Vectera Plus

General-purpose hardware security module

Cryptographic excellence with scalable functionality

General-purpose HSM

The Vectera Plus is a hardware security module (HSM) designed for general-purpose encryption and key management.  The Vectera Plus is capable of the industry’s fastest processing speeds and can integrate with a wide variety of host applications. It supports all major encryption algorithms and complies with strict international standards like FIPS 140-2 Level 3 and PCI PTS HSM. The Vectera Plus can even support payments processing, making it a highly scalable long-term solution.

Sales brochureTalk to an expert

Data protection

  • Database encryption
  • File encryption
  • Application encryption
  • Vaultless tokenization

Key management

  • Key lifecycle management
  • Payment key management

Third-party application integration

  • Oracle Key Vault
  • Check Point Security Gateway
  • VMware vSphere
  • Java Key Tool
  • R3 – Corda Enterprise
  • Microsoft Active Directory Certificate Services (AD CS)
  • Microsoft Active Directory Rights Management Services
  • Microsoft Active Directory Federation Services (AD FS)
  • Microsoft SQL Server
  • Venafi Trust Protection Platform (TPP)

Testing and development

Perform testing, development, and rapid prototyping in a secure code environment (SCE).
HSM virtualization

Create dozens of virtual HSMs with hundreds of application partitions to expand functionality and use cryptographic resources more effectively.

Universal support

Futurex solutions support all major encryption algorithms (symmetric and asymmetric), standard client libraries, and APIs for swift integration.

Custom scripting

Load, test, and execute custom applications and code within the boundary of the Vectera Plus’s Secure Code Environment (SCE).

Why choose the Vectera Plus?

The Vectera Plus is ideally suited for general-purpose cryptography, from securing applications and databases to encrypting keys. It supports all common APIs for easy integration with host applications. Like all Futurex solutions, the Vectera Plus’s functionality and performance can be scaled according to need. It can be deployed on-premises, in the cloud, or in a hybrid configuration.

Click diagram to enlarge

Flexible functionality

The Vectera Plus is ideally suited for general-purpose encryption, but thanks to its flexible code base, can also take on payment and key management functions.

Secure Code Environment

Application developers can run and test applications within an isolated FIPS 140-2 Level 3-compliant secure code environment (SCE) with custom scripting options.

HSM Virtualization

You can divide the cryptographic functions of the Vectera Plus into different logical partitions, which allows it to function as completely independent HSMs serving different applications.

Application partitioning

Multiple applications can simultaneously connect and use Vectera Plus resources securely through key storage table segmentation.
Related: VirtuCrypt cloud

Check out our cloud key management service backed by the Vectera Plus.

See it now

Related: Securing Payments

View Futurex securing payments solutions backed by the Vectera Plus.

See it now

General-purpose power

Whether securing databases, protecting emails, or encrypting files in compliance with HIPAA, the Vectera Plus can fill nearly any cryptographic role.

Ease of use

The Vectera Plus can be controlled with an intuitive web interface or through APIs. Add the Excrypt Touch for point-and-click key loading and configuration.

Swift integration

Thanks to a shared code base, the Vectera Plus easily integrates with other Futurex HSMs, key management servers, and cryptographic management tools.

Algorithm support

The Vectera Plus supports all major cryptographic algorithms. Continuous support for new algorithms ensures your infrastructure remains secure.

Secure code environment (SCE)

The Vectera’s SCE is a powerful tool for organizations to both protect and refine their host applications, custom code, and API extensions.

Strict compliance

Futurex solutions comply with strict regulatory requirements like PCI HSM, FIPS 140-2 Level 3, ANSI X9.24 part 1 and 2 – TR-39, and FCC part 15 – class B.

Vectera Plus specifications

Apache: HTTP Server and Tomcat

The Vectera Plus offers easy integration with Apache HTTP Server and Apache Tomcat web server software.


Use the Vectera Plus to validate digital certificates stored on CAC cards, PIV cards and in software, via Axway Validation Authority integration.

HashiCorp Vault: Seal Wrap & Entropy Augmentation and Managed Keys

The Vectera Plus integrates with two services offered by HashiCorp Vault: Seal Wrap & Entropy Augmentation and Managed Keys. Manage secure data vaults for certificates, tokens, credentials, and managed encryption keys.


Integrate with the flexible, open-source BIND 9 DNS software suite. Between the Vectera Plus’s support for numerous APIs and the full-featured BIND 9, integration options abound.

CyberArk Vault

Create and configure secure credential storage vaults with the Vectera Plus. Use the CyberArk Vault integration to protect and manage privileged access across your organization’s on-premises and cloud infrastructure.


Bring high-performance general purpose encryption of the Vectera Plus to your open-source CA and PKI functionality in EJBCA. The platform-independent flexibility of EJBCA matches the many vendor-agnostic APIs supported by the Vectera Plus.

