manualshive.com logo in svg

Entrust nShield Solo, Installation Manual

Share
Download
Entrust nShield Solo Installation Manual Download Page 7

flow, use a PCIe slot with no neighboring modules if possible. If air flow is limited,

consider fitting extra cooling fans to your computer case.

Failure to provide adequate cooling can result in damage to the module

or the computer into which the module is fitted.

Always handle the module correctly. For more information, see 

Handling modules

.

2.4. Module operational temperature and humidity
specifications

The Solo modules operate within the following environmental conditions.

Solo environmental conditions

Operating range

Comments

Min.

Max.

Ambient operating temperature 10°C

35°C

Subject to sufficient air flow

Storage temperature

-20°C

70°C

-

Operating humidity

10%

90%

Relative. Non-condensing at

35°C

Storage humidity

0

85%

Relative. Non-condensing at

35°C

The Solo XC module operates within the following environmental conditions.

Solo XC environmental

conditions

Operating range

Comments

Min.

Max.

Ambient operating temperature 5°C

55°C

-

Storage temperature

-5°C

60°C

-

Transportation temperature

-40°C

70°C

-

Operating humidity

5%

85%

Relative. Non-condensing at

30°C

Storage humidity

5%

93%

Relative. Non-condensing at

30°C

nShield® Solo and nShield® Solo XC Installation Guide

7 of 49

Summary of Contents for nShield Solo

Page 1: ...nShield Solo and nShield Solo XC Installation Guide 12 80 17 Nov 2021...

Page 2: ...switches 10 4 2 Module pre installation steps 11 4 3 Fitting a module bracket 11 4 4 Replace Solo XC Fan 12 4 5 Replace Solo XC Battery 13 5 Installing the module 15 5 1 Fitting a smart card reader 15...

Page 3: ...4 B 2 Components required for particular functionality 35 B 3 nCipherKM JCA JCE cryptographic service provider 36 B 4 SNMP monitoring agent 37 Appendix C Virtualization Remote Server 38 C 1 Virtualiza...

Page 4: ...See Uninstalling existing software See the User Guide for more about for example Creating and managing a Security World Creating and using keys Card sets The advanced features of an nShield Solo and...

Page 5: ...he nShield Solo nShield Solo XC and nShield Edge User Guide Entrust strongly recommends that you read the release notes at https nshieldsupport entrust com These notes contain the latest information a...

Page 6: ...Before installing hardware you must disconnect your computer from the power supply Ensure that a grounded earthed contact remains Perform the installation with care and follow all safety instructions...

Page 7: ...ronmental conditions Operating range Comments Min Max Ambient operating temperature 10 C 35 C Subject to sufficient air flow Storage temperature 20 C 70 C Operating humidity 10 90 Relative Non condens...

Page 8: ...t stops operating and displays the SOS T error message on the Status LED see Status indicators 2 6 Physical location considerations Entrust nShield HSMs are certified to NIST FIPS 140 2 Level 2 and 3...

Page 9: ...use harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the users will be required to correct the inter...

Page 10: ...mode switch C is deactivated See the User Guide for more information E Remote mode override jumper switch in the off position When set to on remote mode switching is disabled See the User Guide for mo...

Page 11: ...set to Operational O The default factory setting of the jumper DIP switch E is Off This enables remote MOI switching Factory shipping nShield Solo HSMs loaded with firmware 2 61 2 or greater will supp...

Page 12: ...ired Tools Phillips screwdriver 0 Phillips screwdriver 2 Small needle nose pliers Required Part Orderable part number SOLOXC REP FAN Replacement fan assembly 1 Power off the system and while taking ES...

Page 13: ...cable connector into the Solo XC P3 power connector 10 Install the power cable grommet into the slot in the EMI fence with the flat side towards the top of the fence 11 Replace the top EMI cover 12 Re...

Page 14: ...ce the Solo XC on a flat surface 3 Using the tweezers gently remove the battery from the BT1 connector 4 Observing the polarity install the replacement battery in the BT1 connector 5 Re install the So...

Page 15: ...erted in the connector The back panel is correctly aligned with the access slot in the chassis 4 Use the bracket screw or fixing clip to secure the module to the computer chassis 5 Check that the two...

Page 16: ...ement properties of the nShield Solo once the Security World Software is installed See Installing the Security World Software on Windows for more information 6 1 1 2 Install Microsoft security updates...

Page 17: ...ersions before those shown are no longer supported If you are maintaining older Java versions for legacy reasons and need compatibility with current nShield software please contact Entrust nShield Sup...

Page 18: ...neratekey Low level utilities Test programs The Core Tools bundle includes the Tcl run time component that installs a run time Tcl installation within the nCipher directories This is used by the tools...

Page 19: ...te file system it is configured to access From a non attended host machine to an attended host machine when using Remote Operator Remote Administration Service 9005 Incoming connections from Remote Ad...

Page 20: ...normal Drivers are installed during the installation of the Security World Software 2 Place the Security World Software installation media in the optical disc drive Launch setup msi manually when pro...

Page 21: ...before installing the module hardware 6 Click Finish to complete the installation 7 The following global variables are set upon install NFAST_CERTDIR NFAST_HOME NFAST_KMDATA NFAST_LOGDIR You may addit...

Page 22: ...t You must also have appropriate versions of gcc make and your C library s development package The configuration script looks for the kernel headers in the default directory lib modules uname r build...

Page 23: ...t nfast bin to your PATH system variable If you use the Bourne shell add these lines to your system or personal profile PATH opt nfast bin PATH export PATH If you use the C shell add this line to your...

Page 24: ...t for Windows opt nfast for Linux If the module is working correctly the enquiry utility returns a message similar to the following nShield Solo Server enquiry reply flags none enquiry reply level Six...

Page 25: ...e the mode to operational See the User Guide for your module and operating system for more about changing the module mode If the output from the enquiry command says that the module is not found first...

Page 26: ...d This should be done if for example the security policies of your organization require the physical mode switch to be used to authorize mode changes 8 3 Log message types By default the hardserver wr...

Page 27: ...3 5 Serious internal error This type of message indicates that the server has detected a serious error in the reply from the module These messages indicate a failure of either the module or the serve...

Page 28: ...eave the module powered up for at least ten hours to allow the battery to recharge No other nonvolatile data is lost when this occurs See the Solo User Guide for more about resetting the clock The Sol...

Page 29: ...the module with new firmware The module only goes into Maintenance mode during a software upgrade Flashes SOS the Morse code distress code three short pulses three long pulses three short pulses Afte...

Page 30: ...se the Mode switch to move between Maintenance Operational and Initialization modes See Mode switch and jumper switches for more information nShield Solo and nShield Solo XC Installation Guide 30 of 4...

Page 31: ...f you do delete Security World data it cannot be restored unless you have an up to date backup and a quorum of the Administrator Card Set ACS is available The file nCipherKM jar if present is located...

Page 32: ...ack up your NFAST_HOME directory This preserves your key management data hardserver d and any data customizations When upgrading the Security World restore the backup to preserve your PKCS 11 and Soft...

Page 33: ...it exists the user ncsnmpd a Open the file etc group with a text editor b Remove the line that begins with the form nfast x n In this line n is an integer c Open the file etc passwd with a text editor...

Page 34: ...sions command line utility B 1 Security World installation media The following component bundles and additional components are supplied on the Security World installation media B 1 1 Component bundles...

Page 35: ...ortcuts N A nShield Trusted Verification Device Driver for the Trusted Verification Device TVD included in ctls for Linux raserv nShield Remote Administration Server nShield Remote Administration serv...

Page 36: ...n options see The appropriate User Guide for your module and operating system The appropriate third party integration guide for your application Integration guides for third party applications are ava...

Page 37: ...cess of the SNMP agent the agent displays the following message If this is a first time install the product_family SNMP Agent will not run by default Please see the manual for further instructions See...

Page 38: ...rating system that runs within a virtual machine is referred to as a guest operating system nShield software includes the nShield hardserver applications These applications enable applications running...

Page 39: ...ce to add ESXi hosts to your vSphere inventory 1 Log on the system as administrator and start at least one ESXi host 2 Install ESXi using the vCenter Simple Install option using the instructions provi...

Page 40: ...PCI passthrough connection To create the VM guest instance 1 Navigate to File New Virtual Machine in the vSphere Client A wizard will prompt you through each of the settings displayed in the working p...

Page 41: ...the XenCenter client To remotely manage VM guests and configure PCI passthrough of the nShield Solo XC 1 Enter the XenServer web client IP address 2 Select XenCenter installer The XenCenter software w...

Page 42: ...ck hide 02 00 0 Newer versions of Citrix XenServer utilize xen pciback hide xx xx x 7 Scroll to the end of the file 8 Run the command pciback hide NG solo card endpoint This command enters the PCI slo...

Page 43: ...rovides the PCI passthrough capability As part of this process you must create two Dom U guests that communicate through the Vswitch One guest acts as the primary guest and is configured as described...

Page 44: ...select the virtual network interface 19 Select Finish If the guest VM is configured to have a PCI module via passthrough and the module is not connected to the VM instance the guest VM instance will f...

Page 45: ...Reboot the system Once rebooted Hyper V will be supported by the Server 2016 instance C 5 1 3 Prepare the server 1 Enable the Input Output Memory Management Unit IOMMU policy on the server This policy...

Page 46: ...e Security World software Install the Security World software suite into the operating system of the guest VM Once the suite is installed you can initialize the hardserver and then configure the guest...

Page 47: ...ater if you have a disk Install an operating system from a bootable image file if you have the ISO path 16 Select Next 17 Select Finish C 5 1 7 Configure the VM guest instance on the server 1 Stop and...

Page 48: ...VM guest instance PS C Get VMAssignableDevice VMName vmName C 5 2 Remove a device from the VM guest instance 1 Remove a device from the VM Run the commands PS C vmName ws2016 PS C Remove VMAssignable...

Page 49: ...find the locationPath run the command PS C locationPath Get PnpDeviceProperty KeyName DEVPKEY_Device_LocationPaths InstanceId instanceId Data 0 nShield Solo and nShield Solo XC Installation Guide 49 o...

Reviews:

No comments

Brands by name

Popular brands

Load more brands