Product Update: SafeNet Crypto Command Center 3.0 Now GA
Crypto Resource Monitoring Release
SafeNet Crypto Command Center v 3.0 continues to focus on HSM ease-of-use with this latest release. Monitor crypto resources, generate dynamic reports, and always be up to date on the status of your HSM appliances. This convenient, centralized view across the device pools provides you with visibility into the status and health of your resources, and enables you to be proactive in dealing with challenges before they affect service level agreements. Specifically, as an administrator, you can now benefit from the following HSM-monitoring highlights:
1. Device / Service Status– quickly determine the health status of devices and services. At a glance, you are able to identify
• Devices/services that require attention, noted by a caution icon
• Critical device problems that prevent a device from servicing cryptographic requests, display an error icon
• Critical service problems - if any part of the device service is down, an error icon is displayed
• Devices / services functioning as expected display a check icon
2. HSM Performance – be proactive in making capacity planning decisions, or identify device issues before they become critical, with the following HSM performance data:
• Performance: intelligently determine what device pools can manage applications, depending on their high or low performance
• Utilization Percentage: identify when it’s time to increase HSM capacity; plan for future short- and long-term growth; and budget accordingly, with the overall rate of exploitation
• Operations per Second: keep track of the rate at which applications are consuming specific HSM resources at any given time
3. Hardware Information - track the status of various hardware device components:
• CPU Temperature displayed on a scale of 0 to 120 degrees Celsius
• Power Supply Temperatures displayed on a scale of 0 to 120 degrees Celsius
• CPU Voltage displayed on a scale of 0 to 4 Volts
• Power Supply Voltages displayed on a scale of 0 to 15 Volts
• Battery Voltage displayed on a scale of 0 to 4 Volts
• Fan Speeds displayed on a scale of 0 to 10,000 revolutions per minute
Free of Charge for Existing Customers
As an existing Premium customer, you able to take advantage of this new feature at no extra cost. Please contact your Gemalto representative for additional information.
SafeNet Crypto Command Center can manage PED- and password-authenticated SafeNet Luna Network HSM devices, versions 5.2, 5.3, 5.4, 6.1, 6.2, or 6.2.1 (6.x requires REST API). SafeNet Luna Network HSM version 7 support coming soon.
For additional information on this HSM-monitoring release, contact your Gemalto representative or download the product brief.
... read more »
Product Update: SafeNet Crypto Command Center 2.2.1 Now Available
SafeNet Crypto Command Center 2.2.1: Featuring Secure Trusted Channel (STC), as well as Oracle and Red Hat support
STC: Benefit from improved secure communication through STC links between managed SafeNet Luna Network HSM partitions (software version 6.2.1 or higher and firmware version 6.24.2 or higher) and crypto application servers. With STC, client access is limited to systems possessing a registered software or hardware token. STC secures messages using endpoint and message authentication, verification, and encryption. The HSM/client communication integrity is ensured with STC, even when those messages are sent over public, or otherwise unsecured networks.
Oracle: Version 2.2.1 now supports Oracle database for use by SafeNet Crypto Command Center, in addition to PostgreSQL.
Red Hat: SafeNet Crypto Command Center 2.2.1 now supports Red Hat Enterprise Linux (REHL) and its open source derivative CentOS.
For additional information contact your Gemalto Business Development representative.
... read more »
SafeNet Crypto Command Center version 2.1 now available
SafeNet Crypto Command Center version 2.1: Featuring crypto resource reporting, per partition security officer, and REST API for HSM management
We are excited to announce that SafeNet Crypto Command Center version 2.1 has now been released. Continuing our efforts to improve user experience and functionality, this latest version offers improved security, dynamic crypto resource reporting, quick set up, customer owned keys and partitions, and now integration with SafeNet Network HSM versions 6.1 and 6.2.
Crypto Resource Reporting
Dynamic reporting provides SafeNet Crypto Command Center administrators with crypto resource information that can be viewed, printed, or extracted to CSV for further analysis.
