Audit Logs available through tenant user interface

Thales Data Protection on Demand (DPoD) audit logs for Luna Cloud HSM and CipherTrust Data Security Platform as a Service (CDSPaaS) service instances are now available through the tenant user interface. You can generate, review, and download audit logs for services in your tenant using your tenants Logs page. For more information about viewing and downloading audit logs through the tenant user interface see Audit Logging.


Deprecation of CPv1 Cloning

In the upcoming release of FW 3.0 for Luna Cloud HSM, CPv1 will be removed from FIPS firmware support as it is no longer compliant with 140-3. As this only affects FIPS mode, all affected users should use CPv4 or transition service to non-FIPS mode. If Luna Network HSM users want to clone to Luna Cloud HSM with a FIPS partition they will have to use Luna 7.8 or higher. See Universal Cloning for more information.

Client Upgrade Required for Luna Cloud HSM Services

In advance of upcoming enhancements to Luna Cloud HSM we wish to remind our customer base that client versions 10.2, 10.3 and 10.4 are no longer supported by the service and must be upgraded.

Although these client versions will continue to function today, future upgrades to the Cloud HSM Service will render them inoperable.

Users must upgrade to a supported client version before August 27, 2024.

Full instructions for upgrading the client can be found in the thalesdocs.com documentation; https://thalesdocs.com/dpod/services/luna_cloud_hsm/client/upgrade/index.html

For more details please visit our Customer Support Portal.

Luna Cloud HSM Releases 10.7.1 Luna Cloud HSM Client

Version 10.7.1 of the HSM client is now available for download from Thales Data Protection on Demand for Luna Cloud HSM services. This client supports hybrid usage of both Luna Cloud HSM services and the Luna HSM product line, as detailed in the Luna Cloud HSM Client User Guide. See Upgrade Client for more information about upgrading your client.

Users are encouraged to upgrade to this latest client version and ensure it is supported in accordance with the Universal Client Supported Versions with Luna Cloud HSM table.

Added 

Update of Client Private Key Encryption Algorithm

The private key encryption algorithm used in NTLS connections, is upgraded from TDES/DES3 to AES-256-CBC.

For more information about client features and enhancements and client advisory notes see 10.7.1 Client Customer Release Notes. See Known and Resolved Issues for more information about existing problems and available workarounds.

Luna Cloud HSM Releases FW 2.0.5 Upgrade

FW 2.0.5 has been released to all production environments. This release resolves the issue with restoring Luna Cloud HSM backups from a Luna USB Backup HSM.

The new firmware versions based on region and FIPS mode are as follows: 

  • NA FIPS - 2.0.5
  • NA non-FIPS - 2.0.5
  • EU FIPS - 2.0.5
  • EU non-FIPS - 2.0.5

Added 

Luna Cloud HSM Backup

The issue with restoring Luna Cloud HSM backups from a Luna USB Backup HSM has been rectified with FW 2.0.5.

The Luna Cloud HSM for DKE service is now available

The Luna Cloud HSM for DKE service is now available for trial and subscription. 

Provision the service through your Thales DPoD Tenant to access a Luna Cloud HSM partition and the Luna Key Broker for Microsoft DKE service software. Use the service software to create a Microsoft DKE endpoint by running the included container and connecting the Luna Cloud HSM service for secure storage of DKE cryptographic keys. 

See the Luna Cloud HSM for DKE documentation for more information about provisioning and configuring the service.

The Support Tool Has Been Upgraded

An issue was found with the Luna Cloud HSM Support Tool version 1.0.0 where incorrect data was reported for datacentre connectivity in some cases. 

This issue has been fixed with the Luna Cloud HSM Support Tool version 1.0.2.

Luna Cloud HSM Support Tool version 1.0.2 addresses the following bug: 

  • LCH-1498 - Support Tool reports incorrect info due to AuthN Changes.

Luna Cloud HSM Releases FW 2.0.2 Upgrade

FW 2.0.2 has been released to all production environments. This release resolves an issue that prevented cloning objects between two Luna Cloud HSM partitions when using the 10.5 client.

The new firmware versions based on region and FIPS mode are as follows: 

  • NA FIPS - 2.0.2
  • NA non-FIPS - 2.0.2
  • EU FIPS - 2.0.2
  • EU non-FIPS - 2.0.2

FW 2.0.2 includes the following bug fixes:

  • LCH-489 - CPv4 Cloning command permissions incorrect for pre-FW-2.0 partitions.
  • DPS-10104 - Luna Cloud HSM Partition Cloning Fails with the 10.5 Client

    Cloning keys between two Luna Cloud HSM partitions fails when using the 10.5 client. There are currently two possible workaround scenarios.
    -> Workaround #1 - If there is a Luna SA7 (or any other separate device to use as an intermediary for the cloning) then clone to and from that device.

    -> Workaround #2 - If there is no separate device then completely uninstall the 10.5 client and install the 10.4 client from scratch. For this option please raise a support ticket to the Thales Customer Support portal to request to join the 2 partitions together as the 10.4 client does not support dynamic partition loading.


CipherTrust Data Security Platform as a Service available through DPoD

The CipherTrust Data Security Platform as a Service (CDSPaaS) is now available for provisioning through Thales Data Protection on Demand.

For more information about CDSPaaS see CipherTrust Data Security Platform Services (CDSPaaS).

For more information about provisioning the service and getting started with CDSPaaS see Get Started with CipherTrust Data Security Platform Services.

Show Previous EntriesShow Previous Entries