So I just finished up a day of HSM (Hardware Security Module) training using the SafeNET HSMs (Luna) delivered by Bob Woodard, and Skip Norton. All I can say is wow! These HSMs are very cool. The initial setup takes a little bit of time (well for someone who has never done it anyways), but all you really need to do is follow the setup doc step-by-step, and your good to go. Once they are setup, my initial assesment is that they are extremely easy to use.
The coolest part is that all of the keys are stored on the device, so there isn’t any bulky key exporting steps that need to happen when you join machines to your RMS cluster. It’s FIPS certified, extremely secure, and well, just a cool new toy to play with.
I didn’t previously have alot of hands-on experience with HSMs, so I’m really looking forward to digging into this thing and seeing what is fully capable of.
I’m actually going to start playing with WS08 RMS v2, and this device to see how they all work and play together.
I’ll post more about my SafeNET HSM experience soon.
This is the device we have in our lab (the skinny model).