{"id":606,"date":"2020-07-18T14:16:05","date_gmt":"2020-07-18T14:16:05","guid":{"rendered":"https:\/\/ergonomics.aryxe.tech\/?page_id=606"},"modified":"2026-02-18T15:05:07","modified_gmt":"2026-02-18T13:05:07","slug":"entrust","status":"publish","type":"page","link":"https:\/\/www.ergonomics.ch\/en\/products\/entrust\/","title":{"rendered":"Entrust"},"content":{"rendered":"\n
\n
\n

Entrust HSMs \u2013 Maximum security for your cryptographic infrastructure. Trustworthy. Scalable. Future-proof.<\/h3>\n\n\n
\n
\"\"<\/figure><\/div>\n\n\n

Entrust nShield HSMs offer enterprise-level security , whether you’re protecting critical databases, cloud services, payment infrastructures, or PKI systems. The nShield 5c delivers maximum performance, flexibility, and compliance, while the broad HSM family ensures that the right device is available for every architecture: on-premises, as a network appliance, portable USB devices, or as a cloud service.<\/p>\n\n\n\n

\n\n\n\n

nShield 5c \u2013 High-Performance HSM for Enterprises<\/h3>\n\n\n
\n
\"\"
Entrust HSM nShield 5c<\/figcaption><\/figure><\/div>\n\n\n

The nShield 5c<\/strong> is the flagship of the Entrust HSM series. It combines performance, scalability, and the highest level of security<\/strong> in a network HSM designed for demanding enterprise applications.<\/p>\n\n\n\n

Technical highlights:<\/strong><\/p>\n\n\n\n

    \n
  • Certified security:<\/strong> FIPS 140-3 Level 3, Common Criteria EAL4+, tamper-evident<\/li>\n\n\n\n
  • Scalable performance:<\/strong> Parallelized cryptography for thousands of transactions per second<\/li>\n\n\n\n
  • Crypto-agility:<\/strong> Support for RSA, ECC, AES, SHA-3 and future post-quantum algorithms<\/li>\n\n\n\n
  • Network integration:<\/strong> Deployment via high-bandwidth LAN, remote management and failover options<\/li>\n\n\n\n
  • Redundancy & High Availability:<\/strong> Cluster-capable for uninterrupted services<\/li>\n<\/ul>\n\n\n\n

    Use Cases:<\/strong><\/p>\n\n\n\n

      \n
    • PKI servers and certificate infrastructures<\/li>\n\n\n\n
    • Code signing and software authentication<\/li>\n\n\n\n
    • Encryption of sensitive databases and applications<\/li>\n\n\n\n
    • Protection of authentication systems and payment infrastructures<\/li>\n<\/ul>\n\n\n\n
      \n\n\n\n

      Other Entrust HSM variants<\/h3>\n\n\n\n

      nShield 5s \u2013 PCIe HSM<\/strong><\/p>\n\n\n

      \n
      \"\"
      Entrust HSM nShield 5s<\/figcaption><\/figure><\/div>\n\n\n
        \n
      • Embedded in servers, ideal for local high-performance cryptography<\/strong><\/li>\n\n\n\n
      • Perfect for code signing, database encryption and PKI servers<\/strong><\/li>\n<\/ul>\n\n\n\n
        \n\n\n\n

        nShield Edge \u2013 tragbare USB-HSM<\/strong><\/p>\n\n\n

        \n
        \"Entrust
        Entrust HSM nShield Edge<\/figcaption><\/figure><\/div>\n\n\n
          \n
        • Compact, mobile and easy to use<\/li>\n\n\n\n
        • Protects keys in development, BYOK, or cloud scenarios.<\/strong><\/li>\n<\/ul>\n\n\n\n
          \n\n\n\n

          nShield as a Service (nSaaS)<\/strong><\/p>\n\n\n

          \n
          \"nShield
          nShield as a Service (nSaaS)<\/figcaption><\/figure><\/div>\n\n\n
            \n
          • Cloud-based, no hardware required<\/li>\n\n\n\n
          • Ideal for rapid deployment of cryptographic services<\/strong> in hybrid infrastructures<\/li>\n<\/ul>\n\n\n\n
            \n\n\n\n