- Better high availability (HA) management: SafeNet Crypto Command Center provides dynamic HA member information, solving a lack of visibility as to where HA members are located. Additionally, when importing services, automatically detect which partitions should be grouped into a HA cluster.
- Improved client visibility: it is often difficult to determine which clients are associated with what services. SafeNet Crypto Command Center provides this information, reflecting changes as they are made in the system.
- Enhanced resource management: in the past, users had to search each individual device to obtain resource information, then record that data offline to make capacity-related decisions. SafeNet Crypto Command Center provides a central view of all resources, making it easy to decide where to deploy new services and plan for future growth.
- On-demand crypto resource reporting: Crypto as a Service administrators make frequent changes to crypto resources. As the number of resources grows, so does the complexity of keeping track of the device versions, software versions, device serial numbers, and partition-related information. Inaccurate or out-of-date information can reduce efficiencies and the administrator's effectiveness in managing crypto resources. With SafeNet Crypto Command Center users can obtain this information on demand.
Per Partition Security Officer (PPSO)
Assign a unique Security Officer for each HSM partition, streamline PED operations, and defer HSM initialization and activation.
- PPSO provides secure multitenancy by allowing multiple security officers to have comprehensive partition control on a single device, even in public cloud environments. Multitenancy leads to device sharing, economies of scale, and lower total cost of ownership.
- Service Providers can offer partitions as rentable services and guarantee customer-owned keys and partitions.
- Simplify complex activation and initialization processes with SafeNet Crypto Command Center wizards; and quickly set up a PPSO-type partition.
Support for SA REST API
SafeNet Crypto Command Center now uses the appliance’s REST API to communicate with the SafeNet Network HSM.
- REST API on the SafeNet Network HSM is versioned, providing a stronger upgrade path.
- API speeds up the interaction between SafeNet Crypto Command Center and the appliance.
- Improves security.
A reminder that you can try out SafeNet Command Center Freemium License – a free trial version designed for non-production environments.
For additional information please read through the SafeNet Crypto Command Center product brief or contact your Gemalto Sales Representative.
... read more »
SafeNet is now Gemalto. New Name, Same Commitment.
On January 8, 2015, SafeNet became part of Gemalto with the aim to become the world's leading vendor of solutions for protecting data, transactions, and identities as well as monetizing software. SafeNet is firmly integrated into the wider product Gemalto portfolio and its solutions for Enterprise Security and Software Monetization are now at the heart of our vision to bring trust to an increasingly connected world.
The Gemalto brand has evolved to include the SafeNet portfolio and has resulted in some important changes to the former SafeNet corporate branding. In brief, this means that the SafeNet name will now refer to a product offer while Gemalto will be used as the company brand. The most visible impact for you will be a phase out of the SafeNet company logo although the SafeNet and Sentinel names will still be used for our products.
FYI, all existing product names remain the same. Moving forward, with new product releases, we will be changing the names of some SafeNet/Gemalto product family names as outlined in the following link. These will be communicated as part of future product releases. Please note that the Ezio product family names are not planned to change in the near future.
... read more »
PRODUCT LAUNCH: SafeNet Crypto Command Center 2.0.1
SafeNet Crypto Command Center 2.0.1, Featuring Discovery and Service Management
SafeNet Crypto Command Center 2.0.1 is now available. This release continues to focus on cloud enablement and simplifying resource management for SafeNet Network HSMs. New features include:
• Discovery - of existing device crypto resources and partitions so that they can be managed by SafeNet Crypto Command Center.
• Service Management – customers now have the ability to assign a service to a different organization or owner, on the fly, eliminating the hassle of a change in ownership due to staff or departmental adjustments.
• Detaching Crypto Resources – in case of user error, this feature offers customers the ability to remove services from SafeNet Crypto Command Center while leaving HSM partitions intact. Customers then have the option to either reimport the crypto resources into SafeNet Crypto Command Center, or manage their HSMs using traditional methods.
