SAVYINT PKI in a box vA
Your CA, Your Rules
Validation Authority
Compatible with Web Trust, RFC 2560, 6960, 5019, CA/B forum standards
Savyint PKI in a Box is a solution for deploying Public Key Infrastructure (PKI), packaged in a box hardware device with an accompanying Hardware Security Module (HSM).
Savyint PKI in a Box includes a hardware HSM system and fully integrated software within a single device, designed to meet the needs of building a dedicated internal PKI infrastructure. With Savyint PKI in a Box, organizations and businesses can independently manage the registration, issuance, management, timestamp and revocation of digital certificates internally, without limitations on the number of certificates. It is easy to install and deploy, offering a significantly lower investment cost compared to other PKI solutions. Savyint PKI is the first Certification Authority (CA) authorized to issue SHA-256 digital certificates.
The product is compact, portable, and easy to install, seamlessly integrating with the existing information systems of businesses/organizations. Its flexible feature set can be quickly customized or expanded to meet the specific needs of a business, adapting to its growth and changing requirements over time.
Full compliance with international standards
- Server Appliance with FIPS 140-2 level 3 compliance
- Compliance with ISO 9001:2015, ISO 14001:2015 and ISO 27001:2022
- Data security standards compliance: GDPR, SOC 2 Type II, HIPAA & PCI DSS
- HSM Hardware: FISP 140-2 Level 3, FIPS 140-3 Level 3, CC EAL4+ AVA_VAN.5 or Common Criteria EAL4+ (EN 419 221-5) certified
- Real-time validation with CRL and OCSP
- Adherence to General Data Protection Regulation (GDPR)
- Single deployment of VA Server can handle multiple Certification Authorities, PKI, local or remote Cas. OCSP server can form a cluster of multiple OCSP servers to minimize latency
Benefits
- Optimizes with TSA Cryptographic Software and Hardware (HSM) integrated into a single box, which considerably reduces the cost of the product and the time needed to install it through the PKI Box platform
- Easy and quickly setup TSA with PKI Box system
- Independent and separate, unaffected by third parties
- Easily outsourced for management/operations to a trusted provider
- HSM Hardware inside: FISP 140-2 Level 3, FIPS 140-3 Level 3, CC EAL4+ AVA_VAN.5 or Common Criteria EAL4+ (EN 419 221-5) certified
- User-friendly dashboards for reporting, alerting, logging, and insight
- Simple maintenance and servicing
Features
- Time stamping protocol according to the RFC 3161 and RFC 5816 standard
- Interoperability: Tested with Microsoft Active Directory Services, Digicert One, Primekey EJBCA, and other CAs that publish CRLs to HTTP/HTTPS or LDAP/LDAPS locations
- Easy system administration via HTTPS requiring a digital operator certificate
- VA Server is a high performance, robust and reliable OCSP Validation Authority that complies with the RFC 6960, RFC2560 and RFC 5019 standards
- Supports installation and integration across management models from basic to advanced (High Availability, clustering, DR/DC, Multi DC)
- HSM hardware device inside: eIDAS and Common Criteria EAL4+ certifications, including AVA_VAN.5 and ALC_FLR.2, as well as EN 419 221-5 Protection Profile or FIPS 140-2 Level 3, FIPS 140-3 Level 3
- Support distribution of CA certificates and CRLs model over Certificate Store Access via HTTP
- Compliance with CE, RoHS, FCC