nCipher Security News Release

Thales Announces Integration of nShield with Citrix NetScaler

Combined solution offers certified, independently validated SSL security and key management

Thales, leader in critical information systems and cybersecurity, announces the integration of its nShield hardware security module (HSM) with Citrix NetScaler, an industry leading Application Delivery Controller (ADC) with TriScale technology, used in application delivery and desktop virtualization in the world’s largest cloud networks.

Business critical applications handling sensitive information require robust security not only for compliance but to protect against targeted external attacks. SSL is the default means of encrypting data on the internet and internal networks. With an increasing proportion of connections managed by NetScaler encryption, Thales nShield HSMs provide an additional layer of security for SSL keys. Thales nShield HSMs ensure that the SSL keys used to secure all critical connections are not only protected, but can be trusted. Citrix NetScaler together with Thales nShield HSMs offers security-conscious customers an additional layer of security for their SSL keys to comply with corporate security requirements and government mandates as they encrypt their network and application traffic.

Marissa Schmidt, director of product management at Citrix says:

“Any device handling SSL-encrypted traffic is a point of risk within a network infrastructure, representing a target for hackers and cyber-criminals. Our customers are therefore demanding solutions that provide high levels of protection for the cryptographic keys that are stored within each device. We are pleased to have integrated Citrix NetScaler with Thales nShield HSMs to solve this problem. Thales is a world leader in critical information systems and cybersecurity and we believe the joint solution will provide great value to our mutual customers.”

Richard Moulds, vice president strategy at Thales eSecurity says:

“As organizations increasingly rely on cryptography as part of their data protection strategy and to protect their application delivery systems, the importance of trusted, well implemented, secure SSL becomes paramount. This is particularly relevant in light of recent high profile vulnerabilities such as Heartbleed, SSL man-in-the-middle and Poodle. The deployment of FIPS-validated hardware is a long proven implementation to avoid such vulnerabilities, increasing the protection of the keys and making them easier to manage. The integration of Thales HSMs with Citrix NetScaler allows Citrix customers to take advantage of best-in-class cryptographic hardware protection and key management, adding a further layer of security and reducing their operational risk.”

Thales nShield HSMs, certified to FIPS 140-2 level 3, provide tamper-resistant cryptographic key generation and management and integrate seamlessly with the Citrix NetScaler application delivery controller. By ensuring the cryptographic keys and certificates are used only for their authorized purposes, operational risk is reduced. The robust key management, storage and redundancy features offered by nShield guarantee availability of critical keys to support increasingly demanding transaction rates.

Supporting resources:

Solution brief: