manualshive.com logo in svg

Entrust nShield Solo, Руководство по установке

Поделиться
Скачать
Entrust nShield Solo Скачать руководство пользователя страница 25

nShield Solo XC

Server:
enquiry reply flags    none
enquiry reply level    Six
serial number          ############-####
mode                   operational
version                #.#.#
speed index            ###
rec. queue             ##..##
...
module type code       0
product name           nFast server
...
version serial         #
remote server port     ####

Module ##:
enquiry reply flags    none
enquiry reply level    Six
serial number          ############-####
mode                   operational
version                #.#.#
speed index            ###
rec. queue             ##..##
...
module type code       12
product name           #######/#######/#######
...
rec. LongJobs queue    ##
SEE machine type       Power PCELF
supported KML types    DSAp1024s160 DSAp3072s256
hardware status        OK

If the 

mode

 is 

operational

 the module has been installed correctly.

If the 

mode

 is 

initialization

 or 

maintenance

, the module has been installed correctly, but

you must change the mode to 

operational

.See the User Guide for your module and

operating system for more about changing the module mode.

If the output from the 

enquiry

 command says that the module is not found, first restart

your computer, then re-run the 

enquiry

 command.

Under Windows 7 and Windows 2008 R2 and higher versions , ensure

that the power saving features are disabled. See 

Installing the module

for more information. Otherwise, if your system enters Sleep mode, the

nShield Solo module may not be found when running 

enquiry

. If this

happens, you need to reboot your system.

8.1.2. nFast server (hardserver)

Communication can only be established with a module if the nFast server is running. If

the server is not running, the 

enquiry

 utility returns the message:

NFast_App_Connect failed: ServerNotRunning

nShield® Solo and nShield® Solo XC Installation Guide

25 of 49

Содержание nShield Solo

Страница 1: ...nShield Solo and nShield Solo XC Installation Guide 12 80 17 Nov 2021...

Страница 2: ...switches 10 4 2 Module pre installation steps 11 4 3 Fitting a module bracket 11 4 4 Replace Solo XC Fan 12 4 5 Replace Solo XC Battery 13 5 Installing the module 15 5 1 Fitting a smart card reader 15...

Страница 3: ...4 B 2 Components required for particular functionality 35 B 3 nCipherKM JCA JCE cryptographic service provider 36 B 4 SNMP monitoring agent 37 Appendix C Virtualization Remote Server 38 C 1 Virtualiza...

Страница 4: ...See Uninstalling existing software See the User Guide for more about for example Creating and managing a Security World Creating and using keys Card sets The advanced features of an nShield Solo and...

Страница 5: ...he nShield Solo nShield Solo XC and nShield Edge User Guide Entrust strongly recommends that you read the release notes at https nshieldsupport entrust com These notes contain the latest information a...

Страница 6: ...Before installing hardware you must disconnect your computer from the power supply Ensure that a grounded earthed contact remains Perform the installation with care and follow all safety instructions...

Страница 7: ...ronmental conditions Operating range Comments Min Max Ambient operating temperature 10 C 35 C Subject to sufficient air flow Storage temperature 20 C 70 C Operating humidity 10 90 Relative Non condens...

Страница 8: ...t stops operating and displays the SOS T error message on the Status LED see Status indicators 2 6 Physical location considerations Entrust nShield HSMs are certified to NIST FIPS 140 2 Level 2 and 3...

Страница 9: ...use harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the users will be required to correct the inter...

Страница 10: ...mode switch C is deactivated See the User Guide for more information E Remote mode override jumper switch in the off position When set to on remote mode switching is disabled See the User Guide for mo...

Страница 11: ...set to Operational O The default factory setting of the jumper DIP switch E is Off This enables remote MOI switching Factory shipping nShield Solo HSMs loaded with firmware 2 61 2 or greater will supp...

Страница 12: ...ired Tools Phillips screwdriver 0 Phillips screwdriver 2 Small needle nose pliers Required Part Orderable part number SOLOXC REP FAN Replacement fan assembly 1 Power off the system and while taking ES...

Страница 13: ...cable connector into the Solo XC P3 power connector 10 Install the power cable grommet into the slot in the EMI fence with the flat side towards the top of the fence 11 Replace the top EMI cover 12 Re...

Страница 14: ...ce the Solo XC on a flat surface 3 Using the tweezers gently remove the battery from the BT1 connector 4 Observing the polarity install the replacement battery in the BT1 connector 5 Re install the So...

Страница 15: ...erted in the connector The back panel is correctly aligned with the access slot in the chassis 4 Use the bracket screw or fixing clip to secure the module to the computer chassis 5 Check that the two...

Страница 16: ...ement properties of the nShield Solo once the Security World Software is installed See Installing the Security World Software on Windows for more information 6 1 1 2 Install Microsoft security updates...

Страница 17: ...ersions before those shown are no longer supported If you are maintaining older Java versions for legacy reasons and need compatibility with current nShield software please contact Entrust nShield Sup...

Страница 18: ...neratekey Low level utilities Test programs The Core Tools bundle includes the Tcl run time component that installs a run time Tcl installation within the nCipher directories This is used by the tools...

Страница 19: ...te file system it is configured to access From a non attended host machine to an attended host machine when using Remote Operator Remote Administration Service 9005 Incoming connections from Remote Ad...

Страница 20: ...normal Drivers are installed during the installation of the Security World Software 2 Place the Security World Software installation media in the optical disc drive Launch setup msi manually when pro...

Страница 21: ...before installing the module hardware 6 Click Finish to complete the installation 7 The following global variables are set upon install NFAST_CERTDIR NFAST_HOME NFAST_KMDATA NFAST_LOGDIR You may addit...

Страница 22: ...t You must also have appropriate versions of gcc make and your C library s development package The configuration script looks for the kernel headers in the default directory lib modules uname r build...

Страница 23: ...t nfast bin to your PATH system variable If you use the Bourne shell add these lines to your system or personal profile PATH opt nfast bin PATH export PATH If you use the C shell add this line to your...

Страница 24: ...t for Windows opt nfast for Linux If the module is working correctly the enquiry utility returns a message similar to the following nShield Solo Server enquiry reply flags none enquiry reply level Six...

Страница 25: ...e the mode to operational See the User Guide for your module and operating system for more about changing the module mode If the output from the enquiry command says that the module is not found first...

Страница 26: ...d This should be done if for example the security policies of your organization require the physical mode switch to be used to authorize mode changes 8 3 Log message types By default the hardserver wr...

Страница 27: ...3 5 Serious internal error This type of message indicates that the server has detected a serious error in the reply from the module These messages indicate a failure of either the module or the serve...

Страница 28: ...eave the module powered up for at least ten hours to allow the battery to recharge No other nonvolatile data is lost when this occurs See the Solo User Guide for more about resetting the clock The Sol...

Страница 29: ...the module with new firmware The module only goes into Maintenance mode during a software upgrade Flashes SOS the Morse code distress code three short pulses three long pulses three short pulses Afte...

Страница 30: ...se the Mode switch to move between Maintenance Operational and Initialization modes See Mode switch and jumper switches for more information nShield Solo and nShield Solo XC Installation Guide 30 of 4...

Страница 31: ...f you do delete Security World data it cannot be restored unless you have an up to date backup and a quorum of the Administrator Card Set ACS is available The file nCipherKM jar if present is located...

Страница 32: ...ack up your NFAST_HOME directory This preserves your key management data hardserver d and any data customizations When upgrading the Security World restore the backup to preserve your PKCS 11 and Soft...

Страница 33: ...it exists the user ncsnmpd a Open the file etc group with a text editor b Remove the line that begins with the form nfast x n In this line n is an integer c Open the file etc passwd with a text editor...

Страница 34: ...sions command line utility B 1 Security World installation media The following component bundles and additional components are supplied on the Security World installation media B 1 1 Component bundles...

Страница 35: ...ortcuts N A nShield Trusted Verification Device Driver for the Trusted Verification Device TVD included in ctls for Linux raserv nShield Remote Administration Server nShield Remote Administration serv...

Страница 36: ...n options see The appropriate User Guide for your module and operating system The appropriate third party integration guide for your application Integration guides for third party applications are ava...

Страница 37: ...cess of the SNMP agent the agent displays the following message If this is a first time install the product_family SNMP Agent will not run by default Please see the manual for further instructions See...

Страница 38: ...rating system that runs within a virtual machine is referred to as a guest operating system nShield software includes the nShield hardserver applications These applications enable applications running...

Страница 39: ...ce to add ESXi hosts to your vSphere inventory 1 Log on the system as administrator and start at least one ESXi host 2 Install ESXi using the vCenter Simple Install option using the instructions provi...

Страница 40: ...PCI passthrough connection To create the VM guest instance 1 Navigate to File New Virtual Machine in the vSphere Client A wizard will prompt you through each of the settings displayed in the working p...

Страница 41: ...the XenCenter client To remotely manage VM guests and configure PCI passthrough of the nShield Solo XC 1 Enter the XenServer web client IP address 2 Select XenCenter installer The XenCenter software w...

Страница 42: ...ck hide 02 00 0 Newer versions of Citrix XenServer utilize xen pciback hide xx xx x 7 Scroll to the end of the file 8 Run the command pciback hide NG solo card endpoint This command enters the PCI slo...

Страница 43: ...rovides the PCI passthrough capability As part of this process you must create two Dom U guests that communicate through the Vswitch One guest acts as the primary guest and is configured as described...

Страница 44: ...select the virtual network interface 19 Select Finish If the guest VM is configured to have a PCI module via passthrough and the module is not connected to the VM instance the guest VM instance will f...

Страница 45: ...Reboot the system Once rebooted Hyper V will be supported by the Server 2016 instance C 5 1 3 Prepare the server 1 Enable the Input Output Memory Management Unit IOMMU policy on the server This policy...

Страница 46: ...e Security World software Install the Security World software suite into the operating system of the guest VM Once the suite is installed you can initialize the hardserver and then configure the guest...

Страница 47: ...ater if you have a disk Install an operating system from a bootable image file if you have the ISO path 16 Select Next 17 Select Finish C 5 1 7 Configure the VM guest instance on the server 1 Stop and...

Страница 48: ...VM guest instance PS C Get VMAssignableDevice VMName vmName C 5 2 Remove a device from the VM guest instance 1 Remove a device from the VM Run the commands PS C vmName ws2016 PS C Remove VMAssignable...

Страница 49: ...find the locationPath run the command PS C locationPath Get PnpDeviceProperty KeyName DEVPKEY_Device_LocationPaths InstanceId instanceId Data 0 nShield Solo and nShield Solo XC Installation Guide 49 o...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды