Creating a GuardPoint on a CIFS Share Drive on CipherTrust Manager

Creating GuardPoints on a CIFS share drive requires you to add the CIFS share drive to CM as a connector first, and then select it as a network drive.

To add the CIFS share in the CipherTrust Manager Connection Manager, see Adding a CIFS Connector for CipherTrust Manager.

GuardPoint Naming

When creating GuardPoints in a CIFS share, you must use the UNC name. A Universal Naming Convention (UNC) format name defines the location of files and other resources that exist on a network. UNC provides a format so that each shared resource can be identified with a unique address.

UNC names must conform to the \\SERVERNAME\SHARENAME syntax, where SERVERNAME is the name of the Provisioning Server and SHARENAME is the name of the shared resource.

• UNC names can also include the directory path:

  \\SERVERNAME\SHARENAME\DIRECTORY\FILENAME

• To define a folder that contains a configuration database file in:

  C:\Program Files\Oracle\customer_data

  • On the shared server, enter:

    \\server1\customer_data

Selecting the CIFS Share Drive for Guarding

When you create a GuardPoint for CIFS shares, you will have more options when browsing for the file system to guard. You can select to guard a local path, or a network path.

To create the GuardPoint on the CIFS share:

1. In CTE, select Clients.

2. Click on the Client to access it.

3. Click Create GuardPoint.

4. Select a policy and type.

5. For Path, click Browse.

6. In the Browse Path dialog, select Network Path.

   

7. Enter the User Name and **Password for the CIFS share drive.

8. Enter a domain/IP address for the CIFs share drive.

9. Enter the UNC name for the Network Path.

10. Click Refresh to test the connection.

11. Select the directories to guard.

12. Click Add.

13. In the Create GuardPoint window, select the SMB connection to use.

14. Click Create.

    

Use the GuardPoint Settings on another GuardPoint

1. If you want to guard another GuardPoint on a different path, click yes to the question: Would you like to use these GuardPoint settings on another guard point with a different path?

2. Select the path for the GuardPoint and click Create.

Verifying the GuardPoint

• Before starting the application or accessing the data, you must ensure that the GuardPoints are guarded successfully. Check the status on CM or by running the voradmin ldt stats command.

• For Linux, LDT Communication Group member hosts cannot guard or unguard GuardPoints that have single file rekey jobs in progress. Attempts to guard or unguard result in a warning message and the operation is automatically retried until all single file rekey jobs are finished and the state of the GuardPoint can be changed.

Accessing the GuardPoint

If a GuardPoint is applied on a CIFS share on a CTE client, you can only access the data from a CTE client that has CTE installed on it. You cannot access the CTE client from an agent that does not have CTE installed.