Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Encrypt Active Directory Database with Secure Start

Configure the Time Out Failure

search

Please Note:

Configure the Time Out Failure

During the initial access to a Secure Start GuardPoint, the CTE agent sets a timer. The default duration is 30 seconds, but you can configure the duration. Minimum duration is one second, maximum duration is 300 seconds.

Data inside the GuardPoint is accessible without CipherTrust Manager connectivity until the timeout is reached. VMD service activates and makes a secure connection to the CipherTrust Manager. After the VMD makes a secure connection, the agent verifies that it is connected to correct CipherTrust Manager. If the VMD fails to connect to the CipherTrust Manager, the timeout is reached, and if AD is installed, the agent shuts down the system for data security purposes.

Note

In DSRM mode, when the timeout occurs, CTE removes the keys from memory. However, CTE does not shut down the system.

In normal mode, CTE shuts down the AD server. For any other application, or if AD is not installed, Secure Start does not shut down the server. However, the data inside the GuardPoint becomes inaccessible until CipherTrust Manager connectivity is restored, or you issue a challenge/response, or password. After the timer has expired, CTE denies any further access to the Secure Start GuardPoint.

  1. To configure the timeout duration in seconds, use the voradmin ss settimeout <timeout> command. For example:

     voradmin ss settimeout 220
Successfully completed the command settimeout
Successfully set the Secure Start timeout value to 220 seconds

  2. To verify the timeout duration, type:

     voradmin ss gettimeout
Successfully completed the command gettimeout
Secure Start timeout value is set to 220 Seconds

On this page