CryptoServer is the Utimaco family of general-purpose hardware security modules (HSMs), i.e. physically protected, specialized computing units, designed to perform sensitive cryptographic tasks and to securely manage cryptographic keys and data objects. General-purpose HSMs from Utimaco aggressively protect the cryptographic identity - the digital keys - of your enterprise and your digital wallet.
The CryptoServer lines are certified by NIST, to FIPS 140-2 Level 3 (the Se Gen2), or Level 4 for physical security, Level 3 overall ("Level 3+", the CSe). Additionally, the CP5 variant is certified to EAL4+ for Common Criteria, according to EN 419221-5 Protection Profiles for TSP Cryptographic Modules.
The HSMs themselves are standard format PCIe (1U, full height, half-length) cards, and can be supplied in two form factors: Either as the card itself to OEM customers, or as clusterable 1U, 19" rack-mount appliances for use in HA/FT environments by end-users.
The PCIe form-factor does not come with server software; it can only be accessed via libraries on the workstation/server where it is installed.
SecurityServer is the software, firmware and modules that drive the CryptoServer hardware security modules. Normal integration is via standards-based or proprietary APIs (PKCS11, CNG, etc, and Utimaco's CXI), supplied with the SecurityServer package. These APIs allow you to make use of the HSMs abilities from within your business logic. Additionally, Utimaco can provide different SDKs that an enterprise may use to create private software modules that run directly on the HSM. Use of the SDK allows you to protect your cryptographic keys and the IP that uses them.
These private modules can be either for performance optimization or to implement custom cryptographic algorithms or mechanisms - ie, to run your business logic directly on the HSM, to prevent exposure of intermediate artifacts, etc. Performance optimization allows multiple, chained cryptographic operations to run with a single HSM call, and custom cryptography is useful for Post-Quantum Cryptography or when non-standard curves or symmetric encryption or hashing is required. Available SDKs are for C- or Lua-based modules, or for PKCS#11 Vendor-defined-mechanisms.
In a CryptoServer-based security system, security-relevant actions can be executed, and security-relevant information (i.e., cryptographic keys) can be stored. Given its general-purpose nature and extreme programmability, the Utimaco CryptoServer CSLAN form-factor is used as a universal, independent security component in heterogeneous computer systems, supporting multiple use cases, concurrently, and from different hosts.
Utimaco HSMs are priced according to protection level and performance, not by number of users, applications or algorithms available.