10.3.0
Support for Thales Luna Network hardware security module