Chapter 4: Installing and Configuring a DSM
Deploying a DSM Azure Image
DSM Installation and Configuration Guide
Copyright 2009 - 2020 Thales Group. All rights reserved.
92
8. A message asks "Do you want to re-encrypt the disk now? (yes|no)[no]:". Click
yes
if you plan to use this disk for
anything other than a quick evaluation.
9. Accept the license agreement and then type in a new password when prompted.
10. Navigate to the System menu, type:
0001:dsm$ system
11. Enter the FQDN that you copied to the clipboard to set the hostname, type:
0002:system$ setinfo hostname <
FQDN
>
Example
:
0002:system$ setinfo mycompany.us.thales.com
Generating the CA
After configuring a hostname, you must generate the DSM certificate authority.
1. Generate a certificate authority for the virtual DSM instance, type:
0003:system$ security genca
A warning displays, informing you that all agents and peer node certificates will need to be re-signed after the CA
and server certificate have been regenerated, and the DSM server software will be restarted. Type ‘yes’ to
continue, the default is ‘no’.
2. Enter the FQDN of this DSM. The name displayed in ‘This Security Server host name [FQDN of the DSM]’,
should be correct. Press
Enter
to accept the name, or enter the FQDN that you copied to the clipboard.
3. Enter the information required to generate the certificate. Answer the prompts:
o
What is the name of your organizational unit? []:
o
What is the name of your organization? []:
o
What is the name of your City or Locality? []:
o
What is the name of your State or Province? []:
o
What is your two-letter country code? [US]:
o
What is the validity period of the generated certificate (from 2 to 10 years)? [10]:
o
What is your email address? []:
4. Once the certificate is signed, you can access the virtual DSM through the web-based GUI. Open a browser and
confirm access over HTTPS to the DSM hostname. Example URL:
https://dsm.vormetric.com
If this does not work because, for example, port 443 was blocked by a firewall, specify port 8445. Example URL:
https://dsm.vormetric.com:8445
.
The default user name and password to log on to the DSM the for first time are: admin and admin123. You will be
prompted to reset the password.
Pinging the DSM in Azure
Azure blocks outbound and inbound ICMP (Internet Control Message Protocol), by default, at the Azure load balancer.
This prevents any targeted Ping/ICMP DDoS flood attacks. Therefore, you cannot ping the Azure VMs from outside
Azure.
Internally, you can ping from an Azure VM to another Azure VM that is on the same internal network with the current
DSM version.
