CryptoServer is the Utimaco family of general-purpose hardware security modules (HSMs), i.e. physically protected, specialized computing units, designed to perform sensitive cryptographic tasks and to securely manage cryptographic keys and data objects. General-purpose HSMs from Utimaco aggressively protect the cryptographic identity - the digital keys - of your enterprise.
The CryptoServer lines are certified by NIST, to FIPS 140-2 Level 3 (the Se Gen2), or Level 4 for physical security, Level 3 overall ("Level 3+", the CSe). Additionally, the CP5 variant is certified to EAL4+ for Common Criteria, according to EN 419221-5 Protection Profiles for TSP Cryptographic Modules.
The HSMs themselves are standard format PCIe (1U, full height, half-length) cards, and can be supplied in two form factors: Either as the card itself, or as clusterable 1U, 19" rack-mount appliances for use in HA/FT environments. The PCIe form-factor does not come with server software , it is considered for use as an offline Root CA; it is not network addressable and can only be used on the workstation in which it is installed.
The CryptoServer line is also programmable; Utimaco can provide different SDKs that an enterprise will use to create private software modules that run directly on the HSM. Use of the SDK allows you to protect your cryptographic keys and the IP that uses them. These private methods can be either for performance optimization or to implement custom cryptographic algorithms or mechanisms. Performance optimization allows multiple, chained cryptographic operations to run with a single HSM call, and custom cryptography is useful for Post-Quantum Cryptography or when non-standard curves or symmetric encryption or hashing is required. Available SDKs are for C- or Lua-based modules, or for PKCS#11 Vendor-defined-mechanisms.
In a CryptoServer-based security system, security-relevant actions can be executed, and security-relevant information (i.e., cryptographic keys) can be stored. Given its general-purpose nature and extreme programmability, the Utimaco CryptoServer CSLAN form-factor is used as a universal, independent security component in heterogeneous computer systems, supporting multiple use cases, concurrently, and from different hosts.
Utimaco HSMs are priced according to protection level and performance, not by number of users, applications or algorithms available.