StorageTek™ Crypto Key Management System (KMS)
Contents
1.2. Use 132 KMS 2 0 2008 4 Rev A 316030101 Key Transfer Public Key List Refresh
3. KMA 6
4. 251 1 Core Security Backup Core Security Backup Core Security Browse
5. 16 KMS 2 0 2008 4 Rev A 316030101 1 1
6. 1 1 10 KMS 2 0 2008 4 Rev A 316030101 TCP IP KMA TCP IP KMA KMA KMA TCP TP
7. Use Refresh 170 KMS 2 0 2008 4 Rev A 316030101 Reset
8. 180 KMS 2 0 2008 4 Rev A 316030101 nm Key Group ID m Description m Key Policy ID m m lt gt m gt m lt m gt m lt m m m
9. ah FSC Sun Sun Sun Web URL http wwwr sun com worldwide KMS 2 0 2008 4 Rev A 316030101 Key Management System KMS
10. lt 316030101 Rev A 7 241 Data Unit ID Data Unit Description Data Unit Destruction Status Backup ID Created Date
11. H 316030101 Rev A xxvii xxviii KMS 2 0 2008 4 Rev A 316030101 Crypto Key Management System KMS KMS m Key Management Appliance KMA KMA
12. Results in Pade Options OQuery Page Size 1 Data Unit ID External Unique ID KMS LTO 4 Ne ANSI VOLSER Sun
13. KMA NTP KMA 5 5 5
14. Berkeley BSD UNIX ORG L KL Ryumin Light BBB GothicBBB Medium HG L HG B 1 W3
15. 1 KMS 2 NIST RN Protect and ON 6 KMS 2 0 2008 4 Rev A 316030101 Process only
16. Destroyed Compromised 8 KMS 2 0 2008 4 Rev A 316030101 KMS E KMS i ID 1 m m KMS Manager GUI QuickStart KMS m
17. StorageTek 6 StorageTek StorageTek 7
18. KMA 2 KMA KMA KMA 316030101 Rev A 5 149 Core Security Core Security Core Security
19. Results in Pade ast page 1 Options Query Page Size Key Group ID 1 64 ID Description 1 64 Key Policy ID
20. m Public Key ID m Created Date m Public Key lt gt gt lt gt lt o
21. OPEN LOOK Sun Graphical User Interface Sun Microsystems Sun Microsystems 3 Xerox Sun Microsystems Xerox Xerox Graphical User Interface Sun Mi U S Government Rights Commercial use Government users are subject to the Sun Microsystems Inc standard license agreement and applicable provisions of the FAR and its supplements EN
22. 1 please enter your choice 4 Enter Primary Administrator Press Ctrl c to abort support account y n y support account y n y Press Enter to continue The Primary Administrator role is currently ENABLED Would you like to DISABLE Primary Administrator privileges for the Are you sure that you want to DISABLI Primary Administrator configuration changes have been completed E these privileges for the 2 y Enter 3 Are OU sure that you want to DISABLE these privileges for
23. 316030101 Rev A 7 231 Data Unit List Data Unit List Secure InFormakion Management Key Groups Key G
24. 1 pB1ease enter your choice 6 Enter 9 Primary Administrator Press Ctrl c to abort support account y n y support account y n y Press Enter to continue The Primary Administrator role is currently ENABLED Would you like to DISABLE Primary Administrator privileges for the Are you sure that you want to DISABLE these privileges for the Primary Administrator configuration changes have been completed 2 y Enter 1 3 Are OU sure that you want to DISABLE these privileges for he support account y n
25. Deactivated MUSE Compromised ME Incompletely Destroyed 1 Completely Destroyed Compromised and Incompletely Destroyed 1 Compromised and Completely Destroyed
26. OK 5 Save 166 KMS 2 0 2008 4 Rev A 316030101
27. 98 76 94 KMS 2 0 2008 4 Rev A 316030101 User List 1 User List Create Create User Generall 1 iri 2 General User ID 1 64 3 Description 1
28. 14 1 QuickStart GUI Ks E ua 4 lt
29. LAN Wr ey 2 KMS KMS KMS Version 1 x KMS Version 1 x Ethernet 2 m m 29
30. Key Split Quorum Authentication 1 1 13 316030101 Rev A 2 45 QuickStart 46 KMS 2 0 2008 4 Rev A 316030101 CO
31. Cryptoperiod H Allow Export From True False 316030101 Rev A 6 171 Allow Import To True False Create 173
32. 1 1000 20 Display Dates in Local Time Zone UTC KMS Manager ET x The communication timeout option will take effect at the start of the next session 316030101 Rev A 4 System 77 KMS Manager KMS Manager KMS Manager 1 System Exit KMS Manager Windows 2 KMS Manager
33. 316030101 Rev A 5 157 Core Security 3 Key Split Quorum Authenticaion MKey Split uorum Authentication a 1 4 OK KMA 5 Key Split Quorum Authentication KMA 158 KMS 2 0 2008 4 Rev A 316030101 316030101 Rev A Local Configuration Local Configuration Local Configuration mm KMA m
34. Save 1 Key Group List Details Key Group Details 4 Key Group ID Kustomer Records Description valuation Lists NykKeyPo lc y Key Policy ID Key Group ID Description 1 64 Key Policy
35. 178 6 1 316030101 Rev A 6 177 0 1 2 7 6 1 178 KMS2 0 2008 4 Rev A 316030101 Key GrouDS Key Groups Key Group List Secure Information Management Key Palicy List Key Groups ey Group List Angqent Assignment to Key Groul TransFer Partner Assignment tc Agents Agqent List Key Group Assignment to Agen Transfer Partners Transfer Partner List Key Group Assignment to Tra
36. 1 p1ease enter your choice 2 Enter Set User s Passphrase Press Ctrl c to abort Please enter the User Name 2 Enter Passphrases mus be at 1eas 8 charaoters and at mos 64 charactersg in length Passphrases mus not contain the User sg User Name Passphrases must contain characters from 3 of 4 character classes uppercase lowercase numeric other Please enter the desired Passphrase Please re enter the desired Passphrase Press Enter to continue 3 Enter 4 please re enter the desired Passphrase Enter
37. Sun Learning 5ervices FeedbackSystem SLSFS Sum com Sun Learnimg Services Sun Microsystems Inc One StorageTek Drive Louisville CO 80028 3256 USA Crypto Key Management System KMS Administration Guide Version 2 0 Part No 316195101 Revision A g4 Adobe PostScript Rev A 316030101
38. KMA please enter your choice 5 Enter Technical Support Press Ctrl c to abort Please refer to accompanying user documentation for Technical Support contact information The support account is currently DISABLED TMPORTANT Enabling the support account and SSH access is a security risk These should not be left enabled unless required for troubleshooting purposes Ensure that this account is disabled when not required W
39. Allow Import From 3 Public Keys 126 KMS2 0 2008 4 Rev A 316030101 Transfer Partners Create Transfer Partner Public Keys New Public Key ID ID New Public Key New Public Key Fingerprint 4
40. 1 3 2
41. StorageTek lt StorageTek StorageTek
42. 1 Agents Agent List Agent List 2 Agent List Filter Agent ID lt lt Refresh Reset 1 lt lt lt gt Results in page 3 last page AgentID A Description ste Default Key Group Enabled Failed Login Attempts MynAgent agentdesc For MyAgent MyKeyGroup True True yaaent1 aqentdesc Far Myagent MyKeyGroup True n False SO owned Agent aqent Far testing Taranto True False Details Create Delete activity Hstory m Apent ID m Description m Site m Default Key Group m Enabled m Failed Login Attempts m Enrolled
43. Key Management System 3 1 o m PC m E LAN m
44. v 5 8 0 StorageTek StorageTek StorageTek NN
45. 1 1 KMA KMA IP KMA KMA KMS KMA KMA 14 KMS 2 0 2008 4 Rev A 316030101
46. KMS Manager 316030101 Rev A 2 31 QuickStart 1 p1ease enter your ohoice 1 The Key Split credentials are used to wrap splits of the Core Security Key Material which protects Data Unit Keys When Autonomous Unlocking is not enabled a quorum of Key Splits must be entered in order to unlock the KMA and allow access to Data Unit Keys A Key Split credential consisting of a unique User Name and Passphrase is required for each Key Split The Key Split Size is the total number of splits that will be generated This number must be greater than 0 and can be at most 10 Please enter th
47. 148 Confirm Passphrase Enter Passphrase Create Agent Create gent En General Passphrase Agent ID MyAgentZ Description agentdesc For Mya en Site ID 5 Save Agent List 6 Sun VOP Virtual Operator Panel 224 KMS 2 0 2008 4 Rev A 316030101 fews kyeesi ue wwwl ml is
48. Web Sun Web URL http www sun com Sun StorageTekrM URL http wwwr sun com storagetek Customer Resource Center Sun StorageTek Customer Resource Center CRC StorageTek Web CRC HIPER CRC Request Password
49. GUI API NIST OCG KMS 2 KMS KMS KMS 316030101 Rev A KMS Incomplete 1 KMS KMA
50. o knil Use 122 KMS 2 0 2008 4 Rev A 316030101 Transfer Partners Refresh
51. 194 KMS 2 0 2008 4 Rev A 316030101 Key Group 1 MyKeyGroup 316030101 Rev A 6 195 1 Key Group Assignment to Agents Agents Disallowed Key Groups IMove to Customer Recards SO owned Agent 2 Allowed Key Groups 196 KMS 2 0 2008 4 Rev A 316030101 Key Group Assignment to Agents Agents MyAgent MyAgent1 MyAgentZ SO owned Agent 1 2
52. Audit List KMA Secure InFnrmatinn Management System Nanagement Audit Event List Sywstem Time Security Security Parameters Local Configuration LackJUnlack KMA Saftware Lnarade Audit List Audit List 210 Audit Event List Security Parameters Security Parameters List KMA Security Parameters 146 Security Parameters 316030101 Rev A 255 m KMA m KMA
53. 316030101 Rev A VCCI EMI VCCI A This is a Class A product based on the Technical Requirement of the Voluntary Control Council for Interference by Information Technology VCCI In a domestic environment this product may cause radio interference in which case the user may be required to take correctiVe actions R O C BSMI
54. DL 1 Audit Event List Details Audit Event Details Close 214 KMS 2 0 2008 4 Rev A 316030101 Audit Event List IAudit Eyent Dekails 2 Close Audit Event List 316030101 Rev A
55. Details 175 Delete E 176 Du lt 172 KMS 2 0 2008 4 Rev A 316030101 1 Key Policy List Create Create Key Policy create key Poicy Key Policy ID anotherPolicy Description ust atest Encryption Period i es Cryptoperiod 1 ea Flags YAllow Export From YAllow Import To Key Type Es 256 eee 2 Key Policy ID 1 64 Description
56. 1 p1ease enter your choice 4 Enter Reset to Factory Default State Press Ctrl c to abort WARNING All information stored on this KMA will be destroyed Access to all protected data will be lost unless a backup of the KMA data has been created or Cluster Peer KMAs are present Please consult the Administrative Guide before proceeding with this operation The system will be rebooted after performing the reset Zeroize KMA before resetting this process will take approximately 4 hours Y n Are you Sure that you want to rese the KMA to he Factory Default State Type RESET to confirm no Press Enter to continue KMA KMA KMA 2 zeroize KMA before resetting n y y
57. Deactivated KMS KMA 1 N 1 KMS NIST B 4 3 1 KMS
58. 1 Backup List Confirm Destruction Confirm Destruction Do you canrirm that the Fallawinn Backup is destroyed You are certiFying that all copies of he corresponding Backup Key File hawe been manually destroyed Backup ID FDAC7EGZ0DE1491D5SOOOODOOODOOODODOOOND1 Comment cancel 2 3 Yes 252 KMS 2 0 2008 4 Yes
59. NIST 800 57 Originator Usage Period IP 4 0 255 IP 129 80 145 23 RR 4 32 TCP IP KMS
60. Secure InFormatinn Management Key Palicy List Key Groups Key Group List Agent Assignment to Key Grou Transfer Partner Assignment tc Agents agent List Key Group Assignment to Agen Transfer Partners TransFer Partner List Key Group Assignment to Trans Data Lnit List Backup List Import 1 0 Keys Key Groups Agent Assigmment to Key Groups Agent Assignment to Key Groups 316030101 Rev A 6 187 Key Group 1 Myanent1 MyKeyGroup SO owned Agent DE gulE RE GTO GT EiL Key Groups Agents Allowed Access Agents Not Allowed Access 188 KMS 2 0 2008 4 Rev
61. lt gt 1 Refresh Reset lt gt gt Results in Pade Options Ouery Page Size 1 Role ID Description
62. KMS 1 Transfer Partners IImport Keys IImport Keys Please Select a Key Group Please Select a TransFer Partner ba 230 KMS 2 0 2008 4 Rev A 316030101 2 Destination Key Group NA ER NS Sending Transfer Partner Key Transfer File Browse 3 Start
63. 3 StorageTek 3 StorageTek 5 1 0 Y TT vi KMS 2 0 2008 4 Rev A 316030101 EC 000227 2008 2 A E Crypto Key Management System 2 0 316030101 Rev A Vii ii
64. TT StorageTek 3 i NR
65. icrosystems RI 3 0 2
66. Close ksNanoer Ma About KMS Manager X Help System View He Connect Disconnet Secure Information Management Key Policy List Key Groups Key Group List hgent Assignment to Key GI Transfer Partner Assignmer Agents hgent List Key Group Assignment to A Transfer Partners Transfer Partner Lt Key Group Assignment to Tr Import Keys Data Lnit List Backup List Import 1 0 Keys System Management Audit Event List KMA List User List Role List Site List SNMP Manager List Key Transfer Public Key List System Dump System Time Security Security Parameters Core Security i Racbun Carp Car 2 Key Policy List filer ly Policy Resuls In page 1 MyKeyPolicy Details 316030101 Rev A KMS Manager Version Build304 Locale English U 5 Copyright 2008 Sun Microsystems Inc All rights reserved Unpublished rights reserved under the Copyright Laws of the United States SUN PROPRIETARYICONFIDENTIAL L 5 Government Rights Commercial software Government users dfe subject to the Sun Microsystems Inc standard license agreement and applicable provisions of the FAR and its supplements Export From
67. Description Roles Enabled True False Failed Login Attempts Create Details 97 E 95 3 Delete 99
68. T al Use Refresh Use Reset Reset 316030101 Rev A 6 181
69. Recovery Activated NN a KMA i 2 KMA 2 KMA Recovery Activated KMA True False 240 KMS 2 0 2008 4 Rev A 316030101 Backups with Destroyed Keys List
70. Details 108 Delete 109 uh 1 Site List Create Create Site step Description cm 2 Site ID 1 64 Description 1 64 ceate ste Site ID Denwer Descriptian Kolrado Site Save Cancel 3 Save
71. KMA KMA k Site List 316030101 Rev A System ananernert Audit Event List KA List LUser List Role List SNNP Manager List Key Transfer Public Key List System Dump System Time Security Security Parameters Core Security Core Security Public Key Eackup Core Security Key Split Configuration Autonomous Unlock Option Local Configuration 5 103 Site List System Management Site List Site List
72. Description 1 64 Contact Information Enabled True False False Allow Export To True False False
73. 276 KMS 2 0 2008 4 Rev A 316030101 KMA 4 3 Type RESET to confirml RESET Enter KMA Resetting 4 QuickStart 25 OuickStart 316030101 Rev A 10 KMS 277 KMA 278 KMS 2 0 2008 4 Technical Support SSH 88H Sun
74. KMS Ultra 2 0 Encryption Agen ID Web KMS Coordinated Universal Time 0
75. Generated Generated Ready 316030101 Rev A KMS 1 KMA KMA 1 KMS Generated KMA 1 7 Ready 239 Protect and Process Process Only
76. KMS 284 KMS 2 0 2008 4 Rev A 316030101 KMA m m KMA Key Managemen System Version xxx Co1 1 Set Keyboard Layout 0 Logout Please enter your choice 316030101 Rev A 10 KMS 285 KMA KMA KMA
77. Secure InFnrmatinn Mananemert Key Palicy List Key Groups Key Group List Agqent Assignment to Key Groul TransFer Partner Assignment tc Agents Agent List Key Group Assignment to Agen TransFer Partners TransFer Partner List Key Group Assignment to Trans Data Lnit List Eackup List Import 1 0 Keys System Nanagement Audit Event List System Time Security Security Parameters Local Configuration LackJUnlock KA Saftware Lnarade 316030101 Rev A 167 KMS Manager
78. KMA DN KMA E 295
79. m Agent Access Control Management Operations m Agent Client Generated Audits m Agent Management Operations m Appliance Management Operations m Audit Log Agent Operations m Audit Log Management Operations m Audit Log Operations m Backup Management Operations m CA Operations 212 KMS 2 0 2008 4 Rev A 316030101 Audit Event List m Cluster Client Communication m Cluster perations m Communication and Authentication m Console Security Management Operations m Data Unit Agent Operations m Data Unit Management Operations m Discovery Operations nm Key Group Agent Operations nm Key Group Management Operations m Key Policy Management Operations m License Key Management Operations m Local Management Operations m Management Client Generated Audits m Passphrase Agent Operations m Replication Operations m Retrieve Certificate Operations m Role Management operations m SNMP Management Operations m Security Management Operations m Security Parameter Management Operations m Security Violation m Site Management Operations m System IMessages m User Management Operations Retention Term
80. Backup ID FDac7eznB1491D5nnnnnnnnnn0nn1 KMA ID Foac7ezoB1491p050 Created Date Ii2742n07 8 26 49AM Completed Date Ii2742007 8 26 52AM Downloaded Date i2tai2007 8 28 13AM Destroyed Date kk Destruction Status Eee Destructinn Comment mm 2 Backup ID KMA ID KMA Created Date Completed Date 316030101 Rev A 8 249 Downloaded Date Destroyed Date Destruction Status Destruction Comme
81. Create Backup Restore Confirm Destruction 316030101 Rev A 5 139 Backup List Details 140 Restore 142
82. m KMS Manager GUI IP KMA KMS KMS Manager GUI am KMS KMA KMA m KMS KMS 2 0 StorageTek API KMA API Ne Ne v HD 316030101 Rev A 1 KMS KM
83. 1 System Connect Connect to Cluster Cluster Name TP Address IP ET 316030101 Rev A 71 Connect to Cluster Passphrase Cancel Cluster Name lsudbury A New Cluster Profile Member KMAs 129 80 60 163 sudburykma Delete Cluster Profile Refresh KMAs 2 New Cluster Profile Create Cluster Profile Create Cluster Profile x Cluster Name Initial IP Address or Host Name Cancel 3 Cluster Name Initial IP Address or Host Name KMA IP
84. Secure InFormatinn Management Backup List System Nlanagement Audit Eyent List System Time Security Security Parameters Local Configuration LackJUnlock KMA Software Upgrade Backup List Backups List mm mm 316030101 Rev A 247 Backups Backup List Backup List Details 249 Create Backup
85. Enabled True False False KMA Failed Login Attempts Enrolled KMS True False False 222 KMS 2 0 2008 4 Rev A 316030101 1 Agents List Create Create Agent General Create Agent 2 Agent ID
86. KMA UTC KMS Manager PressS PressS Enter to continue Initializing new cluster Enter to continue KMAs in a Cluster must keep their clocks synchronized Specify an NTP server if one is available in your network Otherwise specify the date and time to which the local clock should be set Please enter the NTP Server Hostname or IP Address optional ntp example com New KMS cluster has been created Key Management System Version Build xyz Press KMA initialization complete Enter to exit You may now connect to the KMA via the KMS Manager in order to continue with KMS configuration Key Management System Version Build xyz KMA 1 Please enter your User Name 1 NTP please enter the NTP Server Hostname or IP Address Sptional NTP TP 2 NTP
87. Results in Pade IOptons Query Page Size 1 Key Policy ID 1 64 ID Description 1 64 Key Type AES 256 Encryption Period Cryptoperiod Encryption period Cryptoperiod Encryption Period
88. ase enter Key Sp1it User Name BEnter 9 Enter QuickStart 258 KMA KMS Manager KMS 10 KMS Manager 71 316030101 Rev A 2 39 QuickStart KMS Manager KMA KMA
89. lt gt gt lt gt lt 1 Use Refresh Reset K4 316030101 Rev A 5 83 KMA List Results in Pade Options Ouery Page Size 1
90. KMS Manager hre you sure you want to delete the Key Group Customer Recards Le ow 2 Yes Key Group List 186 KMS 2 0 2008 4 Rev A 316030101 Agent Assignment to Key Groups Agent Assignment to Key Groups Agents Key Group Assignment
91. Confirm Passphrase Enter Passphrase 5 Save User List 96 KMS 2 0 2008 4 Rev A 316030101 User List 1 Users List Details User Details Save User Details Pp dt IZ Eackin orerator JZ Corpliarce Officer Ip TLnT I 5ecurity Officer I Z Enabled 2 General
92. Created Date Public Key Base 64 Public Key Fingerprint Base 64 316030101 Rev A 5 133 Key Transfer Public Key List Key Transfer Public Key Details Details
93. 1 W6 2 ITI TMI lt gt 5 m 148 Confirm Passphrase Enter Passphrase 5 KMA KMA List 86 KMS 2 0 2008 4 Rev A 316030101 KMA List wswmes i ee eesh mesee 1e a ame amp KMAID Description steID Management NetnarkAdiress servce NetncrtAddhess Yaa Create KMA 6 KMA QuickStart KMA 37 316030101 Rev A 5
94. 251 Confirm Destruction 252 248 KMS 2 0 2008 4 Rev A 316030101 Backup Details KMS Manager 1 Backups List Details Backup Details
95. 316030101 Rev A KMS Key Management Appliance YO PIN E KMS KMS 5
96. Destroyed Date Pendind True False Completed Date Downloaded Date 4 Save 242 KMS 2 0 2008 4 Rev A 316030101 1 Data Unit List Destroy Keys 2 Destroy Post Operational
97. lt gt gt lt gt lt 1 Use Refresh Reset 316030101 Rev A 5 111 SNMP Manager List Results in Pade Options OQuery Page Size 1
98. Key Management System KMS 2 0 Imstallation and Service Manual nm Key Management System KMS 2 0 Systems Assurance Guide KMS Sun StorageTek Crypto Key Management System 2 0 0 POLicy POL
99. Long Term Medium Term Short Term Audit Log Entry ID Audit Log ID 316030101 Rev A 6 213 Audit Event List Details 214 Export 215
100. The keyboard 1ayout has been app1ied successfully Press Enter to continue 286 KMS 2 0 2008 4 Rev A 316030101 KMA KMS 1 p1ease enter your choice 0 Enter 2 KMS S 316030101 Rev A 10 KMS 287 KMA 288 KMS 2 0 2008 4 Rev A 316030101 A Advanced Encryption Standard AES AES BOT CA EKT 316030101 Rev A FIPS NIST Advanced Encryption Standard Beginning of Tape CA
101. 3 Enter 4 Enter Enter p1ease enter the qate and time for this KMA Enter 1 KMA QuickStart 258 KMA KMS ger KMS Mana 5 E KMS Manager 1 71 36 KMS 2 0 2008 4 Rev A 316030101 QuickStart KMS Manager KMS
102. StorageTek StorageTek StorageTek StorageTek StorageTek
103. 1 0 EE KMA 294 KMS 2 0 2008 4 Rev A 316030101
104. QuickStart KMA QuickStart Passphrase Cluster Name Member KMAs KMA KMA Member KMAs Refresh KMAs KMA ID KMA IP KMA
105. m KMS Manager KMA 3331 3332 3333 3335 o mm KMA 3331 3332 3334 3335 m KMA KMA 3331 3332 3336 316030101 Rev A 1 11 KMS KMS 1 4 KMS Ni H KMA Key Management Appliance T10000 KMA Key Management Appliancg T10000 1 4 KMS 12 KMS 2 0 2008 4 Rev A 316030101 KMS Manager KMS Manager KMS Manager Microsoft Windows XP Solaris 10 x86 Update 3
106. 1 64 Description 1 64 Site ID 3 Passphrase Create Agent 316030101 Rev A 7 223 4 Enter Passphrase 8 64 8 mm ID m 4 3 LOWbA amp RY SIIIUUM gt m
107. 160 ILock Unlock KMA KMA 164 System Time 244 Software Upgrade 256 KMS 2 0 2008 4 Rev A 316030101 10 KMS KMS KMS KMS KMA KMS KMA ELOM Web 20 Embedded Light Out Manager ELOM
108. KMS Manager 1 2 KMA IP 4 OK Connect to Cluster 72 KMS 2 0 2008 4 Rev A 316030101 Passphrase Cancel Cluster Name ludbry New Cluster Profile Member KAs 129 80 60 163 sudburykma Delete Cluster Profile Refresh KMAs 5 Connect User ID KMA
109. User List 316030101 Rev A 5 99 Role List Role List Role List 1 System Management Role List Role List Help System View Help Connmect Disconneck Secure InFormatinn Mananement Role List Key Palicy List Key Groups Fier role mp lt lt F Agents Transfer Partners Data Unt Let Ue rote weset 1 lt lt lt gt Backup List Import 1 0 Keys Results in page 5 last page System Management Audit Event List RoleID A 1 A
110. KMA KMA 1 Backup List Restore Restore Backup 2 3
111. KMA KMA KMA KMA KMS Manager 251 1 KMA 29 KMA Enter KMA
112. m KMS KMA 1 KMA 258 KMA 316030101 Rev A 1 13 1 1 m 4 m F
113. Complete KMA KMS KMS NIST NIST
114. Enter 4 Enter 316030101 Rev A 2 41 QuickStart 5 please re enter the Security Officer s Passphrase 4 Enter Set Time TnfFormation Press Ctrl c to abort KMAs in a Cluster must keep their clocks synchronized Specify an NTP server if one is available in your network Otherwise specify the date and time to which the local clock should be set Please enter the NTP Server Hostname or IP Address optional The date and time for this KMA must be specified in ISO 8601 format including a time zone Here are some valid ISO 8601 format patterns YYYY MM DDThh mm ssZ YYYY MM DD hh mm ssZ YYYY MM DDThh mm ss 0600 YYYY MM DD hh mm ss 0600 YYYY MM DDThh mm ss 02 00 YYYY MM DD hh mm ss 02 00 Please enter he qate and ime for his KMA 2007 09 17 22 32 53 698Z 2007 09 17 22 33 00 0600 Press En ter to continue The KMA is now ready to be restored Press Enter to continue 6
115. KMA QuickStart 2 21 316030101 Rev A Embedded Light Out Manager ELOM 5 System Monitoring 6 power off Remote Control 7 Remote Power Control 8 Select Action Power On Save KMA KMA 2 2 Sun embedded Lights Out Manager Redirectinn Remote Power Control Hotkey Setup Power Control 9 Remote Controll 10
116. System Management Audit Event List KA List User List Role List Site List SNNMP Manager List Key TransFer Public Key List System Dump System Time Security Security Parameters Core Security Backun Core Security Key Split Configuration Autonomous Unlock Opt Local Configuration LackJUnlock KMA Saftware Lnarade m wm 150 KMS 2 0 2008 4 Rev A 316030101 Core Security Backup Core Security Backup Core Security
117. 5 C1 C1 6 Import Keys 230 Tmport Keys 7 C2 C2 8 Start 316030101 Rev A 5 119 Transfer Partners Transfer Partners KMS Secure InFormakion Management Key Palicy List Key Groups Key Group List Agent
118. C2 C1 C2 3 C2 Transfer Partner List C1 KMS 121 Transfer Partner List 4 Create 125 5 Public Keys C1 ID
119. m LAN 1 KMS KMS 1 1
120. Site List 106 KMS 2 0 2008 4 Rev A 316030101 Site List top o ge Lauisyile another site Sitenumbal This is a site Toronto _Yadais a site 316030101 Rev A 5 107 Site List Save 1 Site List Details Site Details 2 Site ID LaBarge Description Cancel 2 Descripton Save 108 KMS 2 0 2008 4 Rev A 31
121. Message Authentication Code MAC KMS 2 0 SunFire X2100 M2 Solaris 10 Sun StorageTek KMS Key Management Appliance Key Management System 1 KMA KMS KMA KMS KMS KMA Rev A 316030101 NIST OKT PC RR Rijndael RSA S Secure Hash Algorithms
122. Use 220 KMS 2 0 2008 4 Rev A 316030101 Filter KMA m Agent ID m Description m Site m Default Key Group m Enabled m Failed Login Attempts m Enrolled lt gt gt lt gt lt Show Agents in any Key Group
123. Save 3 Cancel 316030101 Rev A 6 175 1 Key Policy List Delete KMS Manager Are you sure you want to delete the Key Palicy MyKeyPalicy Ps ow 2 Yes
124. Create Backup Backun File Name DiIDocuments and Settinnstbn1887531KM5 Backup BackupID DateTime da Brnwse Backup Key File Name DiIDocuments and Settingslbn1887531KM5 Backup Key BackunID DateTime xml Browse ce Browse 2 Start 2 EE 3 Close 4 Backup List 316030101 Rev A 8 251
125. Ultra Tape Drive BOT EE 292 KMS 2 0 2008 4 Rev A 316030101 IP IP API 316030101 Rev A
126. 2 Windows Uninstall Sun KMS Manager Solaris Uninstall_Sun_KMS_Manager 3 Preparing Setup Windows 1 KMS Manager Sun KMS Manager 2 Preparing Setup
127. m Result limit exceeded 10 000 resu1ts returned Use a filter to reduce the filter size 316030101 Rev A 3 KMS Manager 67 KMS Manager KMS 2 m m Windows Preparing Setup 69 KMS Manager 1 Uninstall_Sun KMS Manager KMS Manager
128. KMA IP EA Sn RI KMA IP 1 MS 1 KMA IP 1 p1ease enter your choice 3 Enter 316030101 Rev A 10 KMS 273 KMA Set KMA TP Addresses Press Ctrl c to abort An IP Address configuration must be defined in order for the KMA to communicate with other KMAs Agents or Users in your system Current settings Management Hostname balblair Management TP Address 10 80 41 5 Management Subnet Mask 255 255 254 0 Service Hostname balblairsvc Service IP Address 192 168 5 1 Service Subnet Mask 255 255 255 0 Gateway IP Address 10 80 41 254 DNS TP Address 10 80 0 4 DNS Domaim stortek com Please ener the Management Network Hostname balblair Do you want to use DHCP to confFigure the Management Network interface y
129. Technical Support Press Ctrl c to abort Please refer to accompanying user documentation for Technical Support contact information The support account is currently DISABLED IMPORTANT Enabling the support account and SSH access is a security risk These should not be left enabled unless required for troubleshooting purposes Ensure that this account is disabled when not required Would you like to ENABLE this account y n 2 y Enter 3 Are you sure that you want to commit these changes y nl 3 y Enter Enter
130. 226 220 191 198 196 189 228 223 227 1 293 198 228 223 226 226 227 196 API 293 293 220 CIM xxvi 13 Rev A 316030101 217 293 217 KMA KMS 263 KMA 263 KMS 268 267
131. 3 Save SNMP 114 KMS 2 0 2008 4 Rev A 316030101 SNMP Manager List SNMP SNMP 1 SNMP Manager List SNMP Delete SNMP KMS Manager x Are you sure you want to delete the SNNP Manager SNMMP_1 Yes No 2 Yes SNMP SNMP SNMP Manager List 316030101 Rev A 5 115
132. Use Refresh Use Reset Reset lt 66 KMS 2 0 2008
133. Sun StorageTek Sun 24 365 Customer Resource Center CRC Web URL http wwwr support storagetek com 316030101 Rev A xxv XXVi Sun Microsystems StorageTek Sun Sun Microsystems StorageTek 1 800 872 4786 1 800 USA 4SUN 800 722 4786 http wwwr sun com service contacting solution html 2
