Configure the Time Out Failure
During the initial access to a Secure Start GuardPoint, the CTE agent sets a timer. The default duration is 30 seconds, but you can configure the duration. Minimum duration is one second, maximum duration is 300 seconds.
Data inside the GuardPoint is accessible without CipherTrust Manager connectivity until the timeout is reached. VMD service activates and makes a secure connection to the CipherTrust Manager. After the VMD makes a secure connection, the agent verifies that it is connected to correct CipherTrust Manager. If the VMD fails to connect to the CipherTrust Manager, the timeout is reached, and if AD is installed, the agent shuts down the system for data security purposes.
In DSRM mode, when the timeout occurs, CTE removes the keys from memory. However, CTE does not shut down the system.
In normal mode, CTE shuts down the AD server. For any other application, or if AD is not installed, Secure Start does not shut down the server. However, the data inside the GuardPoint becomes inaccessible until CipherTrust Manager connectivity is restored, or you issue a challenge/response, or password. After the timer has expired, CTE denies any further access to the Secure Start GuardPoint.
-
To configure the timeout duration in seconds, use the
voradmin ss settimeout <timeout>
command. For example:voradmin ss settimeout 220 Successfully completed the command settimeout Successfully set the Secure Start timeout value to 220 seconds
-
To verify the timeout duration, type:
voradmin ss gettimeout Successfully completed the command gettimeout Secure Start timeout value is set to 220 Seconds