ADC

Support for Thales Luna Network hardware security module

A non-FIPS NetScaler appliance stores the server’s private key on the hard disk. On a FIPS appliance, the key is stored in a cryptographic module known as a hardware security module (HSM). Storing a key in the HSM protects it from physical and software attacks. In addition, the keys are encrypted with special FIPS approved ciphers.

Only the NetScaler MPX and NetScaler SDX 14000 FIPS appliances support a FIPS card. Support for FIPS card is not available on other NetScaler MPX/NetScaler SDX appliances, or on NetScaler VPX. This limitation is addressed by supporting a Thales Luna network HSM on all NetScaler VPX, NetScaler MPX, NetScaler SDX appliances, and NetScaler MPX/NetScaler VPX FIPS certified platforms except the NetScaler MPX and NetScaler SDX 14000 FIPS appliances.

Note

Support for the appliances listed in Support for Intel Coleto and Intel Lewisburg SSL chip-based platforms is available in release 13.1 build 33.x and later.

A Thales Luna network HSM is designed to protect critical cryptographic keys and to accelerate sensitive cryptographic operations across a wide range of security applications.

Supported versions matrix

NetScaler Version Software Appliance Version Firmware Version Client Version
11.1, 12.0, 12.1 5.2.3-1 6.2.1 6.0.0
11.1, 12.0, 12.1 6.2.2-5 6.10.9 6.2.2
13.0 7.2.0-220 7.0.3 7.2.2 (7.2.0-220)
13.1 7.2.0-220 7.0.3 10.3.0
14.1 7.2.0-220 7.0.3 10.3.0
Support for Thales Luna Network hardware security module