Monitoring for Payment HSMs

CipherTrust from Thales e-Security delivers flexible capabilities for monitoring and managing all your distributed payment HSMs.


CipherTrustCipherTrust from Thales e-Security is a comprehensive HSM monitoring platform that enables operations teams to gain 24x7 visibility into the status of all their HSMs, including those residing across a number of distributed data centers. With this solution, security teams can efficiently inspect HSMs and find out immediately if any potential security, configuration or utilization issue may compromise their mission-critical infrastructure.

Top 10 reasons HSM monitoring helps you avoid outages

Instant Alerting

CipherTrust eliminates the need for repetitive manual efforts, and equips administrators with the timely, targeted insights they need to proactively take corrective actions.

Continuous Tracking

Monitors HSM performance and provides visibility into both individual HSMs and groups of devices. Administrators can efficiently track HSM health and events, and get advance warning of capacity overload.

Comprehensive Data

Provides bundled views of HSM configurations for efficient analysis and comparison. Generates detailed reports on HSM utilization and performance, and enables drill down for detailed analysis.

Virtual Appliance Minimum Specification
  • 2 CPUs with 2 cores each
  • 8 GB RAM
  • Thin provisioned hard drives
  • Compatible with ESXi 5.1 and later (VM Version 9)
Role-based Access Control

CipherTrust delivers support for establishing clear separation of duties. Supports separate tasks and permissions based on two distinct roles: Administrator and Group Manager. With the solution's strong configuration and administration controls, organizations can strengthen the overall security of their environments.

Central Monitoring Capabilities

CipherTrust refreshes utilization statistics for all HSMs on a per-minute basis. Based on user-defined thresholds, the solution can generate alerts when critical situations arise. Alarms can be delivered via email and remote syslog servers. With the solution, you can define specific time periods for in-depth analysis, including last hour, 24 hours, 7 days, 30 days or custom intervals. CipherTrust can report on a range of attributes:

  • Tamper events
  • Fraud detection
  • PIN attacks
  • Services (UDP, TCP etc.)
CipherTrust Installation DVD

The CipherTrust application is supplied as an Open Virtual Appliance (OVA), which can run on supported virtual machine (VM) configurations. Customers can download the latest version of the application from the Thales support website. As an alternative, the application can be ordered for delivery on a DVD.

Additional Endpoint Licenses

The basic system can monitor up to five HSMs. Users can add more endpoint licenses at any time in increments of five, 10, 20 or 50. The resultant count is always cumulative and additional licenses can be applied in any order.

Data Sheet : CipherTrust

CipherTrust provides network operations teams with high levels of visibility regarding the overall operational status of HSMs across multiple locations, providing a central view of security and performance for mission critical cryptographic operations. CipherTrust is a flexible monitoring and management platform for Thales HSMs providing comprehensive 24 x 7 instantaneous status reporting on all HSMs without the need for any user intervention. It delivers comprehensive alerts direct to designated operations staff on issues relating to HSM operation, security, configuration and utilization keeping the relevant teams fully informed while helping them proactively respond to potential issues.


Data Sheet : payShield 9000

Thales payShield 9000 is a hardware security (HSM) payment module that provides the cryptographic protection required for ATM, point of sale (POS), credit and debit card issuance, and processing Of transactions. Encryption and management functionality meets or exceeds the operational and security requirements of the major international card system, including American Express, Discover, JCB, MasterCard, UnionPay and Visa. It is deployed as an external peripheral for mainframes and servers running card issuance applications, mobile platform provisioning, and payment processing software for the electronic payment industry.


Data Sheet : payShield Manager

payShield Manager enables security teams to perform all tasks remote from data centers, reducing costs and delivering greater operational efficiency. payShield Manager is a hardware security module (HSM) management tool specifically designed for the Thales payShield 9000 HSM that operates in both local and remote modes via a standard browser interface. A secure connection to the HSM underpinned by smart card access control enables key management, security configuration and software/license updates to be carried out remotely from the data center.

Watch our interactive demo Explore
Schedule a live demo Schedule
Get in contact with a specialist Contact us