Back to articles
Back to Index

Posted on 12 July 2023 by in Luna HSM, ProtectServer HSM

 

Thales ProtectServer 3 HSMs – PTK 7.3.0/FW 7.03.00 now available

We are pleased to share that ProtectToolkit (PTK) 7.3.0/FW 7.03.00 is now available. With this release, ProtectServer 3 HSMs are transitioning from FIPS 140-2 to FIPS 140-3 compliance. FIPS 140-3 Level 3 validation is still pending; however, with the new firmware version 7.03.00 and onwards, ProtectServer 3 HSMs will conform with the new FIPS 140-3 Level 3 standards.

Thales highly recommends reading the release advisory notes before upgrading to firmware 7.03.00 or newer. Firmware versions older than 7.03.00 remain compliant with FIPS 140-2 Level 3 standards, with firmware version 7.01.02 being the latest FIPS 140-2 Level 3 validated.

New Features and Enhancements

PTK 7.3.0/FW 7.03.00 release introduces several new features and resolves various known issues:

  • FIPS 140-3 Level 3 Compliance: With PTK 7.3.0 release, ProtectServer 3 HSMs now conform with FIPS 140-3 Level 3 standards (validation is pending and in-progress). Few noticeable changes amongst others being – modifications to the minimum length of user PINs and modifications made to various pkcs#11 mechanisms when operating in FIPS mode.
  • HSM factory reset capability: ProtectServer 3 HSMs can now be reset to factory settings, erasing all cryptographic objects, ProtectServer identity keys and certificates, and functionality modules (FMs).
  • Periodic and on-demand Self Tests:  ProtectServer 3 HSMs now run self-tests periodically without any user intervention and self-tests can also be run on-demand using external triggers.
  • New method of admin account recovery: ProtectServer 3 Network HSM Appliance Software version 7.3.0 introduces a new method of recovering the admin account in case of a lockout.
  • Enhanced network interface bonding: Network interface bonding feature on the ProtectServer 3+ External HSM has been improved to allow two simultaneous network bonding interfaces.
  • Operating System Support: SUSE Linux Enterprise Server (SLES) 15 SP4 is now supported.

For the full details on this release including advisory notes, features, upgrade instructions, resolved and known issues, please see the customer release notes available on Thales Docs.

PTK 7.3.0/FW 7.03.00 can be downloaded from the Thales Support Portal under Knowledge Base Article # KB0027502.

About FIPS/NIST

FIPS 140-3 is an updated Federal Information Processing Standard (FIPS), which was approved by the Secretary of Commerce in March of 2019. It defines a new security standard to accredit cryptographic modules, set out by the National Institute of Standards and Technology (NIST). To learn more, visit NIST Publication for FIPS 140-3 and  FIPS-140 3 Standard (thalesgroup.com).

Quick Links: