manualshive.com logo in svg

SafeNet ProtectServer External 2, Installation Manual

The SafeNet ProtectServer External 2 ensures top-of-the-line security for your data with its advanced encryption capabilities. For a seamless setup experience, refer to the Installation Manual available for free download from manualshive.com. Safeguard your sensitive information with confidence using this reliable external hardware security module.

Share
Download
background image

 

Chapter 3

 

 

Implementation overview 

Implementation architecture 

To implement a hardware based cryptographic service provider, essentially three 
elements are required. 

1.

 

One or more hardware security modules (HSMs) for key processing and storage. 

2.

 

High level cryptographic API software. This software uses HSM services when 
providing “cryptographic service provider” functionality to applications. 

3.

 

Access provider software to implement the connection between the cryptographic 
API software and the HSMs. 

Where key processing and storage is to be implemented using a standalone SafeNet 
Protect Server External 2 (PSE2) HSM, the cryptographic service provider will 
operate in network mode. 

In network mode, Network HSM Access Provider software is installed on the same 
machine used to host the cryptographic API software. It is used to implement the 
connection between and the PSE2 and the cryptographic host using a TCP/IP network 
connection. The PSE2 can then be located at any distance from the machine hosting 
the access provider, cryptographic API and application software. 

A network mode implementation of a cryptographic service provider using the PSE2 
is shown in the next figure. 

 

 

 

  

  

  

PC 

– Network Client and Application Host

 

  

Crypto

 

API

 

  

Application

 

 

Network

 

  

Network HSM

 

Access

 

Provider

 

ProtectServer External 2

 

Summary of Contents for ProtectServer External 2

Page 1: ...i ProtectServer External 2 PSE2 Installation Guide...

Page 2: ...FCC compliance only devices also known to comply should be connected to the adapter s serial ports If such devices do not feature their own cables shielded cables must be used Disclaimer SafeNet make...

Page 3: ...United States 800 545 6608 Web www safenet inc com Support and Down loads www safenet inc com support Provides access to the SafeNet Knowledge Base and quick downloads for various products Technical...

Page 4: ...allation procedure 7 To install the hardware 7 Smart Card Reader Installation 7 Chapter 5 Testing and configuration 9 Equipment requirements 9 Procedure overview 9 System testing 11 The PSE_status com...

Page 5: ......

Page 6: ......

Page 7: ...ps are given References to further documentation are cited where needed Chapter 4 describes the installation procedure Chapter 5 deals with testing and network setting configuration A troubleshooting...

Page 8: ...services include encryption decryption signature generation and verification and key management with a tamper resistant and battery backed key storage To implement a cryptographic service provider use...

Page 9: ...liance using the included USB to serial cable HSM serial port pin configuration The serial port on the USB to serial cable uses a standard RS232 male DB9 pinout as illustrated in Figure 2 Figure 2 HSM...

Page 10: ...o destroy any keys currently stored on the HSM When the key is in the horizontal Active position the HSM is in normal operating mode When the key is in the vertical Tamper position the HSM is in the t...

Page 11: ...ted using a standalone SafeNet Protect Server External 2 PSE2 HSM the cryptographic service provider will operate in network mode In network mode Network HSM Access Provider software is installed on t...

Page 12: ...nd configured to support operation in network mode Full details are in the Hardware Security Module Access Provider Install Configuration Guide supplied with the software 5 Install the high level cryp...

Page 13: ...ic API software is installed Connect the PSE2 to the network by inserting standard Ethernet cables into the LAN connectors located on the front of the PSE2 The LAN connectors are autosensing 10 100 10...

Page 14: ...r crypto server for security reasons then connect a PS 2 to USB adapter cable between the card reader and a standalone powered USB hub Again the USB connection is for power only No data transfer occur...

Page 15: ...he RJ45 console port to a terminal emulation device such as a laptop or terminal server Note If you want to access the PSE2 console remotely using the console port you will need a cable If your termin...

Page 16: ...as admin only The default passwords for the root and admin users are as follows User name Default password root password admin password At this time we strongly recommend that you use the passwd comm...

Page 17: ...y displays the current status of the Protect Server External 2 PSE2 It provides the following information the status of the HSM installed in the PSE2 If the unit is functioning correctly a message tha...

Page 18: ...ces to operate as their own name servers If name resolution is required it needs to be provided by a DNS server on the network In order for the PSE2 to use the DNS server you must add an entry for the...

Page 19: ...bles stop etc init d iptables start SSH network access After you have completed the network configuration you can access the PSE2 over the network using the SSH protocol To access the PSE2 using SSH y...

Page 20: ...tories listed above usbflash cdrecorder are just examples The name can vary depending on the device capability and how it is detected Troubleshooting Each Protect Server External 2 is tested during ma...

Page 21: ...isk DOM 10 100 1000 Mbps autosensing Network Interface with RJ45 LAN connector Pre installed Software Linux operating system SafeNet PCI HSM Access Provider software SafeNet HSM Net Server software Po...

Page 22: ...END OF DOCUMENT...

Reviews:

No comments

Related manuals for ProtectServer External 2

Supero SUPERSERVER 6028TP-HTFR User Manual preview
SUPERSERVER 6028TP-HTFR
Brand: Supero Pages: 141
Sun Microsystems Netra T2000 Service Manual preview
Netra T2000
Brand: Sun Microsystems Pages: 138
Artesyn AXP640 Installation And Use Manual preview
AXP640
Brand: Artesyn Pages: 190
Edimax EDIMAX FAST ETHERNET MFP SERVER VERSION: 2.0 User Manual preview
EDIMAX FAST ETHERNET MFP SERVER VERSION: 2.0
Brand: Edimax Pages: 118
IBM @server xSeries 343 Product Manual preview
@server xSeries 343
Brand: IBM Pages: 193
Fujitsu PRIMERGY RX100 S7 Operating Manual preview
PRIMERGY RX100 S7
Brand: Fujitsu Pages: 86
Fujitsu PRIMERGY RX1330 M1 Upgrade And Maintenance Manual preview
PRIMERGY RX1330 M1
Brand: Fujitsu Pages: 312
Fujitsu Primergy RX100 S4 Operating Manual preview
Primergy RX100 S4
Brand: Fujitsu Pages: 85
Fujitsu PRIMERGY RX1330 M1 Operating Manual preview
PRIMERGY RX1330 M1
Brand: Fujitsu Pages: 84
Fujitsu Primergy RX100 S3 Operating Manual preview
Primergy RX100 S3
Brand: Fujitsu Pages: 73
Fujitsu PRIMERGY RX100 S8 Operating Manual preview
PRIMERGY RX100 S8
Brand: Fujitsu Pages: 82
Fujitsu PRIMERGY RX1330 M3 Upgrade And Maintenance Manual preview
PRIMERGY RX1330 M3
Brand: Fujitsu Pages: 342
Fujitsu PRIMERGY RX100 S7 Upgrade And Maintenance Manual preview
PRIMERGY RX100 S7
Brand: Fujitsu Pages: 490
Fujitsu PRIMERGY RX1330 M3 Operating Manual preview
PRIMERGY RX1330 M3
Brand: Fujitsu Pages: 84
Symantec FileStore N8300 Product Description Manual preview
FileStore N8300
Brand: Symantec Pages: 55
Kontron MBx406 User Manual preview
MBx406
Brand: Kontron Pages: 42
KVH Industries UCH-250 Quick Start Manual preview
UCH-250
Brand: KVH Industries Pages: 2
Bull NovaScale T860 F2 Getting Started preview
NovaScale T860 F2
Brand: Bull Pages: 36

Brands by name

Popular brands

Load more brands