The Primus E-Series HSMs are the ideal solution for small, cost sensitive system without sacrificing functionality nor usability. Often used to replace cumbersome PCI-e card HSMs it offers high performance at an outstanding price. It is available in three performance classes (E20/E60/E150) and an upgrade to the higher performance X-Series is always possible. Connecting the devices to existing systems is just as easy as commissioning. Easy to setup, configure and maintain, the E-Series can be optionally controlled with our remote access device Decanus.
The devices of the E-Series are very versatile. Built as network appliances, they lack the disadvantages of PCIe-based solutions. They are not dependent on the software version of PCIe host systems and the host system itself, which cannot be virtualized. The E-Series is ideally suited to secure financial transactions such as EBICS, access to the cloud (CASB), key management in the PKI environment, or to protect blockchain systems.
Another important application is the storage of keys for document signing.
Keys for document signing must be securely stored for legally effective verification. The electronic seal has a high evidential value in Europe through the eIDAS Ordinance and in Switzerland through the Federal Act on the Electronic Signature (ZertES). (This solution is also available As-a-Service)
The devices generate and store encryption keys and manage the distribution of these keys. Besides key management, they also perform authentication and encryption tasks. Multiple Primus HSMs can be grouped together to support redundancy and load balancing. Each Primus HSM can also be partitioned for multiple users (multi-tenancy). Primus supports symmetric (AES, 3DES), asymmetric (RSA, ECC, Diffie-Hellman), and cryptographic hash algorithms (SHA-2, SHA-3). They can be seamlessly and easily integrated into any network environment.
The E-Series is available in various performance classes: E20, E60 and E150 (E20 und E60 devices are “Field-upgradeable). It can be configured via the serial port or over the network with our Decanus remote terminal.
Primus HSM offers a wide range of APIs for their integration. The APIs are either offered natively by the HSM or via a software layer. Securosys offers API providers (client API software / libraries) that are installed on the application server and ensure secure communication with the HSM and provide automatic failover and load balancing, optionally based on priority classes.
Clients are free to choose the API that best suits their requirements:
Security Architecture
Encryption / Authentication
Key Generation
Key Management
Operation
Anti Tampering Mechanisms
Attestation and Audit Features
Cryptographic evidence of audit relevant parameters (keys, configuration, hardware, states, logs, time-stamping)
Identity Based Authentication
Software Integration
Networking
Interface bonding (LACP or active/backup)
Monitoring and log streaming (SNMPv2, syslog/TSL)
Active clustering of multiple units for load-balancing and fail-over
Device Management
Performance (transactions per second)
RSA 4096 | ECC 256 | ECC 521 | AES 256 | |
E150 | 200 | 1500 | 300 | 600 |
E60 | 60 | 700 | 120 | 600 |
E20 | 20 | 350 | 60 | 200 |
Power
Interfaces
Controls
Environmental Test Specifications
Specifications
Certification
Please find here our products overview or solutions overview page.