Google Cloud Deployment
You can deploy a CipherTrust Manager instance in Google Cloud.
Minimum Requirements
To deploy a CipherTrust Manager instance, the following minimum requirements apply:
System volume: 50 GB for evaluation, 100 GB for production
Memory: 16 GB
vCPUs: 2
NICs: 1
Note
These minimum system requirements are for a system with light to moderate load. For applications that heavily load the system, additional memory and CPU allocation are required. The system volume holds all data as well as backups.
Deploying in Google Cloud
This section provides the steps for deploying a Virtual CipherTrust Manager instance from the Google Cloud Marketplace. Refer to the Google Cloud Platform documentation for general information on launching a VM in Google Cloud.
Prerequisites
CipherTrust Manager Image for Google Cloud.
If using a Windows client, use PuTTY or similar utility to SSH to your CipherTrust Manager instance as KeySecure Administrator (ksadmin).
If needed, use PuTTYgen or similar utility to format the SSH Key Pair.
If using a Linux client use SSH to login as KeySecure Administrator (ksadmin).
To launch a CipherTrust Manager instance
Using your gmail address, sign in to the Google Cloud Platform
In the Google Cloud Platform top banner, select a project or create a new one.
To create a New Project:
Select New Project.
Enter a Project Name and Project ID.
Enter a Location if you already have a parent organization you want to use.
Select Create.
The project's DASHBOARD appears.
Navigate to the Google Cloud Marketplace and search for "CipherTrust Manager" images.
On the results, select CipherTrust Manager.
Select Launch.
To create a CipherTrust Manager instance, review and modify these fields as needed:
Enter a Deployment name for the instance.
Select the Zone closest to your location.
Review that the Machine type is e2-standard-4 (4vCPU, 16 GB memory), which is optimized for Virtual CipherTrust Manager. If you want to change the Machine type, make sure the selection is in keeping with the minimum requirements.
Review Boot disk type and Boot disk size in GB. The default of Standard Persistent Disk and 100 fulfill the minimum requirements of the image.
In the Firewall section, ensure that checkboxes for Allow HTTP traffic and Allow HTTPS traffic are enabled.
Enable the checkbox to accept the GCP Marketplace Terms of Service and Thales - European Union - Frankfurt Terms of Service.
Select Deploy to launch the instance.
Your new virtual CipherTrust Manager is created and appears in Deployment Manager.
Click on the Site address for the newly created vCM.
A new browser tab opens to this address and the CipherTrust Manager web page appears.
You are prompted to enter an SSH key.
Note
We support OpenSSH for the public key format. The corresponding private key can be OpenSSH, PKCS1, or PKCS8 format. You can generate this key pair using 'PuTTYgen' or similar utility. Save this SSH Public Key at a safe location. You will need this key for future SSH access.
After replacing the default SSH Public Key, the Log In screen appears. For more options to replace the default SSH Public Key, see Starting Services After Deployment.
Log in using the initial default credentials for the root administrator: Username = admin, Password = admin
The following notice is displayed:
Note
If the default credentials do not work, you may need to retrieve an autogenerated password, as described in Changing the Initial Password.
Enter a new password using this default Password Policy:
Min length: 8 Max length: 30 Min number of upper cases: 1 Min number of lower cases: 1 Min number of digits: 1 Min number of other characters: 1
A new Login screen appears.
Using your new password, log in again. The CipherTrust Manager Web Page appears.
Congratulations! You have successfully deployed a CipherTrust Manager instance.
Note
Virtual CipherTrust Manager launches in Community Edition, with some restrictions on functionality. You can activate a 90 day trial evaluation for full functionality. To activate your instance with a trial evaluation, or a term or perpetual license, see Licensing.