Managing Clients

A client is a computer system where the data needs to be protected. A compatible CTE Agent software is installed on the client. The CTE Agent can protect data on the client or devices connected to it. A client can be associated with multiple GuardPoints for encryption of various paths (refer to Managing GuardPoints for details).

The Clients page of the CipherTrust Manager GUI displays all clients protected by encryption Agents. CipherTrust Manager Administrators can manage clients on this page.

Registering Clients

When CTE clients are registered, they are automatically added to the CipherTrust Manager GUI. Refer to the CTE Agent Quick Start Guide specific to your platform for information on installing and configuring CTE Agents.

Adding Clients Manually

Optionally, the CipherTrust Manager administrator can manually add a client to the CipherTrust Manager GUI - even before the CTE Agent is installed on it.

To add the client manually:

1. Log on to the CipherTrust Manager GUI as administrator.

2. Open the Transparent Encryption application. The Clients page is displayed.

3. Click Create Client. The Create Client wizard is displayed.

Add General Info

On the General Info tab:

1. Specify a unique Name for the client.

2. Set the Password Generation Method. The options are:

   • Generate: A password is generated automatically by CipherTrust Manager. This is the default method.

   • Manual: Set the password manually.

     1. Select Manual.

     2. Enter the new password in the Password and Confirm Password fields. The password must match in both fields.

     Note

     The password must contain minimum eight characters including at least:
     • One capital letter
     • One number
     • One of these special characters: ! @ # $ % ^ & * ( ) { } [ ]

   Refer to Changing Client Password for details.

3. Provide a Description for the client.

4. Specify the following, as appropriate:

   • Registration Allowed: Whether to allow client's registration with the CipherTrust Manager. Select to allow, clear to deny registration. By default, the registration is not allowed.

   • Communication Enabled: Whether to enable the client's communication with the CipherTrust Manager. Select to enable, clear to disable communication. By default, the communication is disabled. This can only be enabled when Registration Allowed is enabled.

5. Click Next.

Add GuardPoint (Optional)

Optionally, you can create GuardPoints on the manually added client. CTE supports creation of all types of GuardPoints on such clients.

On the Add GuardPoint screen:

1. Click Create GuardPoint.

2. Select a Policy. Refer to Policy Type under Creating Policies > Step 1: Specify General Information for details.

3. Specify the Type of the GuardPoint. Refer to Automatic and Manual GuardPoints for details on types of GuardPoints.

4. (COS GuardPoints only) Select the Cloud Storage Type.

5. Specify the Path (or URL for a COS GuardPoint) to be protected. Refer to Managing GuardPoints for details.

6. Configure Preserve Sparse Region, Secure Start, and/or Auto Mount as appropriate. The options vary based on the selected policy.

7. Click Create.

The newly created GuardPoint appears in the list.

Confirmation

On the Confirmation screen:

1. Verify the client details. The Confirmation screen displays general information about the client and details of the GuardPoints added to the client.

   If the details are incorrect or you want to modify them, click Back and update the details.

2. Click Save.

The newly created client appears in the clients list.

Searching Clients

The Clients page on the CipherTrust Manager GUI shows the list of registered clients.

To search for a registered client:

1. Log on to the CipherTrust Manager GUI as administrator.

2. Open the Transparent Encryption application. The Clients page is displayed. This page lists the clients added to this CipherTrust Manager appliance.

3. In the Search box, enter the client name. Search is case-insensitive. You can enter all or part of a client name. A partial client name displays every client with a name that contains the specified string.

Viewing Clients

The Clients page shows the total number of clients, clients with errors, clients with warnings, healthy clients, unregistered clients. The Status Bar contains the following tabs:

• Total Clients: Shows the total number of registered and unregistered clients with all types of health status.

• Errors: Shows the number of clients with errors.

• Warnings: Shows the number of clients with warnings.

• Healthy: Shows the number of healthy clients.

• Unregistered: Shows the number of unregistered clients.

• Expunged: Shows the number of expunged clients.

Click each tab to filter the clients. The clients list displays names of clients in the CipherTrust Manager database and details about their configuration.

To view the clients registered with a CipherTrust Manager:

1. Open the Transparent Encryption application.

2. Click Clients > Clients. The clients list shows the following details:

   

   Column	Description
   Status	Health status of the client: • Healthy • Error • Warning • Unregistered • Expunged When a registered client is uninstalled, its status on the Clients page becomes Unregistered. The status of a deleted client becomes Expunged.
   Client Name	Name link of the client on the CipherTrust Manager.
   OS Type	OS running on the client: • AIX • Linux • Windows
   Details	Version of the kernel installed on the client. For Windows clients, NA is displayed.
   Agent Version	Version of the CTE Agent installed on the client.
   Description	Description to identify the client.
   Encryption Modes	Encryption mode(s) used to protect GuardPoints on the client, for example, CBC, CBC_CS1, and XTS.
   Upgrade On Reboot	When the next upgrade of the CTE Agent is scheduled. None is displayed if the upgrade is not scheduled. For unregistered clients, the field remains blank.

   The Encryption Modes and Upgrade On Reboot columns are hidden by default. To show/hide a column, click the custom view icon (), select/clear the desired column, and click OK.