KeySafe 5 v1.0 Installation Guide

KeySafe 5 provides a centralised means to securely manage a distributed nShield HSM estate, including the management and creation of Security Worlds and associated resources (Softcards & Card Sets).

KeySafe 5 provides this capability in two forms: HTTP REST APIs for HSM Management and Security World management, and a graphical user interface. Only authenticated clients are permitted access to the service, providing assurance that your HSM and Security World data remain usable only by clients that are permitted access.

Typical KeySafe 5 deployment:

keysafe5 architecture

The main central management platform of KeySafe 5 is deployed as a Kubernetes application. For each nShield client machine that you want to manage using this platform, you must install a KeySafe 5 agent binary alongside the existing nShield hardserver.