This document explains how to migrate key material from a third-party HSM or Key Management Server to a Futurex Vectera Plus HSM or KMES Series 3. For additional questions related to your Vectera Plus or KMES Series 3 device, see the relevant user guide.

The Vectera Plus hardware security module (HSM) handles cryptographic processing and key management for various general-purpose use cases. Our HSMs protect data in transit, in use, and at rest through various physical and logical security measures, and we validate them under FIPS 140-2 Level 3 and PCI HSM standards.

The Secure Cryptographic Device (SCD) contained within the Vectera Plus HSM handles all sensitive operations and supports common algorithms such as 3DES, AES, RSA, and ECC. It also supports a range of key derivation and wrapping methods, message authentication algorithms, and more.

The KMES Series 3 is a scalable, versatile, and standards-compliant cryptographic device used to create, manage, distribute, and revoke keys and certificates. The KMES Series 3 provides a secure, functional platform for conducting full-lifecycle key and certificate management from a single location. You can store and keep track of existing keys and certificates and generate new keys and certificates as needed.

Advantages of the KMES Series 3 include:

Another essential feature of the KMES Series 3 is its modular architecture system, built around our proven cryptographic technology. We designed this modular architecture system to provide custom solutions to fulfill the unique needs of organizations across a wide range of industries. Full integration with our Hardened Enterprise Security Platform enables the KMES Series 3 to offer unparalleled functionality expansion options and the scalability necessary to keep pace with even the most rapid and demanding organizational growth.

The sections of this guide explore the following external key migration topics: