Thales Data Protection on Demand (DPoD) audit logs for Luna Cloud HSM and CipherTrust Data Security Platform as a Service (CDSPaaS) service instances are now available through the tenant user interface. You can generate, review, and download audit logs for services in your tenant using your tenants Logs page. For more information about viewing and downloading audit logs through the tenant user interface see Audit Logging.

FW 2.0.5 has been released to all production environments. This release resolves the issue with restoring Luna Cloud HSM backups from a Luna USB Backup HSM.

The new firmware versions based on region and FIPS mode are as follows: 

• NA FIPS - 2.0.5
• NA non-FIPS - 2.0.5
• EU FIPS - 2.0.5
• EU non-FIPS - 2.0.5

Added 

Luna Cloud HSM Backup

The issue with restoring Luna Cloud HSM backups from a Luna USB Backup HSM has been rectified with FW 2.0.5.

The certificate CA provider for the platform authentication service is being changed to Sectigo, a global leader in digital identity security solutions. The scheduled time for this change is detailed on the DPoD Status Dashboard. 

Please be aware that you may need to update your system's certificates and ensure that CA CRL and OCSP endpoints are reachable in accordance with this change. 

If you require assistance or have any inquiries please contact our Support Team using the Thales Customer Support Portal.

The Service Provider Tenant Usage Report and the associated tenants/usageReport, tenants/usageDetails, and service_instances/usageDetails endpoints have been removed from the platform.

As an alternative use the Service Report in the DPoD service provider tenant or the /v1/service_instances/usageBillingReport endpoint, and the  /v1/backoffice/serviceAgreements{tenantId} endpoint to compile tenant usage information.

Thales Data Protection on Demand has updated the procedure for purchasing service subscriptions. Services can now be purchased through the subscriptions tab in the DPoD user interface instead of the services tab. This includes subscribing to new services, renewing expiring subscriptions, or adding quantities to an existing subscription. 

For more information see Purchasing a Service Subscription.

Thales Data Protection on Demand launched the DPoD Public Marketplace. The public marketplace is available at https://market.dpondemand.io.

The following public marketplace endpoints are now available:

• GET /service_types
• GET /service_types/ {id}
• GET /service_categories
• GET /service_categories/{id}

For more information about the DPoD API see Using the API and the DPoD Platform API.

An issue was found with the Luna Cloud HSM Support Tool version 1.0.0 where incorrect data was reported for datacentre connectivity in some cases. 

This issue has been fixed with the Luna Cloud HSM Support Tool version 1.0.2.

Luna Cloud HSM Support Tool version 1.0.2 addresses the following bug: 

• LCH-1498 - Support Tool reports incorrect info due to AuthN Changes.

FW 2.0.2 has been released to all production environments. This release resolves an issue that prevented cloning objects between two Luna Cloud HSM partitions when using the 10.5 client.

The new firmware versions based on region and FIPS mode are as follows: 

• NA FIPS - 2.0.2
• NA non-FIPS - 2.0.2
• EU FIPS - 2.0.2
• EU non-FIPS - 2.0.2

FW 2.0.2 includes the following bug fixes:

• LCH-489 - CPv4 Cloning command permissions incorrect for pre-FW-2.0 partitions.
• DPS-10104 - Luna Cloud HSM Partition Cloning Fails with the 10.5 Client

  Cloning keys between two Luna Cloud HSM partitions fails when using the 10.5 client. There are currently two possible workaround scenarios.
  -> Workaround #1 - If there is a Luna SA7 (or any other separate device to use as an intermediary for the cloning) then clone to and from that device.

  -> Workaround #2 - If there is no separate device then completely uninstall the 10.5 client and install the 10.4 client from scratch. For this option please raise a support ticket to the Thales Customer Support portal to request to join the 2 partitions together as the 10.4 client does not support dynamic partition loading.

The CipherTrust Data Security Platform as a Service (CDSPaaS) is now available for provisioning through Thales Data Protection on Demand.

For more information about CDSPaaS see CipherTrust Data Security Platform Services (CDSPaaS).

For more information about provisioning the service and getting started with CDSPaaS see Get Started with CipherTrust Data Security Platform Services.

Thales Data Protection on Demand has made the following changes to how billing and service subscriptions work in DPoD:

• The trial state no longer applies to the tenant, tenants are instead entitled to a 30-day evaluation period for each unique DPoD service type. The trial begins when you first create a new DPoD service of a service type and deleting the service does not stop or pause the trial.
• The Service Elections submission and approval process remains unchanged, but it now triggers the conversion of trial subscriptions to production subscriptions or directly creates production subscriptions. When a service elections form is processed the selected service types become paid subscriptions.
• Service providers, tenant administrators and application owners can review their subscription data using the Subscriptions tab in the DPoD GUI.
• All services of a new service type provisioned after April 15th are "Trial" subscriptions, with a 30-day evaluation. 

Tenants that have an accepted Service Elections form will have the following changes: 

• All paid subscriptions (DPoD Monthly, DPoD Term, Google) will be visible from the Subscriptions tab in the DPoD GUI.
• All services created before April 15th under a service elections form become "Term" (or "Uncommitted" if the Term is expired) subscriptions.
• All services created before April 15th and not under a service elections form become "Uncommitted" subscriptions.

Tenants that do not have an accepted Service Elections form will have the following changes:

• All existing services become "Trial" subscriptions, beginning April 15th, with a 30-day evaluation. 

Note: If your tenant is unable to retrieve and display subscriptions please contact Thales support to resolve the issue. You will be unable to provision new services until the issue is resolved.