Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Installing and Registering CTE

Registration with Windows

search

Please Note:

Registration with Windows

The following procedure describes how to register the CTE Agent after installation is complete.

Use the register_host utility to create certificate requests, exchange certificates between the CipherTrust Manager and the host, to enable ransomware detection, and to register CTE on the CipherTrust Manager. After the host is registered, if you selected to enable file system encryption, you can configure CTE, apply GuardPoints, or perform database backups. If you selected ransomware protection, you can apply the protection to volumes. Run the register_host utility in text mode on a terminal window.

caution

Caution

The default host registration timeout is 10 minutes. If the host is unable to reach the CipherTrust Manager within the allotted period because of an extremely slow network connection, set the REGISTER_HOST_TIMEOUT environment variable to extend the registration timeout. The variable value is an integer expressed in seconds. You might also have to extend the default TCP timeout.

  1. Log on to the host as a Windows user with administrative privileges.

  2. Launch the CTE Registration Wizard using one of the following methods:

    • In the system tray, right click the CipherTrust Lock icon and select Register Host.

    • Run C:\Program Files\Vormetric\DataSecurityExpert\agent\shared\bin\register_host.exe -vmd -silent.

  3. Reboot the system. CTE automatically displays the registration wizard if CTE is not already registered.

  4. In the Register Host dialog box, verify the host's machine name and click Next.

  5. On the Gathering agent information page, select one or both of the following options and click Next.

    • File System: Allows you to protect and encrypt CTE files with policies

    • Ransomware Protection: Protects volumes from ransomware

  6. On the Gathering Key Manager information page, enter the FQDN or IP address of the primary CipherTrust Manager.

    The default communication port is 443. If you want to specify a different communication port, enter it with the primary key manager host name in the format: :. For example:10.3.200.141:8445

    When you are done, click Next. CTE communicates with the selected CipherTrust Manager to validate what features have been licensed and are available to the CTE Agent.

  7. On the Gathering host name information page:

* Specify the host name or IP address of the client. You can select the host name from the drop-down list or type it in the field.

* To prevent cloning, select **Enable Hardware Association**. For details, see [Hardware Association Feature]({filename}/pages/user-manuals/win-adv/win-adv-getting/win-adv-config/win-adv-install.md#hardware-association-feature).

* If you want to have CipherTrust Transparent Encryption - Live Data Transformation available on the client, select **Enable LDT Feature**. For details on CTE-LDT, see **CTE-Live Data Transformation with CipherTrust Manager**.
  1. On the Gathering registration information page, enter the following:
* **Registration token**: The registration token for the CipherTrust Manager with which you want to register this host.

* **Profile name**: The name of the profile that you want to associate with this host. This name must match exactly the name of the profile in the CipherTrust Manager. If you do not specify a profile name, the CipherTrust Manager associates the default client profile with this client.

* **Host group** (optional): The name of the client group to which the client will be added.

* **Host description** (optional): A user-defined description of the client. This description will be displayed in the CipherTrust Manager.

* **LDT Communication Group**: If you are planning on using LDT over CIFS/NFS on a CipherTrust Manager, enter the name of the LDT Communications Group that this node will join. See [Adding Clients to an LDT Communication Group](https://www.thalesdocs.com/ctp/cm/latest/admin/cte_ag/cte-ldt-group/index.html#adding-clients-to-an-ldt-communication-group) for more information.
**The registration information is case-sensitive. If any of it is entered incorrectly, the client registration will not succeed. If the registration fails, click Back in the installer and verify that the case is correct for all entries on this page**.
{.warning}

When you are done, click **Register**. CTE contacts the CipherTrust Manager and attempts to register the client with the specified options. The Register Host dialog box displays a message with the results of the registration request.

If the registration completed successfully, click **Finish**.

  1. Restart the client to complete the installation process on the client.

  2. After the host has rebooted, you can verify the installation by checking CTE processes:

    1. In the system tray of the protected host, right-click the CipherTrust Lock icon.

    2. Select Status. Review the information in the Status window to confirm that the correct CTE version is installed and registered.

      • If you are using CipherTrust Manager version 2.2 or later, you can now use CipherTrust Manager to administer CTE on the client.

        If you are using CipherTrust Manager version 2.1 or earlier, change the client password using the manual password creation method. This password allows users to access encrypted data if the client is ever disconnected from the CipherTrust Manager. For details on changing the password, see the CipherTrust Manager documentation.

On this page