134. StorageTek FCC FCC 47 CFR 15 105 This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instruction manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his or her own expense CISPR 22 EN55022 A
135. This is a Class A product Im a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures StorageTek iv KMS 2 0 2008 4 Rev A 316030101 StorageTek StorageTek StorageTek StorageTek EE
136. 2 Set Date Use Refresh Reset K4 lt 138 KMS 2 0 2008 4 Rev A 316030101 Backup List gt Results in Page Options Ouery Page Size
137. StorageTek T10000 A B T9840D HP LTO4 API E o KMS API API 293 1
138. 103 Site List SNMP Manager List SNMP Manager 110 SNMP Manager List System Time KMA 164 System Time Lock Unlock KMA KMA 160 Lock Unlock KMA 316030101 Rev A 7 245 246 KMS 2 0 2008 4 Rev A 316030101
139. 4 E ease enter the Key Sp1it User Name 1 Enter 5 please enter Key Sp1it Passphrase 1 Enter Enter 6 p1ease re enter Key Split Passphrase 1 Enter 7 4 6 KMA 316030101 Rev A 2 33 QuickStart 1
140. Description External Tag Sun ANS VOLSER ANSI VOLSER ANSI VOLSER VOLSER ANSI FS Created Date Imported Exported 316030101 Rev A 7 235 State
141. KMA Name KMA KMA ID KMA Description KMA Site ID KMA Management Network Address KMA IP Service Network Address KMA Version KMA Failed Login Attempts Respondin9g KMA True False Response Time KMA Replication Lag Size Key Pool Ready Enrolled KMA
142. 35 OuickStart 26 R Rijndael 291 Role List 100 RSA 291 S Secure Hash Algorithms SHA 291 Security Parameters 146 148 Security Parameters 146 Shamir 292 Site List 103 SNMP Manager List 110 SNMP KMA 110 115 E 113 114 SNMP 115 SNMP 113 SNMP 114 SNMP 114 Software Upgrade 244 301 Sun Microsystems StorageTek xxVi System Dump 144 295 System Dump 144 System Time 164 System Time 166 System 71 System 71 T T10000 292 292 292 Transfer Partner Assignment to Key Groups
143. SNMP Manadger ID SNMP Description SNMP Network Address SNMP Enabled SNMP User Name SNMP SNMPv3 SNMP Create 113 SNMP ML SNMP Details 114 SNMP
144. KMA You can now use this KMA to create a new Cluster or you Can have this KMA join an existing Cluster You can also restore a backup to this KMA or change the KMA Version Please choose one of the following 1 Create New Cluster 2 Join Existing Cluster 3 Restore Cluster from Backup Please enter your choice 3 Restore Cluster from Backup 40 KMS 2 0 2008 4 Rev A 316030101 QuickStart 2 please enter your choice 3 Initial Restore Cluster From Backup Enter Initial Security Officer User Credentials Press Ctrl c to abort The initial Security Officer User is the first User that can connect to the KMA via the KMS Manager This User can subsequently create additional Users and administer the system Please enter a Security Officer User TD 8O1 A Passphrase is used to authenticate to the KMA when a connection is made via the KMS Manager Passphrases must be at least 8 characters and at most 64 characters in length 3
145. m m m KMA 5 216 KMS 2 0 2008 4 Rev A 316030101 Secure Information Management Key Groups Key Group List Angent Assignment to Key Groul Transfer Partner Assignment tc Agqents Angent List Key Group Assignment to Agen Transfer Partners Transfer Partner List Import Keys Data Lnit List Eackup List System Nanagement Audit Event List KMA List Site List SNMP Manager List System Dump System Time Security Security Parameters Local Configuration LackJUnlock KMA Software Upgrade
146. m User ID m Description m Roles m Flags Enabled m Failed Login Attempts Failed Login Attempts 3 Passphrase m Passphrase m Confirm Passphrase 4 Save 316030101 Rev A 5 97 User List KMA 1 User List De
147. 1 rf 1 E 3 Ss AA a KMS i E KMS
148. 78 KMS 2 0 2008 4 Rev A 316030101 On mm m 316030101 Rev A 79 KMA Secure Information Management Key Policy List EKey Groups Key Group List Agent Assignment to Key GI Transfer Partner Assignmer EE Agents Agent List Key Group Assignment to A TransFer Partn
149. 4 5 8 KEI vV ii nf E
150. 265 264 266 13 61 61 H 243 119 230 294 294 KMS 1 0 208 116 Key Group assignments to Transfer Partners 201 198 191 189 196 186 183 185 177 203 207 204 206 202 180 205 294 191 207
151. Disconn Exit Data Lnit List Backup List Impnrt 1 0 Keys System Nanagement Audit Event List kMA List User List Role List Site List SNMP Manager List Key Transfer Public Key List System Dump System Time Security Local Configuration Exit KMS Manager GUI E 56 KMS 2 0 2008 4 1 Rev A 316030101 View KMS Manager System View Help TiiErI Sys View Refresh F5 Save Report Ctr 5 Select all CHr amp Sort By CtrlTB Key Groups Angqents Transfer Partners i Data Unit List i Backup List Import 1 0 Keys tem Nanagement i Audit Event List KMA List User List Role List Site List 5NMP Manager List Key TransFer Public Key List i System Dump System Time Security Local Configuration a Refresh Save Report m SaVe Report List
152. Press Enter to continue Rev A 316030101 KMA 1 please enter your choice 3 Enter Technical Support Press Ctrl c to abort Please refer to accompanying user documentation for Technical Support contact information The support account is currently ENABLED IMPORTANT Enabling the support account and SSH access is a security risk These should not be left enabled unless required for troubleshooting purposes Ensure that this account is disabled when not required
153. System Management Audit Event List KA List User List Role List Site List SF Manager List Key Transfer Public Key List System Dump System Time 5ecurity Security Parameters Core Security Core Security Public Key Backup Core Security Key Split Configuration Autonomous Unlock Opt Local Configuration LackJLUnlack KA Software Lnarade 5 159 Local Configuration Lock Unlock KMA Lock Unlock KMA KMA KMA 149 KMA KMA 1 Local Configuration Lock Unlock KMA Lock Unlock KMA KMA Unlocked
154. Primary Administrator KMA tL 5 root 1 please enter your choice
155. 206 207 KMS 1 0 208 Audit Event List 210 210 214 215 Data Units 216 216 7 217 xiv KMS 2 0 2008 4 Rev A 316030101 217 Key Groups 218 Key Group List 218 Agent Assignment to Key Groups 218 Transfer Partner Assignment to Key Groups 218 Agent List 219 220 223 226 227 228 Key Group Assignment to Agents 229 Import Keys 230 232 Data Unit List 232 233 237 243 Software Upgrade 244 244 Backup List 245 Audit Event List
156. Windows Web Java ELOM Java 2 1 2 1 Web java OS Java Runtime Environment Java Web Web Start m Microsoft Windows XP Pro JRE 1 5 Internet Explorer 6 0 Java 5 0 Update 7 Mozilla 1 7 5 Mozilla Firefox 1 0 m Red Hat Linux 3 0 4 0 m Mozilla 1 7 5 Mozilla Firefox 1 0 wm Solaris 9 m Mozilla 1 7 5 wm Solaris 10 wm SUSE Linux 9 2 Java Runtime Environment 1 5 http java com ELOM http docs sun com Sun Fire X2100 M2 ht
157. 316030101 Rev A 7 233 Filter KMA Data Unit ID External Unique ID Description External Tag Created Date Imported Exported State lt gt gt lt gt lt Show Data Units in Any Key Group Use Refresh 234 KMS 2 0 2008 4 Rev A 316030101 Reset
158. LackJLnlock KA KA is Unlocked Lack KMA 2 Lock KMA KMA 1 Unlock KMA KMA Lock KMA Unlock KMA KMA 1 160 KMS 2 0 2008 4 Rev A 316030101 Local Configuration KMA KMA 1 Lock Unlock KMA Unlock KMA 2 Key Split Quorum Authenticaion 316030101
159. Use Reset o ES Reset 22 Results in Page ast page 1 Options Query Page Size Transfer Partner ID 1 64
160. 121 Transfer Partners Filter Transfer Partner ID Description Contact Information Enabled Allow Export To Allow hmport From lt gt gt lt gt lt
161. m PassDhrase Confirm Passphrase Save KMA KMA KMA KMA KMA KMA E KMA 1 KMA 1 KMA List KMA KMA Details KMA Details
162. 2 m m 2 KMS 2 0 2008 4 Rev A 316030101 KMS KMA KMA KMA 1 1 1 1 KMA KMA Key Management Appliance T10000 Quickstart ELOM KMA KMA Embedded Lights Out Manager ELOM
163. SNMP Manager List SNMP Manaaer List Filer IsNwp Manaqer ID lt lt ReFresh Reset 1 lt gt gt Results in page 0 last page SNMP Manager ID Description Network Address Enabled Details Create Delete SNMP m SINMP Manager ID m Description sm Network Address m Enabled m User Name 110 KMS 2 0 2008 4 Rev A 316030101 SNMP Manager List SNMP Use Filter KMA SNMP Manager ID Description Network Address Enabled User Name
164. m m m m a 316030101 Rev A 3 KMS Manager 61 KMS Manager GUI KMS Manager GUI 3 m KMS mm KMS m KMS KMS KMS Secure InFormatinn Management Key Palicy List Key Groups Agqents Transfer Partners Data Lnit List Backun List Import 1 0 Keys EE System Nanagement Audit Event List KMA List User List Role List Site List SNNP Manager List Key TransFer Public Key List System Dump i System Time Security Local Configuration 62 KMS 2 0 2008
165. 280 278 282 281 272 146 148 296 KMA 276 296 IOM 14 102 286 287 244 244 244 KMS 13 296 296 60 316030101 Rev A 243 237 237
166. FT AN NIS 4 KMA KMA KMA KMA 2 KMA
167. KMA 140 KMS 2 0 2008 4 Rev A 316030101 Created Date Completed Date 2 Downloaded Date Destroyed Date Destruction Status Backup List Destruction Comment 3 Close 316030101 Rev A 5 141 Backup List
168. 1 p1ease enter your choice 1 Enter Set KeyboarQ Layout Press Ctrl c to abort You may change the keyboard layout here Available keyboard layouts 1 Albanian 2 Belarusian 3 Belgian 4 Bulgarian 5 Croatian 6 Danish 7 Dutch 8 Finnish 9 French 10 German 11 Icelandic 12 Italian 13 Japanese type6 14 Japanese 15 Korean 16 Malta UK 17 Ma1ta_US 18 Norwegian 22 Slovenian 23 Slovakian 24 Spanish 25 Swedish 26 Swiss French 27 Swiss German 28 Taiwanese 29 TurkishQ 30 TurkishF 31 UK English 32 US English The current layout is US English Please enter the number for the keyboard layout fn Press Enter to continue 19 Portuguese 20 Russian 21 Serbia And Montenegro rhe keyboard layout has been applied successfully 2 please enter the keyboard layout US English 3 y Enter BEnter
169. 100 000 1000 1 000 000 Medium Term Retention Audit Log Lifetime 90 7 24 855 Long Term Retention Audit Log Size Limit 1 000 000 1000 1 000 000 Gi 5 Long Term Retention Audit Log Lifetime 730 7 24 855 Login Attempt Lim
170. Details 102 316030101 Rev A 5 101 Role List 1 Role List Role Operations Details H Role Operatons Role Uperations Role ID Description Operations add User Role Adjust System Time Eackup Core Security Create Audit Log Create KMA Create Key Transfer Key Pair Create Key Transfer Partner Create SNMP Manager Create Site Create Liser Delete KA Delete Key TransFer Partner Delete IMTP Server Delete SIMMP Manager Delete Site Delete User Disable Local Terhnical Suppart ConFiquratian Enable Lacal Technical Support Configuration Get Core Security Autonomous Unlock Get
171. KMA 270 QuickStart 37 71 1 295 QuickStart 30 QuickStart 40 75 71 75 71 295 166 149 304 KMS 2 0 2008 4 151 151 77 77 ELOM 20 ELOM 20 13 167 295 167 O gt ak 4 109 106 104 295 109 106 108 108
172. Sun SunWeb PowerPort CRC CRC URL http wwwr support storagetek com xxiv KMS 2 0 2008 4 Rev A 316030101 StorageTek Partners StorageTek Web StorageTek Partners Login Partners Loginm Sun ID StorageTek Sun
173. 1 1 KMA IKMA 316030101 Rev A 1 15 1 1
174. 268 KMS 2 0 2008 4 Rev A 316030101 KMA m KMA m m KMA IP m KMA m m m m KMA Key Management System Version xxx KMA1 Please enter You User TD SO Please enter your Passphrase Key Management System Version xxx SO on KMA1 Log KMA into Cluster Set User s Passphrase Set KMA IP Addresses Reset to Factory Default State Technical Support Primary Administrator Set Keyboard Layout Logout ON UU rR wD Please enter your choice 316030101 Rev A 10 KMS 269 KMA
175. 297 251 140 249 252 137 248 SS 297 Adjust System Time 166 Agent Assignment to Key Groups 187 Agent List 219 Audit Event List 210 Autonomous Unlock 157 Backup List 136 247 Core Security Management 150 Data Unit List 232 Help 58 Tmport Keys 230 Key Group Assignment to Agents 193 Key Group Assignment to Transfer Partmers 200 Key Group List 179 Key Groups 179 218 Key Policy List 168 Key Split Configuration 153 Key Transfer Public Key List 131 KMA List 81 Local Configuration 159 Lock Unlock KMA 160 Role List 100 Security Parameters 146 Site List 103 SNMP Manager List 110 Software Upgrade 244 System 56 71 306 KMS 2 0 2008 4 System Dump 144 System Time 164 Transfer Partner Assignment to Key Groups 204 Transfer Partners 120 Transfer Partners List 121 User List 91
176. KMA 4 System 75 KMA 1 System Change Passphrase Change Passphrase Chanqe Passphrase Old Passphrase New Passphrase Confirm New Passphrase Cancel 2 OK Old Passphrase New Passphrase Confirm New P
177. Welcome to QuickStart 26 KMS 2 0 2008 4 Rev A 316030101 QuickStart IP 1 press Enter to continue Enter A static TP Address configuration mus be set in order for the KMA to communicate with other KMAs Agents or Users in your system Please enter the Management Network Hostname KMSmgr Do you want to use DHCP to configure the Management Network interface y n n Please enter the Management Network IP Address 129 80 123 32 Please enter the Management Network Subnet Mask 255 255 254 0 Please enter the Service Network Hostname SDP Do you want to use DHCP to configure the Service Network interface y n n Please enter the Service Network IP Address 172 18 18 1 Please enter the Service Network Subnet Mask 255 255 254 0 Please enter the Gateway IP Address optional but necessary if this KMA is to communicate with an entity on a different IP Subnet 129 80 123 254 Please enter the Primary DNS Server IP Address optional 129 80 0 4 Please enter the DNS Domain my customer com Applying network settings Done The Network Configuration has been updated Press Enter to conti
178. 68 KMS 2 0 2008 4 Rev A 316030101 KMS uninstall Uninstall Sun KMS Manager I x Uninstall Sun KMS Manager iri bnut tn uninstall Sun KMS Manager version 2 0 4 284 This will rermowve all features installed lt will not rermave files and folders created after the installation InstallAnywwhere by Nacrovision 1 Next Cancel Windows Solaris 2 Uninstall Complete Hinish Windows Solaris 3160
179. 1 Transfer Partners Allowed Key Groups Move from Key Group Assignment to TransFer Partners Transfer Partners Allowed Key Groups Disallowed Key Groups Key Group 1 MyKeyGroup mytp 2 Disallowed Key Groups 316030101 Rev A 6 203 Transfer Partner Assignment to Key Groups Transfer Partner Assignment to Key Groups Secure Information Management Key Policy List Key Groups Key Group List Agqent Assignment to Key Groul Transfer Partner Assignment tc Agents Agent List Key Group Assignment to Agen Transfer Partners Transfer Partner List Key Group Assignmen
180. INo Rev A 316030101 m m m KMA 210 Audit Event List KMA 164 System Time KMA 160 Lock Unlock KMA 316030101 Rev A 8 253 254 KMS 2 0 2008 4 Rev A 316030101
181. KMA True False 84 KMS 2 0 2008 4 Rev A 316030101 KMA List KMA Create 85 KMA KMA KMA Details 88 KMA KMA Delete E 90 KMA 3 KMA KMA 1 KMA List Create Create KMA General Create KMA x General Passphrase kMA Name Description Site ID lpease Select a Site 2
182. Key Policy List 176 KMS 2 0 2008 4 Rev A 316030101 A 1
183. Use Reset o ES Reset Results in Page ast page 1 Options Query Page Size Public Key ID 1 64
184. Created Date Operation Severity Condition Entity ID Entity Network Address KMA Name Class Retention Term Audit Log ID m m 1 Set Date 2 Set Date 316030101 Rev A 6 211 Audit Event List 3 m DontShow Short Term m Show All Retentio
185. Key Transfer Public Key Details xi 134 KMS 2 0 2008 4 Rev A 316030101 Key Transfer Public Key List Create 9CE46A4BB276A9FB4A22A5AC51A22627 1 7 2008 10 44 16 AM 02010190E4D77B563DB8B5A7F856BB38FOA69E941D535 rare tease goofy ro 9CE46A4BB276A9FB6AE492172EA4C999 17J2n08 10 32 14 AM 02010183D788368911AE2E18D965152CE3120E39325EC equal gallop vinyl 316030101 Rev A 5 135 Backup List Backup List Backup List
186. 1 Enabhing Key Token KMS Version 1 x H Ho 289 F FIPS Federal Information Processions Standards GUI H Hash Messadge Authentication Code HMAC K Key Management Appliance KMA Key Management System KMS KMA KMS KMS 290 KMS 2 0 2008 4 National Institute of Standards and Technology NIST m Computer Security Division and Resource Center CSRC m Federal Information Processing Standards FIPS E URL ttp wwwrnist gov Fa Graphical User Interface HMAC keyed Hash Message Authentication Code
187. Enter n 8 y 10 8 p1ease enter the Servtoce Network TP Aqqress IP Enter 9 p1ease enter the Service Network Subnet Mask 255 255 255 0 Enter 10 please enter the Gateway TP Address optional but necessary if this KMA is to communicate with an entity on a different IP Subnet IP Enter KMA 11 p1ease enter the Primary DNS Server TP Address optiona1 DNS IP Enter 12 please ente
188. Use 316030101 Rev A 6 169 Filter KMA Key Policy ID Description Key Type Encryption Period Cryptoperiod Allow Export From Allow Import To lt gt gt lt gt lt
189. Would you like to DISABLE this account Y n 2 y Enter 3 Are you Sure that you wan to commit chese changes Y n 4 y Enter SSH 316030101 Rev A 10 KMS 265 KMA Primary Administrator KMA tL NN
190. General KMA Name KMA 1 64 Description KMA 1 64 Site ID KMA 3 Passphrase 316030101 Rev A 5 85 KMA List Create KMA x General Passphrase Enter Passphrase Confirm Passphrase 7E Cancel 4 Save Enter Passphrase 8 64 8 wm KMA m 4 3
191. KMA Reset KMA 0 KMA KMA KMA KMA QuickStart 2 KMA KMA 1 KMA List KMA Delete KMA KMS Manager x hre you sure you want to delete the KMA stkkms
192. 316030101 Rev A 297 64 PC LAN 298 KMS 2 0 2008 4 Rev A 316030101 A Advanced Encryption Standard AES 289 AES 289 Agent Assignment to Key Groups 187 Audit Event List 210 Audit List 219 Autonomous Unlock Option 157 B Backup Core Security 151 Backup List 136 247 C Core Security 3 150 Customer Resource Center CRC xxiv D Data Unit List 232 E EKT 289 ELOM Bmbedded Lights Out Manager Embedded Lights Out Manager BLOM ELOM 20 21 F FIPS Federal Inmformation Processions Standards
193. 4 244 KMS 2 0 2008 4 Rev A 316030101 5 Activate Backup List 247 Backup List Audit Event List 210 Audit Event List KMA List KMA 81 KMA List Site List
194. C1 C2 KMS 316030101 Rev A 5 117 6 Save KMS C1 C2 KMS C2 7 C2 KMS
195. 22 KMA Management System Version Xxxx KMA initialization complete You may now connect to the KMA via the KMS Manager in order to continue with KMS configuration Press Enter to exit 9 Enter QuickStart 10 KMS Manager Backup List Backup List Restore KMA KMS Manager _ xl System View Help aniErE Help Secure Information Management Backup List Key Policy List Key Group List Agent Assignment Aqents se Refresh reset i lt lt Agent List Key Group Assignment Results in page 2 last page Transfer Partners 0 ssdaptD A kwap cesedpas pesweyedpse Dastruction cammer Backup List 66D93A44D6FFDFB3UUUUHUUHUUUUOUH1 66D93A44D6FFDFB3 2007 09 09 20 49 33 PENDING 66D93A44D6FFDFB3UUUHUUOUHOUOOUO2 66D93A44D6FFDFB3 2007 09 09 20 51 12 PENDING System Management Dekails Create Backup Restore Confim Destructian 2007 09 24 09 11 23 Retrieve Se
196. Audit Event List Audit Fier created Date lt lt Set Date to part Show Short Term lt Refresh Reset lt sepae Results in page 20 EEnrWT 1 38 23 PM 1 5i2008 1 38 15 PM 1 5 2008 1 38 09 PM 114 2008 4 44 25 PM 114 2008 4 44 25 PM 114 2008 2 48 39 PM 14J2008 2 48 28 PM 114 2008 2 43 29 PM 114 2008 2 42 56 PM 114 2008 2 42 29 PM 1 4 2008 2 41 35 PM 114 12008 2 41 18 PM 114 2008 2 40 12 PM 114 2008 2 38 52 PM 114 2008 2 38 52 PM 1 4 2008 2 28 03 PM 1 4 2008 2 27 59 PM 1 4 2008 2 27 38 PM 114 2008 2 26 22 PM Details Retrieve Entity Certificate Retrieve Root CA Certificate Retrieve Entity Certificate Retrieve Root CA Certificate Retrieve Entity Certificate Retrieve Root CA Certificate List Key Transfer Public Keys Create Key Transfer Key Pair List Key Transfer Public Keys Create Key Transfer Key Pair List Key Transfer Public Keys List Key Transfer Public Keys Create Key Transfer Key Pair List Key TransFer Public Keys Retrieve Entity CertiFicate Rektrieve Root CA Certificate List Key Transfer Public Keys Create Transfer Partner Create Transfer Partner Retrieve Entity Certificate 210 KMS 2 0 2008 4 EE EE EE EE IEE ccess Success Certificate Serial Number 151C5F81291373FOOO000000 6 SUccess Success 3 Error Invalid Challenge response
197. Key Split Number 10 Threshold Number SpIit User 1 10 316030101 Rev A 5 153 Core Security E 155 Modify Rev A 316030101 154 KMS 2 0 2008 4 Core Security 1 Key Split Configuration Modify Modify Key Split Configurationm Modify Key Split Confiquration lxl Key Split Number k Users Threshold Number E users Please enter your username and passphrase Split User 1 bob Passphrase Confirm Passphrase Split User 2Z hewhat Passphrase Confirm Passphrase EE Split User 3 a
198. NTP please enter the NTP Server Hostname or TP Address optional NTP TP 7 NTP Enter please enter the date and time for this KMA Enter KMA 42 KMS 2 0 2008 4 Rev A 316030101 QuickStart 8 Enter
199. Transfer Partners Allowed Access Move to Transfer Partner Assignment to Key Groups Key Groups Transfer Partners Allowed Access Transfer Partners Not Allowed Access Key Group 1 MykKeyGroup mytp 2 Transfer Partners Allowed Access 206 KMS 2 0 2008 4 Rev A 316030101 1 Key Groups Transfer Partners Allowed Access Move from TransFer Partner Assignment to Key Groups Key Graups TransFer Partners Allowed Access TransFer Partners Not Allowed Access mytp Key Group 1 MyKeyGroup 2 Transfer Partners Not All
200. Allowed Key Groups 1 Agents 6 197 1 Key Group Assignment to Agents Agents Allowed Key Groups Move from MyAgent1 Myagent2 SO owned Agent 2 Allowed Key Groups Non member of Info Groups 198 KMS 2 0 2008 4 Rev A 316030101 Key Group 1 MykKeyGroup DE TaUILKEy GTOUI 316030101 Rev A 6 199
201. Rev A 316030101 KMS KMS C1 1 KMS C2 2 KMS C1 1 C1 Key Transfer Public Key List 131 Key Transfer Public Key List 134 2 ID amp C2
202. Compromised Date 3 E Compromised Comment Key State E H
203. cd sh install bin Introduction wsmesvanacer na Introduction ig Yau will be quided ynu through the installatinn of Sun KMS Manager version 2 0 4 284 lt Click the Next button to proceed to the next screen If you want to change sormething on a previous screen click the Previous button You may cancel this installation at any tirme by clicking he Cancel button InstallAnywhere by Macrovision Cancel RTEyj IIg 3 Next 48 KMS 2 0 2008 4 Rev A 316030101 4 Choose Install Folder me 5 Choose Install Folder Introduetan Where Would You Like to Install gt Choosensa NE ciiProgram Files Sun Sun KMS Manager MA Restare Default Fnlder Choose n ET InstallAnwwhere hy Macrovision Cancgl Prewinus 5 Next Next 316030101 Rev A 3
204. 1 64 Encryption Period Cryptoperiod 316030101 Rev A 6 173 Flags Allow Export From True False Allow Import To
205. ELOM ELOM 3 1 1 ELOM ELOM IP 8 BLOM 316030101 Rev A 1 3 KMS 1 2 QuickStart KMA QuickStart KMS Manager GUI
206. You can now use this KMA to oreate a new Cluster or You Can have this KMA join an existing Cluster You can also res ore a backup to this KMA or change the KMA Version Please choose one of the following 1 Create New Cluster 2 Joimn Existing Cluster 3 Restore Cluster from Backup Please enter your choice 1 Create New Cluster 2 1 2 3 Enter 1 31 2 37 3 40 30 KMS 2 0 2008 4 Rev A 316030101 QuickStart EE ID ID 1
207. 1 a 1 3 E 1 G Gii
208. 280 278 282 E 281 272 284 257 286 287 261 KMS 268 284 287 KMS 257 KMS 71 KMS Key Management System S 1 1 F L Local Configuration 159 Lock Unlock KMA 160 N NIST 291 O OKT 291 316030101 Rev A PC 291 Q QuickStart IP 27 KMA 36 KMA 29 26 31 37 30 40 25 i
209. m No Key m Readablee m Normal Protect and Process 8 1 m Needs ReKey Protect and Process 1 Protect and Process
210. 2 KMA IP KIMA KMA KMA KMA A KMA B TP B B KMA A TP TP
211. 316030101 Rev A 5 151 Core Security HKMS Core Security Backup 2007 12 21 12 04 53 xml 2 Start 3 Close 4 Backup Core Security 152 KMS 2 0 2008 4 Rev A 316030101 Core Security Key Split Configuration Key Split Configuration KMA 1 Core Security Key Split Configuration Key Split Configuration Spier 5plillser7 5nllb UET 5 SIs she Spe nl UISET 5nli UsET Hr
212. 1 3 800 57 1 3 lr 2 NIST 316030101 Rev A KMS KMS I 1 3 KMS KMS Manager KMS KMS Generated
213. 160 MA 161 MA SNMP 110 300 KMS 2 0 2008 4 KMA KMA KMA KMA KMA KMA KMA KMA KMA KMA KMA KMA KMA KMA KMA KMA KMS QOuickStart 29 KMS 263 90 85 OuickStart 36 276 KMS 276 88 88 QuickStart 29 263 6 82 160 160 89 Key Management Appliance 1 0 208 KMS Manager GUI Help 58 System 56 View 57 55 60 60 1 60 GUI 62 KMS
214. 87 KMA List KMA KMA Save KMA 1 KMA List KMA Details KMA Details KMA KMA Details lxl General Passphrase ka ID KMA Name Description Site ID Management Network Address Service Network Address Wersion Failed Login Attempts Responding Response Time Replication Lag Size Ready Keys Generated Kewys Key Pool Ready Enrolled Fpac7eznB1491p050 sudburykma h milliseconds 2 Generall m Description 88 KMS 2 0 2008 4 Rev A 316030101 Site ID KMA List Passphrase
215. ID Create 183 Details 185 Delete 186 182 KMS 2 0 2008 4 Rev A 316030101 1 Key Group List Create Create Key Group Create Key Group Key Group ID Description Key Palicy ID Fiea
216. SNMP NTP 316030101 Rev A 1 17 Key Management Appliance Key Management Appliance KMS KMS 2 0 Imstallation and Service Manual 18 KMS 2 0 2008 4 Rev A 316030101 m Embedded Lights Out Manager ELOM ELOM m QuickStart
217. ELOM KMA 316030101 Rev A 10 KMS 263 KMA 264 KMS 2 0 2008 4 Technical Support SSH SSH Sun KMA p1ease enter your choice 3 Enter
218. KMA KMA 1 KMS Manager 2 KMA 3 KMA List 4 KMA KMA 1 p1ease enter your choice 1 Enter Log KMA into Cluster Press Ctrl c to abort Please enter the Management Network IP Address of an existing KMA in the cluster The KMA Passphrase is a Passphrase that you have previously configured for this KMA to join a Cluster Please enter this KMA s Passphrase 2 KMA 129 80 60 172
219. 1 2 C1 8 3 6 C2 C1 C1 1 IT 9 C1 C2 201 C2 10 C2 C1 201 11 12 1 Move to 202 118 KMS 2 0 2008 4 Rev A 316030101
220. 273 KMA 276 278 280 281 282 283 284 KMS 2 0 2008 4 Rev A 316030101 285 286 287 289 299 316030101 Rev A xvii xviii KMS 2 0 2008 4 Rev A 316030101 1 1 KMA 3 1 2 4 1 3 5 1 4 KMS 12 2 1 Embedded Lights Out Manager 21 2 2 22 6 1 178 316030101 Rev A XIX xx KMS 2 0 2008 4 Rev A 316030101 1 1 14 2 1 Web Java 20 316030101 Rev A XXi xxii KMS 2 0 2008 4 Rev A 316030101 Su
221. Data Unit Details I Il General Key List Backups with Destroyed Keys List Data Unit ID FDAC7620B1491D506DC3C3IB2ZE2Z86ADOF Data Unit Description Description For Data Unit test 1 modified Backup List er _use Refresh reset 1 lt lt lt gt gt Results in page 2 last page CreatedDate YY Destrayed Date Pending Completed Date Dawnloadk FDAC7620B1491D5UUUHHUUHHUUUUOO02 12 4 2007 8 30 18 AM 12 4 2007 8 30 22 AM 12 4 2007 FDAC76Z0B1491DSOO0000OOOOOOOOODL 12 4 2007 8 26 49 AM 12 4 2007 8 26 52 AM 12 4 2007 4 Detalls Save Repot Completely Destroyed Data Unit Details Backups with Destroyed Keys List
222. Generall Passphrase m PassDhrase Confirm Passphrase Save KMA KMA KMA KMA 316030101 Rev A 5 89 KMA List KMA KMA Shutdown KMA KMA KMA KMA ma KMA i
223. KMS C1 1 KMS C2 2 KMS C2 C1 C2 1 Data Unit List 233 2 C2 C1 1 3 Export Keys 4 Start C1
224. p Passphrase SNMP 316030101 Rev A 5 113 SNMP Manager List Confirm Passphrase Passphrase 3 Save SNMP SNMP SNMP 1 SNMP Manager List SNMP Details SNMP Manager Details SNMP Manager ID SNMP_1 Description Network Address 129 80 60 160 Flags Enahled User Name CB Passphrase Confirm Passphrase ce 2
225. 71 System 71 61 75 71 77 78 65 64 62 63 KMS KMS KMS KMS KMS 13 76 Manager 54 Manager 54 Manager 78 290 Rev A 316030101 259 KMA 263 KMA 263 267 265 264 266 268 261 261 257 260 KMA IP 273 KMA 270 KMA 276 283
226. 108 104 xxv A i S 164 164 144 266 282 KMS 266 282 KMS 281 xxv KMS 6 60 295 QuickStart 34 xxvii 295 35 2 Rev A 316030101 QuickStart 35 13 79 296 80 KMAIP 273 KMA 270 KMA 276 283
227. KMA KMA DN I E
228. KMA Disconnect from KMA KMA KMS Ctrl X Ctrl C Ctrl V Ctrl S Alt 60 KMS 2 0 2008 4 Rev A 316030101 KMS
229. 3 KMA Enter This command requires authorization by a quorum of Key Split Users Enter sufficient Key Split credentials to form a quorum Enter a blank name to finish Press Ctrl c to abort Please enter Key Split User Name 1 Please enter Key Split Passphrase 1 Press Enter to continue 9 4 KMS Manager KMA QuickStart 155 270 KMS 2 0 2008 4 Rev A 316030101 KMA 2 5 Enter This command requires authorization by a qu
230. DD Please enter your Cho1Ce KMA Key Managemen System Version xxx Co1 1 Set KeyboarQ Layout 0 Logout Please enter your Cho1Ce 316030101 Rev A 10 KMS 261 KMA m KMA m KMA m m m m KMA Key Management System Version xxx KMA1 Please enter your User TD OP Please enter your Passphrase Key Management System Version xxx OP on KMA1 1 Reboot KMA
231. True False 3 Save Key Policy List weteen eeee ie 174 KMS 2 0 2008 4 Rev A 316030101 1 Key Policy List Details Key Policy Details keyroyoctol Key Palicy ID IMykeyolcy Description Encryption Period hh ee lt Cryptoperiod ee Flags Allow Expart From Allow Impart Ta Key Type Es 256 cancel 2 Description Allow Export From Allow Import To
232. Redirection 11 Launch Redirection 22 KMS 2 0 2008 4 Rev A 316030101 Embedded Light Out Manager ELOM 5eryer Management Windows Internet Explorer proyided by Sun Microsystems tificate x ive Search p Be Te Sun embedded Lights Out Manaqger Redirection Remote Power Control Hotkey Setup Launch Redirection Launch Redirection Manage the host server remotely by redirecting the system console to your local machine FT I Tstedstes 12 Java javaRKVM jnlp 316030101 Rev A 2 23 Embedded Light Out Manager ELOM Sun eLOM Remote Console I x File View Help balblair2 central sun com video Quality Hot Key Storage Cnntral
233. m mm m Secure Information Management Key Policy List Key Groups Key Group List Agqent Assignment to Key Groups Transfer Partner Assignment to Key Groups Agents Agent List Key Group Assignment to Agents TransFer Partners TransFer Partner List Key Group Assignment to TransFer Partners Import Keys Data Lnit List Backup List Import 1 0 Keys 136 KMS 2 0 2008 4 Rev A 316030101 Backup List Secure Imformation Management Backup List Backup List ssp Es wl el sl as FDAC762nB1491D5UHHHHHHHHHOH OHH2 FDAC762 B1491D5 12 4 2007 8 30 18 AM PENDING m Backup ID m KMA ID m Created Date
234. KMS Manager 1 System Management System Dump tar Z Browse 2 Start 3 tar ZZ System Dump System Dump File Name
235. o KMS NIST 800 57 KMS 2 1 2 m m 2 4 KMS 2 0 2008 4 Rev A 316030101 KMS KMS
236. 190 KMS 2 0 2008 4 Rev A 316030101 1 Key Groups Agents Allowed Access Move from yent1 Key Group 1 SO owned Agent MyKeyGroup ET 2 Agents Allowed Access Agents Not Allowed Access 316030101 Rev A 6 191 Key Group 1 MyAgent1 MyKeyGroup SO owned Agent 192 KMS 2 0 2008 4 Rev A 316030101 Key Group Assignment to Agents Key Group Assigmment to Agents
237. 4 Key Split Quorum Authenticaion OK 2 3 Key Split Quorum Authentication x _ 1 5 Key Split Credentials o 6 151 156 KMS 2 0 2008 4 Rev A 316030101 Core Securit
238. Enter Press Enter to continue Rev A 316030101 KMA KMA IP KMA IP QuickStart 27 IP KMA KMA 1 KMA KMA KMA KMA 1 KMA
239. KMA NS A KMS a KMS KMS KMS Manager KMS KMS QuickStart 316030101 Rev A 257 KMA KMA KMA Sun Microsystems Inc Key Management System Version Xxxx Please enter your User ID 1 Enter 2 please enter your Passphrase
240. Previous 316030101 Rev A 3 KMS Manager 51 Sun KMS Manaqer Installing Sun KMS Manager Intro HTC1 se Install Ftlder chartcet FI Installih Install Cormiete Installing solaris_i386 InstallArnyshere by Macrowision 52 KMS 2 0 2008 4 Rev A 316030101 10 Done Sun KMS Mianaqer x Install Complete Intra Diba Congratulations Sun KMS Manager version 2 0 4 284 has been Chao sensaNeT en successfully installed to Chonseshaneet aN CProgram Files Sunmsun KMS Manader Rre instalfalier S Ua luEicllile pg Press Done to quitthe installer Install GnrWate InstallAnywhere by Macrovision Sance RIEigUIg 316030101 Rev A 3 KMS Manager 53 KMS Manager KMS Manager 2 m Windows Solaris Windows KMS Manager
241. StorageTek StorageTek StorageTek E StorageTek 316030101 Rev A StorageTek 3 StorageTek 4 Storage Technology Corporation
242. 3 Use o E E T al
243. System Management System Time System Time 22li20071082070 EA Current System Time System Time Retrieved At KMA 164 KMS 2 0 2008 4 Rev A 316030101 Adjust Time Local Configuration KMA Aqdjust Time 166 KMA NTP Server KMA NTP Specify NTP Server 1 KMA NTP Sd 316030101 Rev A 5 165 Local Configuration KMA
244. 1 Eress Enter to continue Bmnter When Autonomous Unlocking is DISABLED it is nece UNLOCK the KMA using a quorum of Key Split Creden EACH TIME the KMA starts before normal operation system can continue Agents may NOT register Dat When Autonomous Unlocking is ENABLED the KMA wil automatically enter the UNLOCKED state each time KMA starts allowing it to immediately service Ag with or retrieve Data Unit Keys from a locked KMA Do you wish to enable Autonomous Unlocking y nl l ssary to tials of the a Units 1 the ent requests Y KMS Manager KMA KMS Manager 2 y n Enter 316030101 Rev A 2 35 QuickStart KMA KMA
245. Create Transfer Partner General Create Transfer Partner 2 General Transfer Partner ID Description 1 64 316030101 Rev A 5 125 Transfer Partners Contact Information Flags Enabled Allow Export To
246. H Compromised H Destroyed 1 1 KMS E IST H HH KMS 2 0 KMS
247. KMA 85 KMA KMA KMA 29 KMA KMA KMA KMA 1 KMA 29 KMA Enter KMA KMA You can now use this KMA to oreate a new Cluster or You can have this KMA join an existing Cluster You can also restore a backup to this KMA or change the KMA Version Please choose one of the following 1 Create New Cluster 2 Join Existing Cluster 3 Restore Cluster from Backup Please enter your choice 2 Join Existing Cluster 316030101 Rev A 2
248. 1 KMS 2 316030101 Rev A 1 ID ID ID DP ME 10 ID KMS 2 2
249. Disallowed Key Groups 316030101 Rev A 6 201 1 Transfer Partners Disallowed Key Groups Move to Key Group Assignment to TransFer Partners TransFer Partners Allowed Key Groups Disallowed Key Groups mytp Key Group 1 MyKeyGroup gt 2 Allowed Key Groups 202 KMS 2 0 2008 4 Rev A 316030101
250. O Backup Details KMA 1 Backups List Details Backup Details Backup ID FDac7ezoB1491D5nnnnnnnnnn00n1 KMA ID Foac7ezoB1491p050 Created Date Ii2742n07 8 26 49AM Campleted Date Ii2742007 8 26 52AM Downloaded Date Ii2742007 8 28713AM Destroyed Date eS Destruction Status Penome Destruction Comment gE 2 Backup ID KMA ID
251. Solaris 10 x86 Update 4 KMS Manager KMS Manager m Help mm Tab F1 KMS mm m m ro m
252. System Management Key Transfer Public Key List Key TransFer Public Key List Filer lubickey p lt lt EI Results in page 2 last page Public Key ID Created Date YY 9CE46A4BB276A9FB4A22A5AC51A22627 1 7 2008 10 44 16 AM O2010190E4D77B563DB885A7F856BB38FOA69E941D535 9CE46A4BB276A9FBGAE492172EA4C999 1 7 2008 10 32 14 AM O20D10183D788368911AEZE18D965152CE3S120E39325EC Public Key Fingerprir rare tease goofy roc equal gallop vinyl Details Create m Public Key ID m Created Date m Public Key Use dt 316030101 Rev A 5 131 Key Transfer Public Key List Filter
253. ut uu General Key List Backups with Destroyed Keys List Data Unit ID FDAC7620B1491D5eDC3C3B2E286ADOF O Description Descption for Data Unit test 1 modfied External Unique ID FD8F94EBCC77FAn7E30CDA204C2E2C6EE3835179E4A5B6956F65D54235912DDC External Tag External Tag for Data Unit test 1 modified O Created Date i124l2007 8 30 04 AM State Shredded Flags EXPorted Cancel 2 Description 1 64 External Tag 1 64 3 Save 316030101 Rev A 7 237 General m Data Unit
254. 186 183 185 316030101 Rev A 205 116 185 180 189 206 294 116 117 117 294 117 294 H 135 3 E 134 131 135 H 134 a 8 I g R R R lt ki lt hk lk FR RF RE FR
255. 245 KMA List 245 Site List 245 SNMP Manager List 245 System Time 245 Lock Unlock KMA 245 8 247 247 Backup List 247 248 249 251 316030101 Rev A xv XVi 252 253 9 255 255 Audit List 255 Security Parameters 255 256 10 KMS 257 KMS 257 KMA 258 259 260 261 262 KMA 263 KMA 263 264 265 266 267 268 269 KMA 270 272 KMA IP
256. 316030101 Rev A 217 Key Groups Key Groups Secure InFarmation Nanagement Key Groups Key Group List Agent Assignment to Key Groul Transfer Partner Assignment tc m m m Key Group List Key Group List 179 Key Group List Agent Assignment to Key Groups Agent Assigmment to Key Groups 187Z Agent Assignment to Key Groups Transfer Partner Assignment to Key Groups Transfer P
257. 37 QuickStart AT 2 please enter your choice 2 Join Existing Cluster Press Ctrl c to abort In order to join a Cluster the KMA must contact another KMA which is already in the Cluster Please enter the Management Network IP Address or Host Name of an existing KMA in the cluster 129 80 60 172 Please enter this KMA gs PasSDh aS G Press Enter to continue This command requires authorization by a quorum of Key Split Users Enter sufficient Key Split credentials to form a quorum Enter a blank name to finish Press Ctrl c to abort Please enter Key Split User Name 1 userl Please enter Key Split Passphrase 1 Press Enter to continue Joining cluster KMA has joined the KMS cluster Press Enter to continue Key Management System Version Xxxx KMA initialization complete You may now connect to the KMA via the KMS Manager in order to continue with KMS configuration Press Enter to exit KMA KMA KMS Manager KMA KMA 85
258. Agents List 226 KMS 2 0 2008 4 Rev A 316030101 KMA 1 Agents List Details Agent Details Passphrase General Passphrase Enter Passphrase Confirm Passphrase 2 Save
259. KMS Manager 3 Windows KMS Manager KMS_Manager exe Solaris KMS Manager Windows KMS_ Manager KMS Manager KMS_Manager exe 54 KMS 2 0 2008 4 Rev A 316030101 KMS Manager GUI KMS Manager GUI KMS Manager tl Security Local Configuration 12J21 20 7 6 05 08 AM Connecting 12J21 2007 6 05 08 AM Connected to 129 80 60 163 12J21J2007 6 05 08 AM Retrieve Security Parameters succeeded 12J 21J2007 6 05 09 AM Retrieve Operatinns Far Current User succeeded 12J 21J2007 6 05 09 AM Session inactivity timeout Disabled KMS
260. Transfer Partners 120 Transfer Partner List 121 125 xii KMS 2 0 2008 4 119 114 128 Rev A 316030101 130 Key Transfer Public Key List 131 Key Transfer Public Key List 131 134 135 Backup List 136 137 140 142 System Dump 144 144 Security Parameters 146 146 148 149 Core Security 150 Backup Core Security 151 151 Key Split Configuration 153 153 155 Autonomous Unlock Option 157 Local Configuration 159 Lock Unlock KMA 160 KMA 160 KMA 161 System Time 164
261. Allowed Key Graups Customer Records MyKeyGroup deFault Disallowed Key Groups Key Group 1 lt DeFault Key Graup Key Group Assigmment to Agents Disallowed Key Groups 1 3 Default Key Grounp Key Groups 1 2 Group 316030101 Rev A Agents Allowed Key Group Assigmment to Agents
262. KMA 1 5 KMA 1 System Time Adjust me Adjust System Time Adjust System Time The KA system time can be adjusted nnly once a day by a maximum of 5 minutes pasitiyely or negatively A Positive adjustment will mowe the clock Forward and a negative adjustment will reverse the clock For the specified period lt ave System Time Forward Mowe System Time Backward Offseti n Minutes n Secands Cancel 2 Move System Time Forward Move System Time Backward 3 Offset Minutes 4 Offset Seconds
263. Key Group Assignment to Transfer Partners Key Group Assignment to Transfer Partners Secure Information Management Key Policy List Key Groups Key Group List Agent Assignment to Key Groups TransFer Partner Assignment to Key Groups Agents Agent List Key Group Assignment to Agents Transfer Partners Transfer Partner List Key Group Assignment to TransFer Partners Import Keys Data Unit List Backun List Import 1 0 Keys 200 KMS 2 0 2008 4 Rev A 316030101 Transfer Partners Key Group Assignment to Transfer Partners Key Group Assignment to TransFer Partners TransFer Partners Allowed Key Groups Disallowed Key Groups Key Group 1 mytp hyKeyGroup Allowed Key Groups
264. Public Keys 5 Public Keys New Public Key ID ID New Public Key 316030101 Rev A 5 129 Transfer Partners New Public Key Fingerprint Existing Public Keys 6 Save 1 Transfer Partner List ID
265. Save 316030101 Rev A 5 127 Transfer Partners Transfer Partner Details 1 Transfer Partner List ID Details Transfer Partner Details Transfer Partner Details General Generall Description Contact Information Flags Enabled Allow Export To Allow Import From ENN NN 128 KMS 2 0 2008 4 Rev A 316030101 Transfer Partners Transfer Partner ID 3 Save 4 Public Keys Transfer Partner Details
266. m Enter Passphrase m Confirm Passphrase 3 Agents List 4 Sun KMS Cluster VOP Virtual Operator Panel KMS 316030101 Rev A 7 227 1 Agents List KMS Manager 1 hre you sure you want to delete the Agent MyAgent2 2 Yes Age
267. 4 y Enter 282 KMS 2 0 2008 4 E Rev A 316030101 316030101 Rev A KMA KMA KMA 1 p1ease enter your choice 7 Enter Set KeyboarQ Layout Press Ctrl c to abort You may change the keyboard layout here Available keyboard layouts 1 Albanian 2 Belarusian 3 Belgian 4 Bulgarian 5 Croatian 6 Danish 7 Dutch 8 Finnish 9 French 10 German 11 Icelandic 12 Italian 13 Japanese type6 14 Japanese 15 Korean 16 Malta UK 17 Ma
268. vii ix xix xxi xxiii 1 1 1 KMS 2 KMS 2 2 2 ELOM QuickStart 4 4 5 KMS 6 Pre activation 6 Active 6 Deactivated 7 Compromised 7 316030101 Rev A 3 Destroyed 7 Destroyed Compromised 8 9 9 9 10 TCP IP KMA 11 KMS 12 KMS Manager 13 13 13 14 Key Management Appliance 18 2 19 Embedded Light Out Manager ELOM 20 KMA 20 21 QuickStart 25 QuickStart 26 IP 27 KMA 29
269. Delete KMS Manager x hre you sure you want to delete the Transfer Partner mytp el ow 2 Yes Transfer Partner List 130 KMS 2 0 2008 4 Rev A 316030101 Key Transfer Public Key List Key Transfer Public Key List KMS ID Key Transfer Public Key List
270. ID 6 Restore Backup 7 Backup File Name Backup Wrapping Key F ile Name Core Security Backup File Name 8 Close KMA 316030101 Rev A 5 143 System Dump System Dump System Dump
271. KMS Manager o m Select All m Sort By 316030101 Rev A Select Alll List Tist 3 KMS Manager 57 Help KMS Manager System View Help KM5 Manager Help About KMS Manager Connect Disc ecure Information Managerment Key Policy List Key Groups Agqents Transfer Partners Data Unit List Backun List i Import 1 0 Keys System Management Audit Event List KMA List je Lser List Role List Site List SNMP Manager List Key TransFer Public Key List System Dump System Time Security Local Configuration 58 KMS 2 0 2008 4 Rev A 316030101 Help am KMS Manager Help KMS Manager m About KMS Manager KMS Manager
272. URL http wwwr sun com partners Sun Web Sun Web Sun Sun Sun StorageTek
273. Agent Assignment to Key Groups Secure InFormakion Management Key Groups Key Group List Agqent Assignment to Key Groul TransFer Partner Assignment tc Agqents Agqent List Key Group Assignment to Agern Transfer Partners Transfer Partner List Key Group Assignment to Trans Import Keys Data Lnit List Backup List 1 Agents Key Group Assignment Key Group Assignment to Agents 316030101 Rev A 6 193 MyAgent1 MyAgent2 SO owned Agent DE gulL RE GTOUp Agents Allowed Key Groups Disallowed Key Groups 2
274. MyAgent1 PyAaent2 aqentdesc For MyAgent Louis 5O owned Agent aqentFor testing _Toronto 316030101 Rev A 7 225 1 Agents List Details Agents Details Agent Details i xi aqentdesc For MyaAgent Errallgd Er 2 General m Description m Site ID m Flags Enabled 227 3 Save KMS Manager
275. 164 KMA 166 6 167 167 168 Key Policy List 168 316030101 Rev A xiii 168 173 175 176 177 Key GroupS 179 Key Group List 179 180 183 185 186 Agent Assignment to Key GroupDsS 187 189 191 Key Group Assignment to Agents 193 196 198 Key Group Assignment to Transfer Partners 200 201 202 203 Transfer Partner Assignment to Key Groups 204 205
276. 316030101 Rev A 7 221 Refresh Reset Results in Page Options OQuery Page Size 1 Agent ID Description Site Default Key Group
277. Use Refresh Reset K4 lt 2 User List 1 1 Results in Page Options Query Page Size 316030101 Rev A 1 5 93 User List User ID
278. 1 Backup ID KMA ID KMA Created Date Destroyed Date 9 Ni 4 Nr 7 0 Destruction Status NONE PENDING DESTROYED 1 Im Destruction Comment Details
279. Enter 6 Primary Administrator Press Ctrl c to abort The Primary Administrator role is currently DISABLED WARNTNG Providing the support account with Primary Administrator privileges isa security risk This setting should not be left enabled unless required for troubleshooting purposes Ensure that these privileges are disabled when not required Would you like to ENABLE Primary Administrator privileges for the support account y n y Are you sure that you want to ENABLE these privileges for the support account assuming this security risk y n y Primary Administrator configuration changes have be
280. KMA Sun KMA 251 KMA 1 Local Configuration Software Upgrade Software Upgrade Igaq id DPI 2 Software Upgrade File Name Browse OK Software Upgrade Upload and Apply 3
281. SN KMA 1 KMA KMA KMA 1 KMA 1 Ready KMA Active lt NIST
282. View 57 60 298 99 95 92 99 95 97 97 97 98 98 KMS 72 92 Key Management System 13 289 298 298 166 Key Management System 13 102 100 100 14 Rev A 316030101 Sun Microsystems Inc 4150 Network Circle Santa Clara CA 95054 USA Phone 1 650 960 1300 or 1 800 555 9SUN Web sun com Le SUN microsystems AReENTINA 5411 4317 5636 AUSTRALIA 1 800 550 786 AUSTRIA 43 1 601 26 0 BALKANS 301 6188 111 BElelUM 32 2 704 89 83 BRAZIL 55 11 51872100 BRUNEI 65 216 8333 CANADA 1 800 422 8020 GENERAU 416 9642001 LEARNINe MA
283. 4 Rev A 316030101 m SO m Connected m KMA IP IP KMA KMA KM5 Manager ep 5 5ystem Management audit Event List Test User Backup Operator Compliance Officer Onerator Security te neesh weset lt lt lt _test User Backup Operator Test User Compliance Officer _Test User Operator Backup Operator Compliance Officer Operator Security nancy Auditor wally niqht shift janitor Security Officer 12J21 2007 6 05 08 AM Connected to 129 80 60 163 12 21 2007 6 05 08 AM Retrieve Security Parameters succeeded 12 21 2007 6 05 09 AM Retrie
284. 4 Rev A 316030101 KMS KMS Manager System Management User List User List KMS Manaqer Key Palicy List Key Groups Aqents TransFer Partners IP CC HE oc gt System Management _ _Backup Operator Compliance Officer Operator Security test User Backup Operator True Compliance Officer True Operator True Backup Operator Compliance Officer Operator 5ecurity True Aauditor True True Security Local Configuratior 12J21J2007 6 05 08 AM Retrieve Security Parameters succeeded 12 21 2007 6 05 09 AM Retrieve Operations For Current User succeeded 12 21 2007 6 05 09 AM Session inactivity timeout Disabled 12 21 2007 6 32 33 AM List Key Policies succeeded 12 21 2007 6 39 46 AM List Users succeeded 316030101 Rev A 3 K
285. 71 75 KMA 75 76 77 KMS Manager 78 5 79 80 KMA List 81 KMA 82 316030101 Rev A xi KMA 85 KMA 88 KMA 89 KMA 90 User List 91 92 95 97 98 99 Role List 100 Site List 104 106 109 SNMP Manager List 110 KMA SNMP 110 SNMP 113 SNMP SNMP 115 100 102 103 108 116 116 116 117 117
286. Please re enter the Security Officer Passphrase Enter Enter KMA KMA KMA KMA KMS Manager 89 KMA 34 KMS 2 0 2008 4 Rev A 316030101 QuickStart KMS
287. Rev A 5 161 Local Configuration Key Split uorum Authentication _ 1 1 3 OK KMA 4 Key Split Quorum Authentication KMA 162 KMS 2 0 2008 4 Rev A 316030101 Local Configuration 316030101 Rev A 5 163 Local Configuration System Time System Time KMS KMA 5
288. SNMP Delete 115 SNMP 112 KMS 2 0 2008 4 Rev A 316030101 SNMP Manager List SNMP 1 SNMP Manager List Create Create SNMP Manager SNMP Manager ID EE Description Network Address UU Flags Enabled User Name Passphrase Confirm Passphrase Cancel 2 SNMP Manager ID SNMP 1 64 Description SNMP 1 64 Network Address SNMP Flags Enabled SNMP User Name SNMP
289. ep EE el wet sl Louisville another site Sitenumba1 This isa site Taranto Yada is a site m Site ID m Description Use Filter KMA m Site ID m Description 104 KMS 2 0 2008 4 Rev A 316030101 Site List lt gt gt lt gt lt 1 Use Ref
290. 2 Agents Not Allowed Access 1 3 Default Key Group for Agent Agents Allowed Access 1 Agent Assignment to Key Groups Key Groups 2 Agents Allowed Accessj 1 3 Default Key Group for Agent
291. 2 Shutdown KMA 3 Technical Support 4 Primary Administrator 5 Set Keyboard Layout 0 Logout Please enter your choice 262 KMS 2 0 2008 4 Rev A 316030101 KMA KMA Reboot KMA KMA KMA NE 1 p1ease enter your choice 1 Enter Reboot KMA Press Ctrl c to abort Are you sure that you want to reboot the KMA Y n 2 y
292. 232 233 296 237 237 233 292 296 203 125 202 4 i ub 296 297 xxiii T10000 292 297 297 Web SUN xxv 297 xxiii KMA 89 98 76 272 76 297 13 247 305 247 297 142 E 251 140 249 252 142 137 248
293. Enter KMS KMA wm 262 m 269 m 285 258 KMS 2 0 2008 4 Rev A 316030101 KMA Key Management System Version xxx KMA1 Please enter your User TD OP Please enter your Passphrase Key Management System Version xxx OP on KMA1 1 Reboot KMA 2 Shutdown KMA 3 Technical Support 4 Primary Administrator 5 Set Keyboard Layout 0 Logout Please enter your choice 31603
294. Eress Enter to continue BEmnter The Initial Security Officer User is he firs User ha can connec to the KMA ia the KMS Manager This User can subsequently create additional Users anQd administer he system Please enter a Security Officer User Name SecOfficer A Passphrase is used to authenticate to the KMA when a connection is made via the KMS Manager Passphrases must be at least 8 characters and at most 64 characters in length Passphrases must not contain the User s User Name Passphrases must contain characters from 3 of 4 character classes uppercase lowercase numeric other Please enter the Security Officer Passphrase Please re enter the Security Officer Passphrase Press Enter to continue Press Ctrl c to abort KMS Manager KMA T 2 Enter 3 4
295. KMS Manager 49 6 Choose Shortcut Folder Sun KMS Manager Pha FOE Er LT gt lt briiete InstallAAnywhere by Macrovision Choose Shortcut Folder Where would yu like to create product icons Ina new Program Group js KMS Manager In an existing Program Group accessories In the Start Menu On the Desktap In the Quick Launch Bar Other Menuprogramsisuntsun KMS Manager Choose Don t create icons HH Create Icons Far All Users Previous 7 Next 50 KMS 2 0 2008 4 Rev A 316030101 8 Pre Imstallation summary mm sss o gt Pre Installation Summary Introdueian Please Review the Following Before Continuing Product Name Sun KMS Manager Install Folder CProgram Filgs SumSun KMS Manangr Shnrtcut Folder HiDncumgnts and Sgttinn sth 188753iStart MgnuPrmnramstSumSun KMS MananEr Disk Space Imfmrmatinn for Installatinn Target Regquired SPP 997 13 hytes Available 3 2B8 849 BB4 bytes InstallAnyshere by Macrovwision Cancel Frevious 9 Install KMS Manager
296. Key Policy List Key Policies List Key Policy List m mm m m 1 Secure Information Management Key Policy List Key Policy List 168 KMS 2 0 2008 4 Rev A 316030101 kymp i 6 6 4 4 6 KJ VA key Polcy D A Desrption Key Type Encryption Period crypoperod alowExportFrom alowmportTo m Key Policy ID m Description nm Key Type m Encryption Period m Cryptoperiod m Allow Export From m Allow Import To
297. 5 147 Security Parameters 1 Security Parameters Modify IModify Security Parameters Modify Security Parameters x pe 100 000 1 000 000 2 Save KMA 148 KMS 2 0 2008 4 Rev A 316030101 KMA
298. 6 215 Data Units 1 Audit Event List View save Report Ctrl S 2 Start Audit Event List 3 4 Close Audit Event List 9 9 Data Units Data Units 232 Data Unit List
299. KMA 6 KMS Manager GUI KMA Connected KMA IP 316030101 Rev A 4 System 73 KMS Manager Import 1 0 Keys System Management Audit Event List KMA List User List Rale List Site List SNMP Manager List Key Transfer Public Key List 5ystem Dump System Time Security Parameters re Security 12 21 2007 7 06 22 AM Connecting 12 21 2007 7 06 22 AM Connected to 129 80 60 163 sudburykma 12 21 2007 7 06 22 AM Retrieve Security Parameters succeeded 12 21 2007 7 06 22 AM Retrieve Operations For Current User succeeded 12 21 2007 7 06 22 AM Session inactivity timeout Disabled 7 KMS Manager 5 9 KMA 74 KMS 2 0 2008 4 Rev
300. Re Sun microsystems Storage Tek Crypto Key Management System KMS Part No 316030101 Revision A Version 2 0 gt Re UN microsystems Crypto Key Management System KMS Version 2 0 Sun Microsystems Inc www sun com Part No 316030101 2008 4 Revision A Copyright 2008 Sun Microsystems Inc 4150 Network Circle Santa Clara California 95054 U S A All rights reserved Sun Micros stems Imc Sun Microsystemms 5 htt WV Sun com Patents NR Ci
301. SHA 316030101 Rev A KMS KMA KMS KMA National Institute of Standards and Technology Operational Key Version 1 x Token KMS o NIST Advanced Encrypton Standard AES Rijmen Joan D Vincent aemen 2 2 RSA MIT Ron Rivest Adi Shamir Leonard Adleman RSA 3 Secure Hash
302. Success Success Success Success Certificate Serial Number 151C5F81291373FOOOOOO00 5 Success Success 3 Success Success 3 Success Success 3 Success Success Success Success 3 Success Success 3 Success Success 3 Success Success Success Success 3 Success Success Certificate Serial Number 151C5F81291373FOOOOOO000 5 Success Success 3 Success Success 3 Success Success Transfer Partner ID mytp Description a descr Cont Error Public Key ID already exists Transfer Partner ID mytp Description a descr Cont lt Success Success Certificate Serial Number 151C5F81291373FOOOOOOOO Rev A 316030101 Audit Event List Created Date Operation Severity Condition Entity ID Entity Network Address KMA ID KMA Name Cl ass Retention Term Audit Log ID Use Filter KMA
303. m Destroyed Date m Destruction Status m Destruction Comment 316030101 Rev A 5 137 Backup List Filter KMA Backup ID Created Date Destroyed Date Destruction Status Destruction Comment lt gt gt lt gt lt 1 Set Date
304. m Shredded Normal 236 KMS 2 0 2008 4 Rev A 316030101 Save Key Group 1 Data Unit List Details Data Unit Details
305. 64 Roles 316030101 Rev A 5 95 User List Passphrase 3 Passphrase ET gt General Passphrase Enter Passphrase Canrirm Passnhrase 4 Enter Passphrase 8 64 8 wm TID m 4 3 2T Wb A FT IUTNII gt m 148
306. A 316030101 1 Key Groups Agents Not Allowed Access Move to Key Group 1 MyAnent1 MyKeyGroup SO owned Agent 2 Agents Allowed Access 316030101 Rev A 6 189 Agent Assignment to Key Groups Key Groups Agents Allowed Access Agents Not Allowed Access Customer Records MyAgent1 MyAgent Key Group 1 SO owned Agent MykKeyGroup lt Default Key Group For Agent 1 Agent Assignment to Key Groups Key Groups
307. Allow Import From True False False 316030101 Rev A 5 123 Transfer Partners Public Key ID Public Key Fingerprint Entry Date KMS 124 KMS 2 0 2008 4 1 64 Rev A 316030101 Transfer Partners 1 Transfer Partner List Create
308. DIDocuments and Settinnslbn188753 KM5 SystemDump DateTime tar Z Browse 144 KMS 2 0 2008 4 Rev A 316030101 System Dump File Name tar gz Browse Start 316030101 Rev A 5 145 Security Parameters Security Parameters Security Parameters List KMA Security Parameters Security Parameter List Security Parameters List Security
309. Enter KMA KMS KMA KMS KMA KMA KMA EE KMA 1 p1ease enter your choice 2 Enter Shutdown KMA Press Ctrl c to abort Are You sure that you want to shut down the KMA y n l 2 y Enter Shutting down 3 Power down 4 KMA
310. HG B W3 2 Sun Sun Microsystems Java AnswerBook2 docs sun com StorageTek of Sun Microsystems Solaris Sun Microsystems SPARC SPARC International mc SPARC Sun Microsystems OPENLOOK OpenBoot JLE SEE 2 EAR ATOK8 ATOK Server ATOK12 ATOK Server ATOK12
311. KMA 3 KMA Enter 4 KMA Enter 38 KMS 2 0 2008 4 Rev A 316030101 QuickStart 5 KMA 6 Enter 8 p1e 5 6
312. Ps 2 Yes KMA KMA KMA List KMA 90 KMS 2 0 2008 4 Rev A 316030101 User List User List User List m m m ESystem Management Audit Event List KMA List User List Role List Site List SNMP Manager List Key Transfer Public Key List System Dump System Time 316030101 Rev A 5 91 User List System Management User List User List _test User _Backup Operator True _Te
313. R Pg 1 131 E 119 119 153 155 QuickStart 31 153 155 176 173 168 168 175 175 294 176 173 168 175 175 xxv SUN xxvi 13 255 294 255 303 215 214 295 210 215 214 210 267 267 KMS 267 283 286 xxv 265 264 KMS 265 280 KMS 264 278 QuickStart 37 HH 1 HH Fi
314. Start Restore Backup 142 KMS 2 0 2008 4 Rev A 316030101 Backup List 4 Restore Backup Key Split Quorum Authenticationm Key Split Quorum Authentication i _x To perform this operation you must authenticate with a quorum of the existing Core Security key split credentials Split User 1 Passphrase Split User 2 Passphrase Split User 3 Passphrase Split User 4 Passphrase Split User 5 Passphrase Split User Bi Passphrase Split User 7 Passphrase Split User 8 Passphrase Split User 3 Passphrase Split User 10 Passphrase cae 5 OK KMA Key Split Quorum Authentication
315. 4 Rev A 316030101 Results in Pade ast page 1 Options Query Page Size Query Page Size Database View
316. A 316030101 1 2 KMA Connect to Cluster Cluster Name Delete Cluster Profile KMS Manager hre you sure you want to delete the Cluster Profile sudhury el ow Delete Cluster Profile Yes Connect to Cluster KMA System Disconnect 1 316030101 Rev A KMA KMS