            Why choose Entrust HSMs?<\/h3>\n\n\n\n
              \n
            • Physically secured keys:<\/strong> Never leave unprotected outside the HSM device.<\/li>\n\n\n\n
            • Highly scalable:<\/strong> For growing transaction and key volume requirements<\/li>\n\n\n\n
            • Flexible integration:<\/strong> On-premise, network, USB or cloud \u2013 always compatible<\/li>\n\n\n\n
            • Future-proof:<\/strong> Supports current and future algorithms (post-quantum-ready)<\/li>\n\n\n\n
            • Central administration:<\/strong> Monitoring, role and authorization management, remote administration<\/li>\n<\/ul>\n\n\n\n
              \n\n\n\n

              Entrust PKI Solution \u2013 The backbone of digital security. Post-Quantum Ready.<\/h2>\n\n\n\n

              Entrust offers a fully integrated Public Key Infrastructure that automates the entire certificate lifecycle \u2013 from key generation and issuance to management, renewal, and secure revocation. The platform enables end-to-end security for digital certificates, keys, and device identities in complex IT environments and supports modern Zero Trust and DevOps architectures.<\/strong><\/p>\n\n\n\n

              \n\n\n\n

              PKI portfolio<\/h2>\n\n\n\n

              1. PKI as a Service (PKIaaS)<\/strong><\/p>\n\n\n\n

                \n
              • Cloud-native architecture: Multi-tenant, elastic scaling, global availability<\/li>\n\n\n\n
              • Automated Lifecycle Management: Issue, Renew, Revoke, Suspend, Expire<\/li>\n\n\n\n
              • APIs & Integrations: REST, CMPv2, SCEP, EST, ACME protocols for DevOps and IoT use cases<\/li>\n\n\n\n
              • Post-quantum cryptography: Supporting hybrid keys to prepare for future quantum attacks<\/li>\n\n\n\n
              • High Availability & Disaster Recovery: Geo-redundant clusters, SLA-guaranteed uptime<\/li>\n<\/ul>\n\n\n\n

                Use Case:<\/strong> Companies that need scalable PKI for cloud-first environments and DevOps.<\/p>\n\n\n\n

                \n\n\n\n

                PKI-Portfolio<\/h2>\n\n\n\n

                1. PKI as a Service (PKIaaS)<\/strong><\/p>\n\n\n\n

                  \n
                • Cloud-native Architektur: Multi-Tenant, elastische Skalierung, globale Verf\u00fcgbarkeit<\/li>\n\n\n\n
                • Automatisiertes Lifecycle Management: Issue, Renew, Revoke, Suspend, Expire<\/li>\n\n\n\n
                • APIs & Integrationen: REST, CMPv2, SCEP, EST, ACME-Protokolle f\u00fcr DevOps- und IoT-Use-Cases<\/li>\n\n\n\n
                • Post-Quantum-Kryptografie: Unterst\u00fctzung hybrider Schl\u00fcssel zur Vorbereitung auf zuk\u00fcnftige Quantenangriffe<\/li>\n\n\n\n
                • High Availability & Disaster Recovery: Geo-redundante Cluster, SLA-garantierte Uptime<\/li>\n<\/ul>\n\n\n\n

                  Use Case: <\/strong>Unternehmen, die skalierbare PKI f\u00fcr Cloud-First-Umgebungen und DevOps ben\u00f6tigen.<\/p>\n\n\n\n

                  \n\n\n\n

                  2. Cryptographic Security Platform (CSP) PKI<\/strong><\/p>\n\n\n\n

                  \"Entrust
                  Entrust PKI compatibility with external systems<\/figcaption><\/figure>\n\n\n\n

                  <\/p>\n\n\n\n

                    \n
                  • All-in-One Appliance: PKI components (Root\/Intermediate CAs, RA, OCSP, CRL) in a virtualized platform<\/li>\n\n\n\n
                  • On-premise or private cloud: Full control over key material and certificate management<\/li>\n\n\n\n
                  • Integration with HSMs: FIPS 140-3 Level 3 certified HSMs for private keys<\/li>\n\n\n\n
                  • Scalability: Issuing certificates worth millions with low-latency performance<\/li>\n<\/ul>\n\n\n\n

                    Use Case:<\/strong> Organizations with strict compliance requirements and high security standards, e.g., financial or government institutions.<\/p>\n\n\n\n