ISC CertAgent

The Vectera Plus includes a range of vendor-neutral APIs which allow it to integrate with the customer-hosted and easy-to-use ISC CertAgent CA to issue X.509 certificates.

Java Jarsigner

Establish digital signing operations for Java JAR files to authenticate them with the Vectera Plus’s support for Java Jarsigner.

Microsoft SignTool

Digitally sign and verify signatures of files with Microsoft SignTool support.

Microsoft Windows Certificate Store

Store certificates on local computers using the Microsoft Windows Certificate Store via the Vectera Plus. Certificate stores can accept certificates from different CAs.

OpenSSL Engine

Easily integrate with OpenSSL to generate private keys and create CSRs with the Vectera Plus.


Connect the Vectera Plus encryption functionality to the data protection capabilities of Protegrity.

Microsoft AD CS

Securely support Microsoft AD CS in creation and management of client Public Key Infrastructure (PKI) certificates by centralizing private key storage in the Vectera Plus hardware security module. For more information on Futurex’s AD CS integration methods, visit our Microsoft AD CS Technology Solutions page, or download our informational brochure.

Oracle Database TDE

Establish a Root-of-Trust (ROT) for Oracle databases in the Vectera Plus HSM and provide critical protection to the wallet password. The Vectera Plus provides high-assurance security for the Transparent Data Encryption (TDE) process without disrupting existing features.

Microsoft SQL Server

Take advantage of the vast set of features and administrative functionality the Vectera Plus HSM provides by using it to offload Transparent Data Encryption (TDE) keys for Microsoft SQL Server. Effectively manage the full key lifecycle, securely generate and issue database encryption keys, and configure specific key management functions like key rotation and aging. Read more about data encryption with SQL Server & HSMs.

Versasec vSEC:CMS

vSEC:CMS is a credential lifecycle management system. When implemented through the Vectera Plus, users can create and manage user authentication credentials throughout their organization.

Java KeyTool

Seamlessly secure keys in the Vectera Plus HSM with Java KeyTool for use in a wide range of general-purpose applications.

Venafi Trust Protection Platform (TPP)

For effective key & certificate lifecycle management, integrate the Vectera Plus HSM with Venafi’s Trust Protection Platform. Visit the Marketplace to download the integration guide and get started.

Red Hat Certificate System

Manage user identities and secure private communications with integration for Red Hat Certificate System. Red Hat integration protects traffic from security risks by streamlining PKI.

Check Point Security Gateway

Integrate the Vectera Plus HSM into a Check Point Security environment to add an extra layer of security to the network. Configure the Check Point Security Gateway to effectively store cryptographic key pairs and distribute Certificate Authority (CA) certificates.

Hardware features

  • Dual, redundant, hot-swappable power supplies
  • Dual gigabit Ethernet ports
  • Failover link with additional Vectera Plus devices using the Guardian Series 3 for system-wide redundancy
  • Secure Cryptographic Device (SCD) with tamper responsive barrier to protect sensitive data

Operating conditions

  • Power: 100 – 240 VAC 50/60 Hz. 225 Watts
  • Operating temp: -40° to 140°F (-40° to 60°C)
  • Storage temp: -40° to 140°F (-40° to 60°C)
  • Operating humidity: 20% to 80% non-condensing
  • Storage humidity: 5% to 95% non-condensing

Dimensions and weight

  • Weight: 36 lbs (16.33 kg)
  • Width: 19 inches (48.26 cm)
  • Height: 1U – 1.72 inches (4.37 cm)
  • Depth: 19.4 inches (49.38 cm)

Powering the VirtuCrypt cloud

VirtuCrypt key management services are backed by HSMs with hardened, FIPS 140-2 Level 3 validated technology. Whether an organization requires complete infrastructure management or simply more functionality for existing Futurex infrastructure, VirtuCrypt offers a variety of service structures designed to meet security requirements.

VirtuCrypt services

Industry compliance standards

  • FIPS 140-2 Level 3
  • ANSI X9.24 part 1 and part 2 – TR-39
  • RoHS
  • FCC Part 15- Class B

Key types and protocols

  • 3DES, AES (128-256), DSA (512-4096)
  • RSA (512-8192)
  • ECC (NIST recommended and user-defined)
  • HMAC (MD5, SHA- 1, SHA-256-512)
  • SHA-1
  • SHA-2 (256-512)

Supported cryptographic functionality

  • DES
  • Triple-DES DUKPT
  • Master/Session
  • Tokenization
  • TR-31
  • AKB
  • AES
  • ECC
  • RSA
  • EMV 4.3
  • PKCS #11
  • Java

Want to learn more?

Contact a Solutions Architect today.

Give us a call