317. Algorithms NIST E NSA 291 Shamir T T10000 Transport Layer Security TLS U UID Ultra Tape Drive Encryption Agent UTC MAME AM i T10000 E 500G
318. Core Security Public Key Get KNA Lock Status Get Key Split Credentials Get Local Technical Support Configuration 2 List 102 KMS 2 0 2008 4 ecurty Officer Manages security settings users sites and transfer partners Add a Role to those that haye be gt Adjusts the system time Backs up Core Security informatio Creates the Audit Log For the Clus Defines a new KMA to the Cluster Creates a new Key Transfer Key F Defines a new Key Transfer Partn Creates a new SNMP Nanager Creates a Site Creates a new User Remowves a KNA From the Cluster Deletes a Key TransFer Partner Deletes an NTP Seryer Deletes an existing SNMP Manage Deletes an existing Site Deletes an existing User Disables the Technical Support of Enables the Technical Support of I Displays the Autonomous Unlockir Displays Core Security Public Key Displays the current Lock Status c Displays the current Key Split Cre Gets the Technical Support Confic gt Close Role Rev A 316030101 Site List KMS 2 Site List EE 1 KMA
319. Key Management System KMS KMS Manager Solaris 54 Windows 54 48 Ag KMS 2 KMS 6 2 4 5 QOuickStart 4 3 EA EX Lu EX 10 2 9 1 1 6 6 7 7 8 7Z 47 290 12 13 Key Split Configuration 153 Key Transfer Public Key List 131 KMA IP KMA List 81 KMA K K K K KMS 273 KMS 270 MA 75 MA
320. Kk A 2 Sun Microsystens Inc Reu Managenent Sustem Version Build306 balblair Please enter your User ID 9 fps 720x400 1 kbps 24 KMS 2 0 2008 4 Rev A 316030101 QuickStart QuickStart KMA QuickStart KMA QuickStart KMA QuickStart QuickStart KMA 9 316030101 Rev A 2 25 QuickStart QuickStart Qui
321. Malta UK 17 Ma1ta_US 18 Norwegian 19 Portuguese 20 Russian 21 Serbia And Montenegro 22 Slovenian 23 Slovakian 24 Spanish 25 Swedish 26 Swiss French 27 Swiss German 28 Taiwanese 29 TurkishO 30 TurkishF 31 UK English 32 US English The current layout is US English Please enter the number for the keyboard layout rhe keyboard 1ayou has been app1ied successfully Press En ter to continue 2 E ease enter the number for the keyboard 1ayout 3 Press lt Enter gt to continue 316030101 Rev A 10 KMS 267 KMA KMS 1 p1ease enter your choice 0 Enter 2 KMS
322. Manager GUI System View Help 316030101 Rev A 3 KMS Manager 55 System System Connect Connect to Cluster System iew Help TiTIECL Disconnect Change Passphrase Options ect Disconnect from KMA KMA Change Passphrase Change passphrase Options Options
323. Microsystems Inc in the United States and other countries
324. QuickStart CSE KMA 316030101 Rev A 19 Embedded Light Out Manager ELOM Embedded Light Out Manager ELOM Embedded Lights Out Manager ELOM 1 2 ELOM QuickStart ELOM KMA Installation and Service Manuall Embedded Lights Out Manager Administration Guide KMA Embedded Lights Out Manager KMA m LAN 1 NET MGT ELOM m KMA ES
325. account is currently ENABLED IMPORTANT Enabling the support account and SSH access is a security risk These should not be left enabled unless required for troubleshooting purposes Ensure that this account is disabled when not required Would you like to DISABLE this account Y n 2 y Enter 3 Are you Sure that you warn to commit these changes Y n 4 y Enter SSH 280 KMS 2 0 2008 4 Rev A 316030101 KMA
326. operating system Foot aCCOum W Please re enter the root Passphrase Press Enter to continue Press Ctrl c to abort 2 KMA QuickStart KMA KMA QuickStart 3 root 4 please re enter the root Passphrase 3 Enter 316030101 Rev A 2 29 QuickStart 1 Enter KMA KMA
327. 0101 Rev A 10 KMS 259 KMA Key Management System Version xxx KMA1 Please enter your User ID SO Please enter your Passphrase Key Management System Version xxx SO on KMA1 Log KMA into Cluster Set User s Passphrase Set KMA IP Addresses Reset to Factory Default State Technical Support Primary Administrator Set Keyboard Layout Logout ON Uk wtMN Please enter your choice 260 KMS 2 0 2008 4 Rev A 316030101 KMA Key Management System Version xxx KMA1 Please enter your User TD Please enter your Passphrase Key Management System Version xxx xx on KMA1 Log KMA into Cluster Set User s Passphrase Set KMA IP Addresses Reset to Factory Default State Reboot KMA Shutdown KMA Technical Support Primary Administrator Set Keyboard Layout Logout
328. 1ta_US 18 Norwegian 22 Slovenian 23 Slovakian 24 Spanish 25 Swedish 26 Swiss French 27 Swiss German 28 Taiwanese 29 TurkishQ 30 TurkishF 31 UK English 32 US English The current layout is US English Please enter the number for the keyboard layout fn Press Enter to continue rhe keyboard layout has been applied successfully 19 Portuguese 20 Russian 21 Serbia And Montenegro 2 please enter the keyboard layout US English 3 y Enter BEnter The keyboard 1ayout has been app1ied successfully Press Enter to continue 10 KMS 283 KMA KMS 1 p1ease enter your choice 0 Enter 2
329. 204 Transfer Partners 207 203 200 202 201 206 205 230 130 125 E 128 204 121 Transfer Partners 120 DW Transport Layer Security TLS 292 U UID 292 Ultra Tape Drive Encryption Agent 292 User List 91 UTC 292 W Web SUN xxiv 302 KMS 2 0 2008 4 St 292 293 292 292 292 293 ah dh dh dh dh TP 293 243 243
330. 290 316030101 Rev A G GUI 290 Hash Message Authentication Code HMAC 290 Tmport Keys 230 IP OuickStart 27 K Key Group Assignment to Agents 193 Key Group Assignment to Transfer Partners 200 Key Group assignments to Transfer Partners 201 Key Group List 168 179 Key Groups 179 218 Key Management Appliance KMA IP 273 KMA 160 SNMP 110 TCP TP 11 270 161 160 263 90 E 85 H 276 88 DW 299 20 75 18 1 290 263 89 82 166 258 Key Management Appliance 258
331. 30 31 34 35 KMA 36 37 40 3 KMS Manager 47 KMS Manager 47 KMS Manadger 48 KMS Manager 54 x KMS 2 0 2008 4 Rev A 316030101 Windows KMS Manager 54 Solaris KMS Manager 54 KMS Manager GUI 55 System 56 View 57 Help 58 60 60 60 61 KMS Manager GUI 62 KMS 62 KMS 63 64 65 66 KMS Manadger 68 68 Windows 68 69 4 System 71 71
332. 30101 Rev A 3 KMS Manager 69 70 KMS 2 0 2008 4 Rev A 316030101 System KMS Manager KMA System KMA 1 KMA KMS Manager KMA KMA KMA KMS Manager KMA IP
333. 491D5I65B3DB5B991 4F18 91BBBUFFB62ZBCUH6C4BD61E45E6D1C8BABFDZ9FDDA7 5 FDAC7620B1491D5I6CB5E9AB176DB3BU 563513FE2ZH96254BAF1DI69518FE95HD79734341E7C7B FDAC7620B1491D5H6DC3C3B2E2B6ADHF FD8BF94EBCC77FAH7E3HCDA204C2E2C6EE3835179E4 5 Description For Data Unit te FDAC7620B1491D5H77E2ZEAE57BD79F2D D8955HD598A811C2F14UBF5SDSBHBE842DCDDA9CDG26F FDAC7620B1491D5H7D 919C428CFSHEH F1DA375B1243ABF557ECFFF9H1D663B5EU1FBDA 0924 FDAC7620B1491D5H9UE82Z378BAEEADBHD 9D697FCCAUB2AF775CU2Z445H0444EFUDF155Dg6FF9C3 FDAC7620B1491D59DA29E93ACDH6FDZ 9A2Z0U95534UBFADIEA7B498B31 2D2499726A BBBIHU6C1 FDAC762UB1491D5IB543 1 1312417E1 3E5BAFE1923CEBC49F913B62989228DC92EA5E72A711 FDAC7620B1491D5nF37D23722C616818 45B118HCB4 AD661D41EADBC783B9745BE42ZD2BU75EBB FDAC7620B1491D5UFABS6E1F886F559B FDAC7620B1491D5UFFF4DB6487307C4 37FA9EBBA83122591DFB921156 3A4C1DDF3AFAEB73 Details Activity Histary Destroy Keys Madi Rey Go Export Keys m Data Unit ID m External Unique ID m Description m External Tag m Created Date m Imported m Exported m State Use
334. 6 KMS 2 0 2008 4 Rev A 316030101 KMS Version 1 x 1 2 19 1U 2 he CA CA KMS 2 0 KMA KMA
335. 6030101 Site List KMA KMA 1 site List Delete KMS Manager hre you sure you want to delete the Site Denyer el ow 2 Yes site List 316030101 Rev A 5 109 SNMP Manager List SNMP Manager List KMA SNMP SNMP System Management SNMP Manager List
336. Allow Import To True Use is subject to license terms This distribution may include materials developed by third parties Sun Sun Microsystems the Sun logo and Solaris are trademarks or registered trademarks of Sun Microsystems Inc in the U 5 and other countries Copyright 2008 Sun Microsystems Inc Tous droits re serves Non publie droits reserv6s selon la l gislation des Etats Unis sur le droit d auteur Pronriete SUNICONFIDENTIEL Droits du gouvernement des Etats Lnis logiciel commercial Les droits des utilisateur du gouvernement des Etas Unis sont soumis aux termes de la licence standard Sun Microsystems et aux conditions applique es de la FAR et de ces compl ments L utilisation est soumise aux termes de la Licence Cette distribution peut inclure des l ments dEvelpps par des tiers 3 KMS Manager 59 KMS Connect Disconnect Help 1 Connect to KMA
337. Assignment to Key Gl TransFer Partner Assignmer gents Agent List Key Group Assignment to amp Transfer Partners TransFer Partner List Key Group Assignment to Tr Import Keys Data Lnit List Backup List Import 1 0 Kews 120 KMS 2 0 2008 4 Rev A 316030101 Transfer Partners Transfer Partner List Secure Information Management Transfer Partner List Transfer Partner List Filter UE 80 lt USS Refresh Reset 1 lt Results in page 1 st page TransFer PartnerID Contact InFarmatian Enabled Allow Export To Allow Import From Public Key ID True False False 23F31564A4 Details Create Delete m Iransfer Partner ID m Description m Contact Information m Enabled m Allow Export To m Allow Import From Use 316030101 Rev A 5
338. H H 1 KMS m KMS 1 E 116 KMS 2 0 2008 4 KMS
339. ID o 2 Descriptonm Save Key Group List 316030101 Rev A 6 185 1 Key Groups List Delete
340. ID m External Unique ID Created Date State Flags Imported Exported Key List Data Unit Details ue wl wel il ee W pesroved Dat OMPromse Data Unit ID Data Unit Description Key ID Key Type AES 256 238 KMS 2 0 2008 4 Rev A 316030101 Created Date Activation Date 5 Destroyed Date Destruction Comment Imported Exported Key Group Encryption End Date Deactivation Date
341. KMS Manager KMS Manager m KMS Manager KMS Manager m KMS Manager KMS Manager KMS Manager KMA KMS Manager KMA 316030101 Rev A 47 KMS Manager KMS Manager 1 URL Sun StorageTek Customer Resource Center CRC Web http www support storagetek Com Crc_home htm1 2 CRC Code Downloads KMS m Windows install exe m Solaris
342. Keys Keys to destroy Deactivated keys Compromised keys Destruction Comment Destroy Cancel Deactivated keys Compromised keys 0 Destruction Comment 3 Destroy 4 Yes 316030101 Rev A 7 243 Software Upgrade Software Upgrade
343. MS Manager 63 KMS Manager COTECL 5ecure Information Me Key Palicy List Agents Transfer UR EE BE EE Impart 1 0 Keys Ss tem Management Audit Event List KMA List Test User Backup Onerator Compliance Officer Operator Security 0 Bo test User Backup Operator 0 Role List co Test User Compliance Officer True 0 Site List OP Test User Operator True 0 SNMP Manager Lisl so Backup Operator Compliance Officer Operator Security True 0 Key Transfer Publ nancy Auditor True 0 wally night shift janitor Security Officer 0 System Dump System Time Security Local Configuratior oss pees 12 21 2007 6 05 08 AM Connecting AM Connected to 129 80 60 163 AM Retrieve Security Parameters succeeded AM Retrieve Operations For Current User succeeded 09 AM Session inactivity timeout Disabled 1212nn7 Fr3233 AM List Kev Pnliries sirreeder 64 KMS 2 0 2008
344. NA6EMENT SYSTEM SALES TORONTO CHILE 562 372 4500 COLOMBIA 571 629 2323 Ctch REpUBlic 420 2 33009311 DENMARK 45 4556 5040 EGYPT 00 202 570 9442 FNLAND 358 9 525 561 FRANCE 33 1 41 33 17 17 GERMAMY 49 89 460 08 2788 GREECE 30 01 6188101 HoNe KONe 85228777077 HUNGARY 361202 4415 INDIA 91 80 229 8989 INDONESIA 65 216 8333 IRELAND 353 1 668 4377 IsRAEE 972 9 9710500 HA 39 02 9259511 e IAPAN 81 3 5779 1820 KOREA 822 3453 6602 MALAYSIA 6032116 1887 MipDlE EAST 00 9714 3366333 MMcO 525261 0344 NETHERLANDS 31 33 4515200 NEW ZEALAND 0800 786 338 e NORTH Wesr AFRICA 00 9714 3366333 NORWAY FROM NORWAY 4722023950 To NORWAY 4723369650 PakISTAN 00 9714 3366333 PopLE s REPUBLIC OF CHINA 8610 6803 5588 PilippiNes 632 8857867 PoLAND 4822 8747848 PORTUeA 351 21 413 4000 RUSSIA 7 095 935 8411 SAUDI ARABIA 00 9714 3366333 SINGAPORE 65 216 8300 SoUTH AFRICA 2711 256 6300 e SPAIN 34 902 10 412 SRi LANKA 652168333 SWEDEN 46 8 631 22 00 SWITIERLAND 41 1 908 90 50 GERMAN 41 22 999 0444 FRENCH TAIWAN 885225185735 THAILAND 662 344 6855 TURKEY 90 212 335 22 00 UMTED KiNepoM 44 1276 416 520 UnireD STATES 1 800 422 8020 VENEZUELA 582 905 3800 VIETNAM 65 216 8333 WoRlpWiDE HEADQUARTERS 1 650 960 1300 SU N THE NETWORK IS THE COMPUTER 2006 Sun Microsystems Inc All rights reserved Sun Sun Microsystems and the Sun logo are trademarks or registered trademarks of Sun
345. Parameters Shart Term Retention Audit Log Size Limit oo Short Term Retention Audit Log Lifetime Poays Medium Term Retention Aud Log sze mti ooo Medium Term Retention Audit Log Lifetime Bwonths Long Term Retention Audit Log Size Limit ho Long Term Retention Audit Log Lifetime Rvears Login Attempt Limit Passphrase Minimum Length BB Management Session Inactivity Timeout psaed Short Term Retention Audit Log Size Limit 10 000 1000 1 000 000 146 KMS 2 0 2008 4 Rev A 316030101 Security Parameters Short Term Retention Audit Log Lifetime 7 7 24 855 Medium Term Retention Audit Log Size Limit
346. Passphrase lS Confirm Passphrase EE Split User 4 SS Passphrase EE Confirm Passphrase EE Split User 5 Passphrase Confirm Passphrase Split User 6 Passphrase Confirm Passphrase 7 Split User 7 Passphrase Confirm Passphrase Split User 8 Passphrase EE Confirm Passphrase EE Split User 9 Passphrase Confirm Passphrase nO Split User 10 EE Passphrase mE Confirm Passphrase EE ce 2 OK Key Split Number 10 Threshold Number Split User x Passphrase Confirm Passphrase Key Split Number 316030101 Rev A 5 155 Core Security 3 Save
347. S KMS KMS KMA KMS KMA KMA KMA KMA 1H KMS KMS TCP IP KMA KMS Manager GUI KMA
348. Subnet Mask 255 255 254 0 Enter 6 Enter 7 Do you want to use DHCP to configure the Service Network interface n y n 8 y 10 8 IP Enter o 9 p1ease enter he Service Network Subnet Mask 255 255 255 0 Enter 10 IP Enter 11 p1ease enter the Primary DNS Server TP Address optiona1 Enter 12 DNS BEnter 13 Are you sure that ou want to
349. artner Assignment to Key Groups 204 Transfer Partner Assignment to Key Groups 218 KMS 2 0 2008 4 Rev A 316030101 Agent List Agent List m m m 316030101 Rev A Secure Information Management Key Groups Key Group List Agent Assignment to Key Grnul Transfer Partner Assignment tc ents Agent List Key Group Assignment to Agen Transfer Partners Transfer Partner List Key Group Assignment to Trans Import Keys Data Lnit List Backup List 7 219 Agent List
