Guardian Series 3
Cryptographic infrastructure management
Centralize, customize, automate
The cornerstone of enterprise cryptographic management
The Guardian Series 3 is a cryptographic infrastructure management device. Using the Guardian’s web-based dashboard, users can easily group Futurex devices into multiple clusters and manage them remotely. The device also features native integration with Futurex’s VirtuCrypt cloud, allowing users to manage cloud HSMs as well as on-premises HSMs. With fully customizable settings, seamless peering, centralized audit logging, and a user-friendly GUI, the Guardian Series 3 gets rid of in-person visits to data centers while streamlining enterprise HSM management.
Centralized configuration
- Define device clusters
- Assign new HSMs to clusters to increase scalability
- Apply changes to multiple clusters at once
- Remotely manage devices both on-premises and in the cloud
Object / key referencing
- Directly integrate HSMs and key management servers
- Encryption objects included in API calls
- Reduce processing overhead and application integration effort
Cryptographic orchestration
- Create a shared cryptographic resource pool
- Consolidate cryptographic resources in one infrastructure
- Distribute HSM services across enterprise
- Deploy service-based cryptographic architecture
Custom monitoring and alerting
- Granular monitoring parameters: temperature, access attempts, command counts, and more.
- User-defined alert outputs
- SMTP, SMS, and SNMP log outputs
- SIEM integration
High availability and disaster recovery
- Automated load balancing with zero downtime
- Multi-site automated failover
- Security profiles between multiple sites
- Establish redundancy and disaster recovery
Abstraction layer
The Guardian is an abstraction layer: the intermediary between applications and devices. In this capacity it handles load balancing, object caching, key referencing, and disaster recovery.
Out of band management
Some organizations must connect their host applications to Futurex HSMs directly. They can use the Guardian Series 3 to manage the HSM separately from the host application.
Flexible service models
Whether you use the Guardian Series 3 as an abstraction layer or for out of band management, you gain access to monitoring and alerting, centralized configuration, and much more.
Why use the Guardian Series 3?
The Guardian Series 3 provides advantages that are unique to Futurex technology. Its intuitive, web-based interface allows users to operate it from any location; it contains a high-performance HSM to perform cryptographic operations; it also serves as a centralized audit log repository for connected devices. All without the need for in-person management.
Click diagram to enlarge
Virtual HSM orchestration
Cluster HSMs deployed on-premises or in the cloud into user-defined groups, with customizable management settings.
Device peering algorithm
Automatically share data between your connected devices across multiple data centers and cloud environments.
Hybrid environments
Manage and load balance on-premises HSMs and cloud HSMs or transition to fully managed cloud infrastructure.
Native VirtuCrypt integration
Seamlessly manage and integrate with VirtuCrypt cloud services to support on-premises cryptographic processing.
Audit log repository
Consolidate data logs from all connected devices in one central location with automatic distribution functionality.
High availability and disaster recovery
Easily set up active-active, high-availability clusters of Futurex devices, including off-site failover configuration.
Centralized cryptographic management for Futurex products
Single-pane-of-glass management, visibility, and orchestration of an organization’s entire ecosystem
Excrypt Series
Payment + GP HSM
Vectera Plus
General purpose + Payment HSM
KMES Series 3
Key management
SKI Series 3
Key injection
Guardian Series 3 specifications
Hardware features
- Dual control-enabled, tamper-responsive
- Smart card reader for M-of-N key fragmentation and dual-factor authentication
- Dual, redundant gigabit Ethernet ports
- Dual, redundant, hot-swappable power supplies
- Automated, internal RAID-based backup of object management applications and databases
Operating conditions
- Power: 100 – 240 VAC 50/60 Hz. 225 Watts
- Operating temp: -40° to 140°F (-40° to 60°C)
- Storage temp: -40° to 140°F (-40° to 60°C)
- Operating humidity: 20% to 80% non-condensing
- Storage humidity: 5% to 95% non-condensing
Dimensions and weight
- Weight: 40.5 lbs (18.4 kg)
- Width: 19 inches (48.3 cm)
- Height: 2U – 3.47 inches (8.81 cm)
- Depth: 22.3 inches (56.7 cm)
Powering the VirtuCrypt cloud
VirtuCrypt management services are backed by the Guardian Series 3 with hardened, FIPS 140-2 Level 3 validated technology. Whether an organization requires complete infrastructure management or simply more functionality for existing Futurex infrastructure, VirtuCrypt offers a variety of service structures designed to meet security requirements.
Industry compliance standards
- FIPS 140-2 Level 3 Compliant
- ANSI X9.24 Part 1 and Part 2—TR-39
- Payment Card Industry Data Security Standard (PCI DSS)
- RoHS
- FCC Part 15 – Class B
Centralized management capabilities
- Master Key loading
- User and permissions administration
- Log management and audit reporting
- Firmware distribution and installation
- Synchronization of keys, certificates, and configuration settings across multiple client devices
Alerting and notification formats
- Simple Mail Transfer Protocol (SMTP)
- Simple Network Management Protocol (SNMP)
- Short Message Service (SMS)
- Syslog
Frequently asked questions
[ultimate-faqs include_category= “guardian”]
