Guardian Series 3

Enterprise cryptographic orchestration

Centralized, customizable, and automated

Guardian Series 3 cryptographic management solution

The Guardian Series 3 centralizes management of your cryptographic infrastructure. Its user-friendly interface, automation options, and granular controls reduce in-person management. Use the Guardian Series 3 with Futurex HSMs or Cloud HSMs to manage your infrastructure remotely and with ease.

  • Centralized configuration with user-defined device groups
  • Direct integration between HSMs and key management servers
  • Shared cryptographic resource pool
  • Granular monitoring and alerting parameters
  • High availability, zero-downtime load balancing
Sales brochureTalk to an expert

Centralized configuration

  • Define device clusters
  • Assign new HSMs to clusters to increase scalability
  • Apply changes to multiple clusters at once
  • Remotely manage devices both on-premises and in the cloud

Object / key referencing

  • Directly integrate HSMs and key management servers
  • Encryption objects included in API calls
  • Reduce processing overhead and application integration effort

Cryptographic orchestration

  • Create a shared cryptographic resource pool
  • Consolidate cryptographic resources in one infrastructure
  • Distribute HSM services across enterprise
  • Deploy service-based cryptographic architecture

Custom monitoring and alerting

  • Granular monitoring parameters: temperature, access attempts, command counts, and more.
  • User-defined alert outputs
  • SMTP, SMS, and SNMP log outputs
  • SIEM integration

High availability and disaster recovery

  • Automated load balancing with zero downtime
  • Multi-site automated failover
  • Security profiles between multiple sites
  • Establish redundancy and disaster recovery
Use case: abstraction layer

The Guardian serves as an abstraction layer – the intermediary between applications and devices. In this capacity it handles load balancing, object caching, key referencing, and disaster recovery.

Use case: out of band management

Some organizations must connect their host applications to Futurex HSMs directly. They can use the Guardian Series 3 to manage the HSM separately from the host application.

Use case commonalities

Whether you use the Guardian Series 3 as an abstraction layer or for out of band management, you gain access to monitoring and alerting, centralized configuration, and much more.

Why go with the Guardian Series 3?

The Guardian Series 3 is made to centralize and simplify. Easy integration between HSMs and key management servers; easy-to-use GUI to manage configuration settings and device groups; and a granular level of customization and automation parameters. The Guardian Series 3 lets you deploy service-oriented architecture and achieve true cryptographic orchestration.

Click diagram to enlarge

Reduce cryptographic management burden

A web-based management dashboard helps you streamline operations and maximize Futurex device processing. An entire infrastructure can be managed by one team.

Increase system redundancy

Enable full system redundancy with peering and automated failover. The Guardian automatically redistributes transaction loads for on-premises and cloud infrastructure.

Simplify updates and audits

Apply changes to and conduct log audits for Futurex devices spread across multiple data centers, including firmware updates, all from a central location.

Manage devices in real-time

Real-time notifications and alerts help you automatically monitor system parameters, throughput, and error messages of entire groups of connected devices.
Related: Hardware security modules

View specialized and general-purpose Futurex HSMs

See it now

Related: VirtuCrypt cloud products

Manage cloud products with the Guardian Series 3

See it now

Virtual HSM orchestration

Cluster HSMs deployed on-premises or in the cloud into user-defined groups, with customizable management settings.

Device peering algorithm

Automatically share data between devices across multiple data centers and cloud environments.

Hybrid environments

Manage and load balance on-premises HSMs and Cloud HSMs or transition to fully managed cloud infrastructure.

Native VirtuCrypt integration

Seamlessly manage and deploy VirtuCrypt cloud services to support on-premises cryptographic processing.

Audit log repository

Consolidate data logs from all client devices in one central location with automatic distribution functionality.

High availability and disaster recovery

Easily set up active-active, high-availability clusters of Futurex devices, including off-site failover configuration.

Centralized cryptographic management for Futurex products

Single-pane-of-glass management, visibility, and orchestration of an organization’s entire ecosystem

Guardian Series 3 specifications

Hardware features

  • Dual control-enabled, tamper-responsive
  • Smart card reader for M-of-N key fragmentation and dual-factor authentication
  • Dual, redundant gigabit Ethernet ports
  • Dual, redundant, hot-swappable power supplies
  • Automated, internal RAID-based backup of object management applications and databases

Operating conditions

  • Power: 100 – 240 VAC 50/60 Hz. 225 Watts
  • Operating temp: -40° to 140°F (-40° to 60°C)
  • Storage temp: -40° to 140°F (-40° to 60°C)
  • Operating humidity: 20% to 80% non-condensing
  • Storage humidity: 5% to 95% non-condensing

Dimensions and weight

  • Weight: 40.5 lbs (18.4 kg)
  • Width: 19 inches (48.3 cm)
  • Height: 2U – 3.47 inches (8.81 cm)
  • Depth: 22.3 inches (56.7 cm)

Powering the VirtuCrypt cloud

VirtuCrypt management services are backed by the Guardian Series 3 with hardened, FIPS 140-2 Level 3 validated technology. Whether an organization requires complete infrastructure management or simply more functionality for existing Futurex infrastructure, VirtuCrypt offers a variety of service structures designed to meet security requirements.

VirtuCrypt services

Industry compliance standards

  • FIPS 140-2 Level 3 Compliant
  • ANSI X9.24 Part 1 and Part 2—TR-39
  • Payment Card Industry Data Security Standard (PCI DSS)
  • RoHS
  • FCC Part 15 – Class B

Centralized management capabilities

  • Master Key loading
  • User and permissions administration
  • Log management and audit reporting
  • Firmware distribution and installation
  • Synchronization of keys, certificates, and configuration settings across multiple client devices

Alerting and notification formats

  • Simple Mail Transfer Protocol (SMTP)
  • Simple Network Management Protocol (SNMP)
  • Short Message Service (SMS)
  • Syslog

Want to learn more?

Contact a Solutions Architect today.

Give us a call