350. assphrase 3 76 KMS 2 0 2008 4 Rev A 316030101 1 System Options Options pti Communication Timeout seconds Query Page Size lo records Display Dates in Local Time Zone ce 2 Save Communication Timeout KMA KMA KMS Manager 1 660 15 Query Page Size
351. ckStart KMA KMA QuickStart Welcome to QuickStart Welcome to QuickStart The QuickStart program will guide you through the necessary steps for configuring the KMA You may enter Ctrl c at any time to abort however it sg necessary to successfully complete all steps in his initialization program to enable the KMA Press Enter to continue Set Keyboard Layout Press Ctrl c to abort You may change the keyboard layout here Available keyboard layouts 1 Albanian 2 Belarusian 3 Belgian 4 Bulgarian 5 Croatian 6 Danish 7 Dutch 8 Finnish 9 French 10 German 11 Icelandic 12 Italian 13 Japanese type6 14 Japanese 15 Korean 16 Malta UK 17 Ma1ta_US 18 Norwegian 19 Portuguese 20 Russian 21 Serbia And Montenegro 22 Slovenian 23 Slovakian 24 Spanish 25 Swedish 26 Swiss French 27 Swiss German 28 Taiwanese 29 TurkishO 30 TurkishF 31 UK English 32 US English The current layout is US English Please enter the number for the keyboard layout 32 The keyboard layout has been applied successfully Press Enter to continue Ctrl c QuickStart
352. commit these changes Y n y Ctrl c y y 316030101 Rev A 10 KMS 275 KMA KMA KMA KMA KMA
353. curity Parameters succeeded 2007 09 24 09 11 24 Retrieve Operations For Current User succeeded 2007 09 24 09 11 24 Session inactivity timeout 15 minutes 2007 09 24 09 12 34 List Audit Events succeeded 2007 09 24 09 12 37 List KMAs succeeded 2007 09 24 09 12 39 List Users succeeded 2007 09 24 09 13 03 List Backups succeeded Connected 129 80 60 163 sudburykma start 9 wO Inbox for g 2 wind ow z Framem We Robon elp H ks Mana ds Ee ra 316030101 Rev A 2 43 QuickStart 11 KMS Manager Restore Backup 44 KMS 2 0 2008 4 Rev A 316030101 QuickStart 12 KMS Manager
354. e Key Split Size 1 The Key Split Threshold is the number of Key Splits required to obtain a quorum Please enter the Key Split Threshold 2 Please enter he Key Split User Name 1 userl Passphrases must be at least 8 characters and at most 64 characters in length Passphrases must not contain the User s User Name Passphrases must contain characters from 3 of 4 character classes uppercase lowercase numeric other Please enter Key Split Passphrase Please re enter Key Split Passphrase 1 Press Enter to continue Press Ctrl c to abort m KMS Manager m ID QuickStart 2 please enter the Key Sp1it Size Enter 32 KMS 2 0 2008 4 Rev A 316030101 QuickStart 3 E1ease enter the Key Sp1it Thresho1d
355. en completed Press Enter to continue 2 3 y Enter Are OU sure that you wan to ENABTLE these privileges for he support account assuming this security risk y n 316030101 Rev A 10 KMS 281 KMA 4 y Enter Primary Administrator KMA
356. ers TransFer Partner List Key Group Assignment to TI Import Keys Data Lnit List Backup List Import 1 0 Keys System Management Audit Even List KMA List Lser List Role List Site List SNMP Manager List Key TransFer Public Key List System Dump System Time Security Security Parameters 80 KMS 2 0 2008 4 Core Security Lin Core Cor jp Rev A 316030101 316030101 Rev A KMA List KMA List KMA List am KMA m KMA m KMA m KMA System Management Audit Event List User List Role List Site List SNMP Manager List Key TransFer Public Key List System Dump System Time Security Security Parameters Core Security Core Security Public Backup Core Securit Key Split Configurat Autonomous Unlock Local Configuration 5 81 KMA List KMA KMA KMA List KMA Li
357. he support account y n 4 y Enter 266 KMS 2 0 2008 4 Rev A 316030101 KMA KMA KMA 1 p1ease enter your choice 5 Enter Set Keyboard Layout Press Ctrl c to abort You may change the keyboard layout here Available keyboard layouts 1 Albanian 2 Belarusian 3 Belgian 4 Bulgarian 5 Croatian 6 Danish 7 Dutch 8 Finnish 9 French 10 German 11 Icelandic 12 Italian 13 Japanese type6 14 Japanese 15 Korean 16
358. isting SSH host keys Would you like to regenerate the SSH host keys n 4 y Enter Are you Sure that you want to commit these changes Y n 5 y Enter Emnter Press Enter to continue 316030101 Rev A 10 KMS 279 KMA 1 p1ease enter your choice 5 Enter Technical Support Press Ctrl c to abort Please refer to accompanying user documentation for Technical Support contact information The support
359. it 5 1 Passphrase Minimum Length 8 8 64 Management Session Inactivity Timeout 1000 KMS Manager IS 15 0 60 Modify 148 F 3 316030101 Rev A
360. n Microsystems StorageTekTM Crypto Key Management System KMS KMS KMS Manager System KMS 316030101 Rev A XXiii Sun Microsystems Inc Sun Sun Web Sun Web
361. nl Please enter the Management Network IP Address 10 80 41 5 Please enter the Management Network Subnet Mask 255 255 254 0 Please enter the Service Network Hostname balblairsvc Do you want to use DHCP to configure the Service Network interface Y n Please en er the Service Network TP Address 792 768 5 7 Please enter the Service Network Subnet Mask 255 255 255 0 Please enter the Gateway IP Address optional but necessary if this KMA is to communicate with an entity on a different TP Subnet 10 80 41 254 Please enter the Primary DNS Server IP Address optional 10 80 0 4 Please enter the DNS Domain stortek com Are you sure that you want to commit these changes n y Press Enter to continue 274 KMS 2 0 2008 4 Rev A 316030101 KMA 2 3 Do you want to use DHCP to confFigure the Management Network interface n y n 4 y 6 4 IP Enter 5 please enter the Management Network
362. ns Created Date Operation Severity Success Warning Error Condition Event Message Entity ID Entity Network Address KMA ID KMA Name Class
363. ns Data Lnit List Eackup List Import 1 Keys Key Group List Key Group List m m m m 316030101 Rev A 6 179 1 Key Groups Key Group List Key Group List Key GroupID A pescipton keyPoicwtD vu ll WW 2 2 2 2 2 2 t MyKeyGraup This is a key qroup hyKeyPalicy nm Key Group ID m Description m Key Policy ID Use Filter
364. nt 3 Close 250 KMS 2 0 2008 4 Rev A 316030101 151 KMA 1 2 1 Backup List Create Backup Create Backup
365. nts List 228 KMS 2 0 2008 4 Rev A 316030101 Key Group Assignment to Agents Key Group Assignment to Agents 193 Key Group Assignment to Agents 316030101 Rev A Secure InFormakinn Management Key Groups Key Group List Agqent Assignment to Key GFnul TransFer Partner Assignment tc EE Agents Agqent List Key Group Assignment to Agen EE Transfer Partners Transfer Partner List Key Group Assignment to Trans Import Keys Data Lnit List Backup List 7 229 Import Keys KMS KMS
366. nue Press Ctrl c to abort 2 316030101 Rev A please enter the Management Network Hostname I Enter Ipo YOu want to use DHCP to configure the Management Network interface y n n y Enter n 4 y 6 please enter the Management Network TP Address IP Enter p1ease enter he Management Network Subnet Mask 255 255 254 0 Enter 2 27 QuickStart 6 p1ease enter Ehe Service Network Hostname Enter 7 po you want to use DHCP to configure the Service Network interface y n n y
367. orum of Key Split Users Enter sufficient Key Split credentials to form a quorum Enter a blank name to finish Press Ctrl c to abort Please enter Key Split User Name 2 Please enter Key Split Passphrase 2 Press Enter to continue 6 2 7 BEnter 0 This command requires authorization by a quorum of Key Split Users Enter sufficient Key Split credentials to form a quorum Enter a blank name to finish Press Ctrl c to abort Please enter Key Split User Name 3 Are you sure that you want to log the KMA back into the Cluster y n n Press Enter to continue 8 Key Split User Name 3 Enter 9 n Enter 316030101 Rev A 10 KMS 271 KMA 272 KMS 2 0 2008 4
368. ould you like to ENABLE this account y n 2 y Enter SSH SSH SSH access for the support account is currently DTSABLED Enabling SSH access for the support account allows a Technical Support representative to connect to the KMA From a remote location in order to diagnose a potential problem Would you like to ENABLE SSH access for the support account y n 3 y Enter SSH Rev A 316030101 KMA When a Technical Support representative connects to he KMA using SSH SSH host keys must be verified via an alternative secure communication channel in order to detect a potential man in the middle attack Please record and store these SSH host keys securely SSH host keys are generated when SSH is enabled for the first time They may be subsequently regenerated to invalidate the ex
369. owed Access 316030101 Rev A 6 207 KMS 1 0 KMS 1 0 KMA 1 KMS 1 2 KMS 1 2 KMS 1 0 1 1 KMS 1 2 2 Secure Information Management Import 1 0 Keys Please 5elect a Key Group EE 3 Destination Key Group KMS 1 0 Key Export File Name KMS 1 0 Bro
370. r the DNS Domain DNS Enter 13 1 2 28 KMS 2 0 2008 4 Rev A 316030101 QuickStart KMA 1 Enter The KMA Name is a unique identifier For our KMA This name shou1d not be the same as the KMA Name for any other KMA in your cluster It al so should not be the same as any User Names or Agent TDs in your system Please enter the KMA Name KMA 1 Press Enter to continue Set Root Passphrase Technical Support The root account can only be used by Support personnel to administer support under extreme circumstances You must set the root account Passphrase to a secure value This Passphrase can be reset at a later date by a Security officer User Passphrases must be at least 8 characters and at most 64 characters in length Passphrases must not contain the User s User Name Passphrases must contain characters from 3 of 4 character classes uppercase lowercase numeric other Please enter a new Passphrase for the
371. resh Reset lt 2 IX I Results in Pade Options Ouery Page Size 1 Site ID Descript 316030101 Rev A ion 5 105 Site List Create 106
372. roup List Angqent Assignment to Key Groups Transfer Partner Assignment to Key Group Agents Agqent List Key Group Assignment to Agents Transfer Partners Transfer Partner List Import Keys Data Lnit List Backup List m m m m 232 KMS 2 0 2008 4 Rev A 316030101 Data Units Data Unit List Data Unit List Data Lnit List Filter pata Unit p lt show Data Units in any Key Group lt Refresh Reset i lt lt lt Results in page 15 last page DataUnitID External Lnique ID Descripti D75BB76E261B5F64AA9383U5DEDD3B9 FDAC7620B1491D5I14B42ZE4F7C533F8E FDAC762UB1491D541 98DBH6AEC18B5 745F33ACEC 3E5H9297643D214B29E 1CB9BD4CDF9456 FDAC7620B1491D5I659I6BDAC533CHDB B49548C84E2B5BB9HBB1HUB3H73UF191 956497C5CB4C FDAC7620B1
373. se Select a Key Palicy gt ca 2 Key Group ID 1 64 Description 1 64 Key Policy ID 3 Save Key Group List 0 316030101 Rev A 6 183 F ue wereeh wesee isl I Key Group 1 This is the first Key Group PyKeyPolcy MyKeyGroup This is a key group MyKeyPolicy 184 KMS 2 0 2008 4 Rev A 316030101
374. st System Management hw 1 EE eewl el name A MRD Description steID Management NetnorkAddress serice Network Address_ version KMA KMA Name KMA ID Description Site ID Management INetwork Address Service Network Address Version Failed Login Attempts Responding Response Time Replication Lag Size Key Pool Ready 82 KMS 2 0 2008 4 Rev A 316030101 KMA List m Enrolled KMA Use Filter KMA KMA Name Description Site ID Management Network Address Service Network Address Version Failed Login Attempts Enrolled
375. st User Campnliance Officer True _Test User Operator True Eackup Operator Compliance Officer Operator Security True True Auditor night shift janitor Security Officer True m User ID m Description m Roles m Enabled m Failed Login Attempts o 92 KMS 2 0 2008 4 Use Rev A 316030101 B Filter KMA m User ID m Description m Enabled m Failed Login Attempts gt lt lt gt gt lt 1
376. t to Trans Data Lnit List Backup List 204 KMS 2 0 2008 4 Import 1 0 Keys Rev A 316030101 Key Groups Transfer Partner Assignment to Key Groups TransFer Partner Assignment to Key Groups Key Groups TransFer Partners Allowed Access TransFer Partners Not Allowed Access Key Group 1 MykKeyGroup mytp Transfer Partners Allowed Access Transfer Partners Not Allowed Access 316030101 Rev A 6 205 1 Key Groups
377. tails 2 User Details Passphrase User Details 3 Bnter Passphrase 4 Confirm Passphrase 3 User List 98 KMS 2 0 2008 4 Rev A 316030101 User List 1 Users List Delete KMS Manager x hre you sure ou want to delete the User aUD es ow 2 Yes
378. tp docs sun com app docs coll x2100m2 20 KMS 2 0 2008 4 Rev A 316030101 2 1 Embedded Light Out Manager ELOM 1 Web 2 LAN 1 NET MGT IP KMA ELOM ELOM IP Web 1 3 OK Yes ELOM Embedded Lights Out Manager Sun embedded Lights Out Manager httpi dalwhinnie2 Usernarne Passwiard pe Login 4 ID root changeme Manager
379. uditor Views information about the KMS Cluster KA List User List Backup Operator Performs backups ca Compliance Officer Manages key policies and key groups Operator Manages agents data units and keys Site List Security Officer Manages security settings users sites and transfer par SNMP Manager List Key Transfer Public Key List System Dump System Time Security Security Parameters Core Security Core Security Public Key Backup Core Security Key Split Configuration Autonomous Unlock Option Local Configuration Details m Role ID m Description Use 100 KMS 2 0 2008 4 Rev A 316030101 Role List Filter KMA m Role ID m Description
380. ve Operations For Current User succeeded 12 21 2007 6 05 09 AM Session inactivity timeout Disaled 12 21 2007 6 32 33 AM List Key Policies succeeded rreerlr 316030101 Rev A 3 KMS Manager 65 KMS Manager 1 1 lt gt gt lt gt lt 1 2
381. wse 208 KMS 2 0 2008 4 Rev A 316030101 Start KMS 1 0 KMA 316030101 Rev A 6 209 Audit Event List Audit Event List Audit Event List Audit Event List 1 System Management Audit Ew ent List kMA List User List Role List Site List SNNP Manager List Key Transfer Public Key List System Dump System Time System Management Event List
382. y Autonomous Unlock Option Autonomous Unlock Option KMA 1 Core Security Autonomous Unlock Option Autonomous Unlock Option Autonomous Lnlock Option Autonomous Unlock Option is Enabled Disable Autonomous Unlock 2 Enable Autonomous Unlock Disable Autonomous Unlock s ILock Unlock KMA
Download Pdf Manuals
Related Search