Secure Keys with a Hardware Security Module
A hardware security module (HSM) is a physical device
that manages digital keys. An HSM provides secure storage and generation
of digital keys. It provides both logical and physical protection
of these materials from non-authorized use and potential adversaries.
HSM clients integrated with Palo Alto Networks firewalls and
Panorama enable enhanced security for the private keys used in SSL/TLS
decryption (both SSL forward proxy and SSL inbound inspection).
In addition, you can use the HSM to encrypt master keys.
The following topics describe how to integrate an HSM with your
firewall or Panorama: