CipherTrust Manager Deployment
The CipherTrust Manager server can be deployed in a number of cloud based environments as well as in a physical appliance.
Product references
CipherTrust Manager - refers to all platforms running the CipherTrust Manager software.
Virtual CipherTrust Manager k170v and Virtual CipherTrust Manager k470v (or simply k170v and k470v) - refer specifically to virtual and private cloud instances running the CipherTrust Manager Software.
k170v is intended for simplified and centralized key management. For example, k170v is suited to lab environments, low transaction encryption use cases, and storage encryption key management with KMIP (Key Management Interoperability Protocol). k170v allows for the usage of four CPUs or fewer. k170v is applied as a license.
k470v is intended to support high transaction-per-second encryption operations as is typically required from the CipherTrust Data Security Portfolio suite. k470v allows for the usage of more than four CPUs. k470v is applied as a license.
CipherTrust Manager k470, k570, and k160 Appliances (or simply k470, k570, and k160) - refers specifically to the k470, k570, and k160 physical appliances running the CipherTrust Manager Software.
SafeNet KeySecure Classic (or simply KeySecure Classic) - refers to the previous generation of SafeNet KeySecure Appliances (models k450 and k460). You can migrate data from these appliances to CipherTrust Manager k470 and k570 physical appliances.
Deployment environments
How the CipherTrust Manager is distributed and deployed is based on the environment. The supported environments are listed below along with the supported distribution method:
Public Cloud Images
Amazon Web Services: SafeNet Cloud Provisioning System
Refer to: AWS Deployment
Google Cloud:
Refer to: Google Cloud Deployment
Microsoft Azure: Available as a BYOL image in the Microsoft Azure Marketplace
Refer to: Azure Deployment
Oracle Cloud
Refer to: Oracle Cloud Deployment
Alibaba Cloud
Refer to: Alibaba Cloud Deployment
Private Cloud Images
VMware vSphere: OVA image file
Refer to: Private Cloud Deployment
Microsoft Hyper-V: VHDX image file
Refer to: Private Cloud Deployment
Nutanix AHV: VMDK image file
Refer to: Private Cloud Deployment
OpenStack: qcow2 image file
This can be installed on to KVM or QEMU hypervisor.
An example command with KVM hypervisor is:
virt-install --virt-type kvm --name <virtual_image_name> --ram 2048 --disk path=<path_to_qcow2_image>,size=16,format=qcow2 --network network=default --graphics vnc,listen=0.0.0.0 --noautoconsole --os-type=linux --os-variant= ubuntu16.04 --import
For network configuration on private cloud images, refer to Network Interface Configuration Tutorial
Hybrid Cloud Images
Azure Stack HCI: VHDX image file
Refer to: Azure Stack Deployments
Azure Stack Hub: VHDX image file
Refer to: Azure Stack Deployments
Physical Appliances
CipherTrust models:
CipherTrust k470
Refer to: Physical Deployment
Refer to: Migrating from KeySecure Classic
CipherTrust k570
Refer to: Physical Deployment
Refer to: Migrating from KeySecure Classic
TCT CipherTrust Manager k160
Refer to the CipherTrust Manager k160 Quick Start Guide
For network configuration on physical appliances, refer to Network Configuration Tutorial