Network hardware security module (HSM) deployment model
The network hardware security module (HSM) deployment model incorporates a network HSM. The HSM performs EMV-CAP authentication and transaction validation–related cryptographic processing. HSM requests are processed over the network from each individual OneSpan Authentication Server instance.
Figure: Network HSM deployment model
Performance
Higher performance is achieved with the use of the third-party load balancer directing authentication requests to two primary OneSpan Authentication Server instances. Database load sharing to dedicated database servers is configured in each OneSpan Authentication Server instance. A dedicated audit database is used for auditing and reporting. Administration is performed via the backup OneSpan Authentication Server instance, thus minimizing the load on the primary servers. The network HSM may serve as a performance-limiting factor during high-traffic periods, depending on the number of servers, the number of HSM devices, and the speed of the network.
Availability
Availability of the system is maximised by allowing the third-party load balancer to handle load balancing and failover between primary OneSpan Authentication Server instances. Additionally, each primary OneSpan Authentication Server instance is configured to fail over to a backup OneSpan Authentication Server instance.
A backup database server is used, and each OneSpan Authentication Server instance is configured to connect to it automatically if the primary database server is not available.
OneSpan Authentication Server
Two primary OneSpan Authentication Server instances, two backup OneSpan Authentication Server instances, and one dedicated OneSpan Authentication Server instance for administration, auditing, and reporting.
Data is stored on dedicated database servers.
Administration
All administrative operations are performed on the administration server.
Long-running operations can be performed with no direct impact on the authentication server performance handling authentication requests (these administrative operations will introduce only a replication impact on the commercial database servers)
The administration scenario could be disabled on both primary servers and backup servers to exclude administrative load. This is done via the Administration Web Interface.
Replication
Commercial replication is enabled between database servers. OneSpan Authentication Server replication is disabled.
Auditing
Auditing data should be written to databases at each site. The data should be imported to the master auditing database at the administration site on a regular basis.
Reporting
.
Deployment steps
To set up the network HSM deployment model
- Install a commercial database on each dedicated database server, and modify the schema as needed.
- Set up replication between the databases.
- Install and configure the HSM.
- Install OneSpan Authentication Serveron each primary and backup server, using the Advanced installation option.
- Configure database load sharing on each OneSpan Authentication Server instance.
- Install a database on the audit server.
- Set up auditing as required.
- Configure reporting as required.
- Make auditing data available for reporting, i.e. schedule to merge the primary server's audit data with the backup server auditing data using the Maintenance Wizard.