Keysafe 5 provides a centralized means to securely manage a distributed nShield HSM estate, including the creation and management of Security Worlds and associated resources (Softcards & Card Sets).

Keysafe 5 provides this capability in two forms: HTTP REST APIs for HSM Management and Security World management, and a graphical user interface. Only authenticated clients are permitted access to the service, providing assurance that your HSM and Security World data remain usable only by clients that are permitted access.

Typical Keysafe 5 deployment:

keysafe5 deployment

The main central management platform of Keysafe 5 is deployed as either a Kubernetes application or as a cluster of Virtual Machines (VMs). For each nShield client machine that you want to manage using this platform, you must install a Keysafe 5 agent binary alongside the existing nShield hardserver.