Cavium’s LiquidSecurity® HSM Enables Hybrid Cloud Users to Synchronize Keys Between AWS
CloudHSM and Private Clouds
Scale Applications and Backup Keys Between AWS
CloudHSM and Private Cloud
Cavium™, Inc. (NASDAQ: CAVM), a leading provider of products that
enable secure and intelligent processing for enterprise, data center,
wired and wireless networking, today announced that its LiquidSecurity
140-2 Level 3 FIPS certified appliance enables seamless key backup and
application scaling with AWS CloudHSM FIPS 140-2 Level 3 service.
Customers can deploy LiquidSecurity HSMs on-premises or in a private
data center, create a backup from a managed HSM instance in the cloud,
and restore the backup to their on-premises HSM. While the cloud vendor
can take backups of customer HSMs, enterprises with escrow needs will
benefit from the ability to securely transfer and retain access to their
keys within a FIPS boundary. Customers can also utilize this feature to
scale in a hybrid cloud environment.
Cavum’s
LiquidSecurity HSM family provides high-performance FIPS 140-2 level 3
HSMs that are run-time partitioned for elastic use on the cloud. It
addresses high performance, key management and administration
requirements for symmetric and asymmetric keys. It also addresses
elastic performance per virtual/network domain for cloud environments,
allowing enterprises to migrate on-premises workloads subject to
compliance regulations or with stringent security requirements to the
cloud. Examples include SaaS applications, e-commerce payment systems
and Enterprise, Banking and Government security applications. SaaS
applications, which rely on this product family include Key Management
as-a-Service, Database as-a-Service, Crypto as-a-Service, Secure DNS,
Virtual Private Clouds, and payment systems.
Market Dynamics for Cloud Transaction Security
Cavium
has observed two major trends driving the requirements for FIPS-based
transaction security in cloud data centers. First, e-commerce,
healthcare and government applications, which traditionally used
FIPS-level security in private data centers, are migrating to a
virtualized/SDN-capable, multi-domain cloud infrastructure. They need a
secure and elastic FIPS solution as they migrate to the cloud.
Second,
enterprise applications that have utilized private keys -- but did not
require FIPS-based security because they were deployed in private data
centers -- are migrating to the cloud as well. They now require
FIPS-level security for the private keys with high key operation
performance in a cloud environment. Hardware security modules are used
as the root of trust for these sensitive workloads. To date, end users
have been challenged to find an HSM that meets both security
requirements such as FIPS 140-2 Level 3 validation, as well as usability
requirements such as elasticity and high transactions per second.
Most
enterprises can now utilize fully-managed HSMs on the cloud to meet
these objectives with lower cost and reduced latency. Some of these
end-users also require the additional comfort and reliability of
on-premises backups. In addition to disaster recovery, this also ensures
enterprises have flexibility in moving between different IaaS
providers. The LiquidSecurity solution, by cloning on-premises HSMs to
AWS CloudHSM including users and keys, allows enterprises to do just
that.
Cavium caters to the changing needs of its
enterprise customers, who require secure and authenticated deployments
on the cloud, through its high performance FIPS 140-2 validated solution
with storage for large number of keys, flexible support for large
number of domains, ease of management and migration, and high bandwidth
connectivity with SDN features.
“Cavium’s
LiquidSecurity HSM family was designed from the ground up for the cloud
and is a proven solution to address the performance, cost, multi-domain
and feature requirements of this market. We are excited to extend this
product family to provide local backup and dynamic restore capability
for customers,” said Rajneesh Gaur, Vice President and General Manager
at Cavium.
Source: Cavium media announcement