Flexible Backups

While some applications might deal in ephemeral objects that are erased after their use, in many Luna HSM applications the keys and objects within the HSM and partition have value and are meant to persist. For such valuable data, any security regime requires that the data be backed up in secure fashion, and stored securely.

Backup and restore operations require access to the objects in your partition in order to copy them. As such, backup and restore operations are restricted to HSMs that share a cloning domain and partitions whose administrators allow access to.

Backup

Backup operations copy the secure material on your HSM and store it on a separate Backup HSM. Backup is not performed continuously. The frequency of backup is dependent on your backup plan or strategy.

The Luna Backup HSM 7 or Luna Backup HSM G5 can be connected to the Luna Network HSM 7 appliance or the Luna HSM Client to perform backup or restore operations on the spot. It is not able to perform cryptographic operations; it functions only in its secure backup/restore role. The Backup HSM takes on the authentication type of the primary HSM with which it is paired for backup - so it becomes a password-authenticated Backup HSM when backing up a password-authenticated primary HSM, and a multifactor quorum-authenticated Backup HSM when backing up a multifactor quorum-authenticated primary HSM.

The Backup HSM can also be connected to a host computer, located at a distance from the source HSM, and can perform backup and restore operations over secure network connection. This is normally the case when the source HSM is kept in a secure server room or a lights-out facility.

There are several ways to do backup with Luna HSMs. Depending on the type and number of HSMs and partitions you have, and how they are organized, different methods may be more suitable for your situation. The following sections describe these methods in more detail:

>Local Backup

>Remote Backup

>Comparing Local Versus Remote Backup

Restore

Restore operations are only necessary if there is no hope of recovering your data on your HSM, and using your backup to restore the content is the only solution. The restore operation is identical to the backup operation, only in the opposite direction.

Local Backup

Local backup requires a direct connection to the HSM to be successful. Backup can be done directly from the secure appliance housing the HSM or from a client workstation connected to the HSM.

Centralized Local Backup

Centralized backup uses a direct connection between the HSM you wish to back up and the Backup HSM. Centralized Local Backup outlines the basic setup required for simple local backup.

Figure 1: Centralized Local Backup

Connecting your Backup HSM directly to the HSM or secure appliance housing the HSM you wish to back up is a highly secure method of copying your keys. It requires you to have physical access to the HSM in addition to the HSM SO and Partition SO credentials for every partition needing backup. The backup operation is initiated from the LunaSH command line.

Client-side Local Backup

Client-side backup connects to the HSM you wish to back up via your client workstation. The Backup HSM connects directly to the client workstation to perform backup. Client-side Local Backup outlines the basic setup required for local backup via client workstation.

Figure 2: Client-side Local Backup

The backup operation in this case is still local, and thus requires a direct wired connection between your Backup HSM and client workstation. This method is highly secure, and allows for some flexibility in case the HSM you wish to back up is not easily available for direct connection. A PC running Luna HSM Client and LunaCM can connect to the HSM and, with the appropriate Partition SO credentials for every partition needing backup, can access and securely copy your cryptographic keys.

Remote Backup

Remote backup allows you to securely back up your HSM from any location that is convenient. A secure network connection facilitated by RBS enables you to access your HSM or partition without needing to be physically near it. Remote Backup outlines the basic setup required for remote backup.

Figure 3: Remote Backup

Remote Backup Service (RBS) runs on a system hosting a Luna Backup HSM, making the Backup HSM available to distant HSMs. This allows backup and restore operations to run from any location most convenient for the administrator. In this configuration, backup and restore operations are performed over secure network connection.

Comparing Local Versus Remote Backup

Regardless of whether you use a local connection to backup and restore your HSM, or whether you use a remote one, backup and restore operations always require a Backup HSM. How you decide to connect it and organize your backup/restore infrastructure depends on what your organization needs.

Local backup is easier and faster to configure than remote, but the remote option allows more secure storage of your cryptographic material in case the entire environment in which your HSM resides collapses.

For detailed instructions on carrying out backup and restore operations, see Partition Backup and Restore.

Cluster Backup/Restore

When Luna Network HSM 7 is configured as a cluster, the entire contents of the cluster can be backed up to the appliance in an encrypted file, accessible to the admin user. You can perform backups on demand, or schedule periodic backups and determine how many to store before the oldest ones are overwritten. You can restore the entire cluster from a backup at any time. See Cluster Backup and Restore for procedures.



	SUPPORT	LEGAL
Luna Network HSM 7 Documentation © Copyright 2001-2024, Thales Group Last Updated: 2024-04-15 13:18:27 GMT-04:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information