Hardware Security Module Provider Settings

To configure a Hardware Security Module (HSM) on the firewall, edit the Hardware Security Module Provider settings:
Hardware Security Module Provider Settings
Description
Provider Configured
Select the HSM vendor:
  • None—By default, the firewall does not connect to any HSM.
  • SafeNet Network HSM
  • Thales nShield Connect
The HSM server version must be compatible with the HSM client version TechDocs_logo_cropped.png on the firewall.
Module Name
Specify a module name for the HSM. This can be any ASCII string up to 31 characters long. Create multiple module names if you are configuring a high availability HSM configuration.
Server Address
Specify an IPv4 address for any HSM modules you are configuring.
High Availability
(SafeNet Network only)
Select this option if you are configuring the HSM modules in a high availability configuration. The module name and server address of each HSM module must be configured.
Auto Recovery Retry
(SafeNet Network only)
Specify the number of times that the firewall will try to recover its connection to an HSM before failing over to another HSM in an HSM high availability configuration (range is 0 to 500).
High Availability Group Name.
(SafeNet Network only)
Specify a group name to be used for the HSM high availability group. This name is used internally by the firewall. It can be any ASCII string up to 31 characters long.
Remote Filesystem Address
(Thales nShield Connect Only)
Configure the IPv4 address of the remote file system used in the Thales nShield Connect HSM configuration.

Related Documentation