Scale Applications and Backup Keys Between AWS CloudHSM & Private Cloud

SAN JOSE, CA – April 17, 2018 — / — Cavium™, Inc. (NASDAQ: CAVM), a leading provider of products that enable secure and intelligent processing for enterprise, data center, wired and wireless networking, today announced that its LiquidSecurity 140-2 Level 3 FIPS certified appliance enables seamless key backup and application scaling with AWS CloudHSM FIPS 140-2 Level 3 service. Customers can deploy LiquidSecurity HSMs on-premises or in a private data center, create a backup from a managed HSM instance in the cloud, and restore the backup to their on-premises HSM. While the cloud vendor can take backups of customer HSMs, enterprises with escrow needs will benefit from the ability to securely transfer and retain access to their keys within a FIPS boundary. Customers can also utilize this feature to scale in a hybrid cloud environment.

Cavum’s LiquidSecurity HSM family provides high-performance FIPS 140-2 level 3 HSMs that are run-time partitioned for elastic use on the cloud. It addresses high performance, key management and administration requirements for symmetric and asymmetric keys. It also addresses elastic performance per virtual/network domain for cloud environments, allowing enterprises to migrate on-premises workloads subject to compliance regulations or with stringent security requirements to the cloud. Examples include SaaS applications, e-commerce payment systems and Enterprise, Banking and Government security applications. SaaS applications which rely on this product family include Key Management as-a-Service, Database as-a-Service, Crypto as-a-Service, Secure DNS, Virtual Private Clouds, and payment systems.

Market Dynamics for Cloud Transaction Security
Cavium has observed two major trends driving the requirements for FIPS-based transaction security in cloud data centers. First, e-commerce, healthcare and government applications, which traditionally used FIPS-level security in private data centers, are migrating to a virtualized/SDN-capable, multi-domain cloud infrastructure. They need a secure and elastic FIPS solution as they migrate to the cloud.

Second, enterprise applications that have utilized private keys — but did not require FIPS-based security because they were deployed in private data centers — are migrating to the cloud as well. They now require FIPS-level security for the private keys with high key operation performance in a cloud environment. Hardware security modules are used as the root of trust for these sensitive workloads. To date, end users have been challenged to find an HSM that meets both security requirements such as FIPS 140-2 Level 3 validation, as well as usability requirements such as elasticity and high transactions per second.

Most enterprises can now utilize fully-managed HSMs on the cloud to meet these objectives with lower cost and reduced latency. Some of these end-users also require the additional comfort and reliability of on-premises backups. In addition to disaster recovery, this also ensures enterprises have flexibility in moving between different IaaS providers. The LiquidSecurity solution, by cloning on-premises HSMs to AWS CloudHSM including users and keys, allows enterprises to do just that.

Cavium caters to the changing needs of its enterprise customers, who require secure and authenticated deployments on the cloud, through its high performance FIPS 140-2 validated solution with storage for large number of keys, flexible support for large number of domains, ease of management and migration, and high bandwidth connectivity with SDN features.

“Cavium’s LiquidSecurity HSM family was designed from the ground up for the cloud and is a proven solution to address the performance, cost, multi-domain and feature requirements of this market. We are excited to extend this product family to provide local backup and dynamic restore capability for customers,” said Rajneesh Gaur, Vice President and General Manager at Cavium.

About Cavium
Cavium, Inc. (NASDAQ: CAVM), offers a broad portfolio of infrastructure solutions for compute, security, storage, switching, connectivity and baseband processing. Cavium provides solutions across low to high performance points enabling secure and intelligent functionality in Enterprise, Data Center and Service Provider Equipment. Cavium processors and solutions are supported by an extensive ecosystem of operating systems, tools, application stacks, hardware reference-designs and other products. Cavium is headquartered in San Jose, CA with design centers in California, Massachusetts, India, Israel, China and Taiwan. For further information, please visit the investor relations section of the Cavium web site at

Cavium, Inc.
P: +1-408-943-7100

Cavium, Inc.
2315 N.First Street
San Jose, CA
USA, 95131

Source: Cavium, Inc.