To ease testing efforts, Gemalto offers a Freemium License so that you can sample first-hand what SafeNet Crypto Command Center has to offer.
Should you be interested in deploying or migrating to the fully loaded Premium version, visit our website or contact your Gemalto representative. Features and benefits can also be found in the SafeNet Crypto Command Center Product Brief.
... read more »
SafeNet Crypto Command Center 2.0 Product Launch
SafeNet Crypto Command Center 2.0 Product Launch
Featuring New User Experience and CloudHSM
We are excited to announce the launch of SafeNet Crypto Command Center 2.0, providing centralized crypto resource management of your SafeNet Hardware Security Modules (HSM) and securely reducing IT infrastructure costs on-premises, cloud, hybrid or virtual environments.
In addition to a new and improved user experience, SafeNet Crypto Command Center 2.0 can now manage your crypto resources in private and public (AWS) clouds. Enterprise and service provider IT security departments can quickly and securely expand crypto management capabilities and streamline their infrastructure. This is the market's first solution to fully exploit the benefits of virtualization including reduced costs and innovation, by provisioning SafeNet HSMs without compromising security or compliance. Network attached HSMs can be partitioned in a manner that makes a single appliance behave as if it is many appliances with cryptographic keys kept secure from other partitions. The result is that a single appliance can serve many lines of businesses and applications at once, while the keys and ultimately data always remain in the control of their rightful owner, even in multi-tenant environments.
Together SafeNet Crypto Command Center and SafeNet HSMs combine to form one complete, centralized solution for the management of your crypto HSM resources – a crypto hypervisor. Deliver on-demand, elastic key vaulting and encryption services for data protection in minutes instead of days.
In order for you to experience the benefits first hand and to facilitate testing, we have introduced a Freemium trial edition in addition to the full-production Premium version. See how you too can benefit from SafeNet Crypto Command Center by testing out the Freemium license in a non-production environment.
SafeNet Crypto Command Center 2.0 Benefits:
- More Use Cases
- Encryption as a Service / Hosted Service Provider Support: Securely manage crypto resources for a variety of organizations, departments and customers using the same SafeNet Crypto Command Center infrastructure. Multi-tenancy concerns around role separation and crypto isolation are addressed providing efficiency, stability and reduced downtime.
- Scalability and Lower Total Cost of Ownership– Dynamically spin up and down crypto resources, scaling your solution to meet current and future business requirements as demands increase and decrease. Highly scalable to manage 1 to 1000s of Luna HSMs.
- Route to cloud – For the first time, high assurance encryption services fit the cloud operations model, providing full control of crypto resources for data center consolidation and cloud migration. Support is offered for virtual appliances through a cloud HSM on AWS.
- Single, centralized platform - Improve operational efficiencies and ensure business continuity through the management and monitoring of one to thousands of SafeNet HSMs from one centralized location, in minutes not hours. Easily configured for High Availability (HA).
- Enhanced Security - Crypto templates contribute to the standardization of compliance driven policies, ease of use and automation, significantly reducing the risk of errors and gaps in your security. Additionally, increase the robustness of your solution through granular separation of duties so only application owners can see the crypto resources associated with their own environment.
Available SafeNet Crypto Command Center Products:
Gemalto offers 2 licensing options:
- SafeNet Crypto Command Center Premium License: The Premium edition is a fully-loaded version that provides the following capabilities:
- Provision an unlimited number of crypto services (partitions)
- Manage an unlimited number of devices
- Run SafeNet Crypto Command Center is a virtual environment
- Manage HSMs in the cloud (integrated with AWS CloudHSM)
- Internal or external database configuration
- Suitable for both test and production environments
- Customer support and service plan included
- High Availability (HA) configurations
The Premium license offers flexibility with the following procurement options:
- CapEx: perpetual license
- OpEx: annual subscription license
2. SafeNet Crypto Command Center Freemium License: To ease testing efforts, Gemalto offers a free trial version so that you can sample first-hand what SafeNet Crypto Command Center 2.0 has to offer. Note that Freemium crypto services can only be created in a non-production environment and cannot be migrated to the Premium version.
Ordering & Migration Instructions
SafeNet Crypto Command Center versions 1.0 and 1.1 will no longer be supported. Existing SafeNet Luna SA 5.x customers can migrate from SafeNet Crypto Command Center v1.x as follows:
Legacy Part #
Part # Description
New Part #
SafeNet Crypto Command Center SW 1.0
SafeNet Crypto Command Center SW 2.0
Premium SafeNet Crypto Command Center v2.0
Freemium SafeNet Crypto Command Center v2.0
License, SafeNet Crypto Command Center Provisioned Service
License, Perpetual, SafeNet Crypto Command Center Provisioned Service
Perpetual provisioned license for SafeNet Crypto Command Center v2.0
Subscription Service, SafeNet Crypto Command Center, Plus Support
Plus support for SafeNet Crypto Command Center v2.0
Subscription Service, SafeNet Crypto Command Center, Extended Support
Extended Support for SafeNet Crypto Command Center v2.0
Migration Tools & Documentation
To ease your migration efforts, the following documents are available in the Service Portal guiding customers in the migration from SafeNet Crypto Command Center 1.x to 2.0:
#007-013034-001: Technical Note, Upgrade CRYPTO CMD CTR to V2.0
#007-013030-001: Technical Note, Installing and Configuring the Freemium VM Image,
CRYPTO CMD CTR, v2
Furthermore a root of trust migration tool is also available, automating specific aspects of the migration process:
#610-012924-001: CCC 1.x to 2.0 Root of Trust Migration Tool
SafeNet Crypto Command Center supports the following versions of SafeNet Luna SA HSM: v 5.2, 5.3 and 5.4. Additional versions will be supported with the next release scheduled for Q4/2015.
Please contact your SafeNet Sales representative or the Gemalto Support Team for additional product and migration information.
... read more »
SSL v3.0 Vulnerability (CVE-2014-3566)
Many products implementing TLS-based services allow for fallback to SSL v3.0 for compatibility reasons. CVE-2014-3566, published 14 October 2014, identified a vulnerability that could expose systems to man-in-the-middle attacks when such fallback is permitted. Details can be found at: CVE-2014-3566.
Exploitation of this vulnerability would require a sophisticated attacker to have access to the network and defeat other protection offered by SafeNet products and our customers. SafeNet has conducted an assessment of products and concluded that the risk of compromise from this vulnerability is extremely unlikely. Please see SafeNet Customer Portal for additional information.
... read more »
Welcome to Our Technical Updates Blog
Welcome to our new blog, Data Protection Technical Updates. Check this site often for information on new product releases, enhancements, patches, and more. Subscribe to our RSS feed or email service to make sure you don't miss any of the data protection updates for your product(s) of interest.
... read more »
Select a product category:
Subscribe by email
SafeNet Authentication Service PCE/SPE 3.7 Revised Release – Release Announcement
Alexis Horn | November 16, 2017, 10:22 am
IDGo 800 Minidriver v1.2.10 - Release Announcement
Lorna Ayoun-Berdugo | November 13, 2017, 11:25 am
SafeNet Authentication Service Agent for Remote Desktop Web Access (RDWeb) 1.1.0 & SafeNet Authentication Service TLS 1.2 support for Microsoft Java API Agent v1.2.0 – Release Announcement
Lorna Ayoun-Berdugo | November 13, 2017, 01:24 am
New Product Release: SafeNet ProtectV 4.3
ahanway | November 9, 2017, 12:03 pm
SafeNet Trusted Access – Continuous Delivery – Release Announcement
Alexis Horn | November 6, 2017, 12:43 am