Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Policy and GuardPoint Management

Creating a GuardPoint on a CIFS Share Drive on CipherTrust Manager

search

Please Note:

printsuggest an editpdf paneldownload

Creating a GuardPoint on a CIFS Share Drive on CipherTrust Manager

Creating GuardPoints on a CIFS share drive requires you to add the CIFS share drive to CM as a connector first, and then select it as a network drive.

To add the CIFS share in the CipherTrust Manager Connection Manager, see Adding a CIFS Connector for CipherTrust Manager.

Note

For the host name, use the IP address if the host name does not work.

copy link to clipboardGuardPoint Naming

When creating GuardPoints in a CIFS share, you must use the UNC name. A Universal Naming Convention (UNC) format name defines the location of files and other resources that exist on a network. UNC provides a format so that each shared resource can be identified with a unique address.

UNC names must conform to the \\SERVERNAME\SHARENAME syntax, where SERVERNAME is the name of the Provisioning Server and SHARENAME is the name of the shared resource.

  • UNC names can also include the directory path:

    \\SERVERNAME\SHARENAME\DIRECTORY\FILENAME

  • To define a folder that contains a configuration database file in:

    C:\Program Files\Oracle\customer_data

    • On the shared server, enter:

      \\server1\customer_data

copy link to clipboardSelecting the CIFS Share Drive for Guarding

When you create a GuardPoint for CIFS shares, you will have more options when browsing for the file system to guard. You can select to guard a local path, or a network path.

To create the GuardPoint on the CIFS share:

  1. In CTE, select Clients.

  2. Click on the Client to access it.

  3. Click Create GuardPoint.

  4. Select a policy and type.

  5. For Path, click Browse.

  6. In the Browse Path dialog, select Network Path.

  7. Enter the User Name and **Password for the CIFS share drive.

  8. Enter a domain/IP address for the CIFs share drive.

  9. Enter the UNC name for the Network Path.

  10. Click Refresh to test the connection.

  11. Select the directories to guard.

  12. Click Add.

  13. In the Create GuardPoint window, select the SMB connection to use.

  14. Click Create.

copy link to clipboardUse the GuardPoint Settings on another GuardPoint

  1. If you want to guard another GuardPoint on a different path, click yes to the question: Would you like to use these GuardPoint settings on another guard point with a different path?

  2. Select the path for the GuardPoint and click Create.

copy link to clipboardVerifying the GuardPoint

  • Before starting the application or accessing the data, you must ensure that the GuardPoints are guarded successfully. Check the status on CM or by running the voradmin ldt stats command.

  • For Linux, LDT Communication Group member hosts cannot guard or unguard GuardPoints that have single file rekey jobs in progress. Attempts to guard or unguard result in a warning message and the operation is automatically retried until all single file rekey jobs are finished and the state of the GuardPoint can be changed.

copy link to clipboardAccessing the GuardPoint

If a GuardPoint is applied on a CIFS share on a CTE client, you can only access the data from a CTE client that has CTE installed on it. You cannot access the CTE client from an agent that does not have CTE installed.

On this page