Interactive Installation on Windows

The Windows interactive install uses a standard InstallShield wizard that asks you a series of questions during the installation. You can also install CTE using a silent installer which pre-packages the install information. This allows you to install CTE on a large number of hosts. (For more information, see Silent Installation on Windows).

After you install CTE, you are prompted to register it immediately with a key manager. CTE must be registered with a key manager before you can protect any of the devices on the host. However, you may postpone the registration if you plan to register CTE later.

The following procedure describes how to install the CTE Agent on the host and then register the CTE Agent with a CipherTrust Manager..

Prerequisites

The following prerequisites must be met for CTE to install and register to CipherTrust Manager properly:

• CipherTrust Manager installed and configured.

• CipherTrust Manager must contain a Client Profile. See Changing the Profile for more information.

• CipherTrust Manager must contain a registration token. See Creating a Registration Token.

• Optionally, the name of the host group you want this client to be a part of.

• CipherTrust Manager must contain an LDT Communication Group if you will use CTE to guard data over CIFS/NFS shares using LDT policies. See Managing LDT Communication Groups for more information.

  LDT over CIFS/NFS is not supported with DSM.

Port Selection

The following port information applies to both Windows and Linux systems.

Communication through a Firewall

If a protected client must communicate with CipherTrust Manager through a firewall, see the CipherTrust Manager documentation to determine which of the ports must be opened through the firewall.

Communication with CipherTrust Manager

The default port for http communication between CipherTrust Manager and the CTE Agent is 443. If this port is already in use, you can set the port to a different number during the CTE Agent installation.

Communication for LDT over CIFS/NFS

All nodes that intend to use LDT over CIFS/NFS GuardPoint must have the following ports open:

• 7024

• 7025

Procedure

1. Log on to the host as a Windows user with System Administrator privileges.

2. Copy the CTE installation file onto the Windows system.

3. Double-click the installation file. The InstallShield Wizard for CipherTrust Transparent Encryption opens.

4. Verify the version of CTE you are installing and click Next.

5. On the License Agreement page, accept the License Agreement and click Next.

6. On the Destination Folder page, click Next to accept the default folder or click Change to select a different folder. When you are done, click Next.

   • Thales recommends that you install CTE in the default installation directory, C:\Program Files\Vormetric\DataSecurityExpert\agent\
   • You must install the CTE Agent on the same drive as Windows. For example, if Windows is installed on the C: drive, you must install the CTE Agent on the C: drive.

7. On the Ready to Install page, click Install. When the installation is finished, the Install Shield Wizard Completed window opens.

8. On the InstallShield Wizard Completed page, make sure the Register CipherTrust Transparent Encryption now option is selected and click Finish. The installer opens the Register CipherTrust Transparent Encryption wizard.