                    \n\n\n\n

                    3. Managed PKI Services<\/strong><\/p>\n\n\n\n

                      \n
                    • Entrust as operator: monitoring, updates, key management, compliance checks<\/li>\n\n\n\n
                    • Audit & Reporting: Full logging of CA operations, CRL and OCSP status<\/li>\n\n\n\n
                    • Automated certificate processes: Reducing human error and ensuring SLA-compliant renewal<\/li>\n<\/ul>\n\n\n\n

                      Use Case:<\/strong> Companies without an internal PKI team that still require the highest level of security.<\/p>\n\n\n\n

                      \n\n\n\n

                      4. Certificate Authority (Enterprise PKI)<\/strong><\/p>\n\n\n\n

                        \n
                      • Centralized management of root and sub-CAs<\/li>\n\n\n\n
                      • Support for HSM-secured keys (FIPS 140-2\/3 Level 3)<\/li>\n\n\n\n
                      • Protocol support: REST, CMPv2, SCEP, EST, ACME, OCSP, CRL<\/li>\n\n\n\n
                      • Certificate types: TLS\/SSL, Client Auth, Code Signing, Document Signing, IoT Device Identity<\/li>\n\n\n\n
                      • Global standards: CAB\/FORUM, Common Criteria, ISO 27001<\/li>\n<\/ul>\n\n\n\n

                        Use Case:<\/strong> Large companies, IoT ecosystems, banks, government agencies, software manufacturers.<\/p>\n\n\n\n

                        \n\n\n\n

                        Technical Highlights<\/strong><\/p>\n\n\n\n

                          \n
                        • Post-Quantum-Ready Algorithms: Hybrid and Quantum-Resistant Keys<\/li>\n\n\n\n
                        • End-to-End Key Management: HSM-secured root keys, lifecycle management, automated renewal<\/li>\n\n\n\n
                        • Flexible deployment: Cloud-native PKIaaS, on-prem appliance, managed service<\/li>\n\n\n\n
                        • API integration: Automation for DevOps, IoT, MDM\/EMM systems<\/li>\n\n\n\n
                        • Zero Trust compatible: Certificates for encrypted device-to-device and service communication<\/li>\n<\/ul>\n\n\n\n
                          \n\n\n\n

                          Deployment scenarios<\/strong><\/p>\n\n\n\n

                            \n
                          • Web and service security: TLS\/SSL certificates, API protection<\/li>\n\n\n\n
                          • IoT & Embedded Devices: Trusted Device Identity, Secure Boot<\/li>\n\n\n\n
                          • Code Signing: Software Integrity and Non-Repudiation<\/li>\n\n\n\n
                          • Digital signatures: Email, documents, PDFs<\/li>\n\n\n\n
                          • Zero-Trust Networks: Authentication of users, endpoints and services<\/li>\n<\/ul>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

                            Entrust HSMs \u2013 Maximum security for your cryptographic infrastructure. Trustworthy. Scalable. Future-proof. Entrust nShield HSMs offer enterprise-level security , whether you’re protecting critical databases, cloud services, payment infrastructures, or PKI systems. The nShield 5c delivers maximum performance, flexibility, and compliance, while the broad HSM family ensures that the right device is available for every architecture: […]<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":1017,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"template-product.php","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-606","page","type-page","status-publish","hentry"],"translation":{"provider":"WPGlobus","version":"3.0.1","language":"en","enabled_languages":["de","en"],"languages":{"de":{"title":true,"content":true,"excerpt":false},"en":{"title":true,"content":true,"excerpt":false}}},"acf":[],"_links":{"self":[{"href":"https:\/\/www.ergonomics.ch\/en\/wp-json\/wp\/v2\/pages\/606","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ergonomics.ch\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.ergonomics.ch\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.ergonomics.ch\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ergonomics.ch\/en\/wp-json\/wp\/v2\/comments?post=606"}],"version-history":[{"count":43,"href":"https:\/\/www.ergonomics.ch\/en\/wp-json\/wp\/v2\/pages\/606\/revisions"}],"predecessor-version":[{"id":4896,"href":"https:\/\/www.ergonomics.ch\/en\/wp-json\/wp\/v2\/pages\/606\/revisions\/4896"}],"up":[{"embeddable":true,"href":"https:\/\/www.ergonomics.ch\/en\/wp-json\/wp\/v2\/pages\/1017"}],"wp:attachment":[{"href":"https:\/\/www.ergonomics.ch\/en\/wp-json\/wp\/v2\/media?parent=606"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}