Luna General Purpose HSMs

Thales is the leading provider of general purpose hardware security modules (HSMs) worldwide. Our Thales Luna HSM product family represents the highest-performing, most secure, and easiest-to-integrate HSM solution available on the market today.

Luna HSMs are purposefully designed to provide a balance of security, high performance, and usability that makes them an ideal choice for enterprise, financial, and government organizations.

Wider range of cost, performance and form-factors available:

Luna Network HSM

A network-attached hardware security module, provides high assurance protection for encryption keys used by applications in on-premise, virtual, and cloud environments.


An embedded PCI-E hardware security module, provides cryptographic acceleration and high-assurance protection for encryption keys and is widely used by governments, financial institutions, and large enterprises.


Luna USB HSM delivers industry leading key management in a portable appliance. The USB form factor makes this HSM an ideal option for offline key storage.

Also there are additional accessories for them:

Luna Backup HSM Solutions

Thales offers flexible options to help maintain business continuity, with offline backup HSM and cloud backup HSM solutions that follow security best practices by maintaining keys in hardware throughout their lifecycle, protecting those keys even when not in use and reducing the attack surface.

Crypto Command Center

With Crypto Command Center, organizations can establish centralized, HSM-as-a-Service deployments that leverage Thales's market leading Luna Network HSM.

Luna HSM Features & Benefits:

  • Defense in Depth: Keys in Hardware

Cryptography is only as strong as the security afforded to your cryptographic keys. Luna HSMs are designed with the highest key security in mind.

With our unique keys-in-hardware approach, cryptographic keys are securely isolated inside the tamper-resistant hardware of the HSM. Applications communicate with the keys stored in the Luna HSM via a client – but keys never leave the HSM.


  • Flexibility for the Next Generation of PKI

With an unparalleled combination of features—including central key and policy management, robust encryption support, flexible integration, and more – Luna Hardware Security Modules enable organizations to guard against evolving threats and capitalize on the emerging opportunities presented in technological advances.


  • Secure Remote Management and Activation

Today, organizations depend on IT infrastructure that is spread across the globe. Activating, managing and administering HSMs across many decentralized data centers could be a time consuming and costly process.

With Thales’s two-factor authenticated Remote PIN Entry Device (PED), Luna HSMs can be securely managed and administered remotely. Luna HSMs also benefit from secure transport mode, a feature which allows HSMs to be placed in a locked state to ensure key material is secure and untampered as it travels to a data center or remote office.


  • FIPS 140-2, Common Criteria and eIDAS Validation

Achieving FIPS and Common Criteria certification can be a lengthy process for each product certified. As our sole focus is security, we make third-party certifications a priority.

Our team has years of experience in designing products that adhere to FIPS 140-2 and Common Criteria. Our Luna HSMs are certified to FIPS 140-2 (Level 2 and 3) and Common Criteria EAL 4+. as follows:

Thales Luna HSM 7

Thales Luna HSM 7 (PCIe and Network) FIPS 140-2 Level 3 – password and multi-factor (PED)
Thales Luna HSM (PCIe and Network) – remote Qualified Electronic Signature resp. Seal Creation Device (QSCD) – for eIDAS compliance

Thales Luna HSM 6

Thales Luna HSM 6 (PCIe and Network) 140-2 Level 2 NIST Certificate #3208
Thales Luna HSM 6 (PCIe and Network) 140-2 Level 3 NIST Certificate #3268
Thales Luna HSM 6 (PCI-E Cryptographic Module 6.10.9 when embedded within a Thales Luna Network HSM 6) – OCSI QSigCD) and QSealCD for remote digital signature use cases.
Certificate of Attestation of Conformity
Thales Luna HSM 6 (PCI-E Cryptographic Module 6.10.9 when embedded within a Thales Luna Network HSM 5/6) – QsigCD and QSealCD for remote digital signature use cases
Certificate Direct
EU Commission Published List of QSCD approved devices