Installing and Registering the CTE Agent Software on Windows
Install the CTE Agent software with the CTE-LDT feature on each host you want to protect. The following procedure describes how to use the interactive installer to install CTE and register CTE-LDT on a Windows host. For additional registration options, see the CTE Agent for Windows Advanced Configuration and Integration Guide.
Prerequisites
The following prerequisites must be met for CTE to install and register to CipherTrust Manager properly:
-
CipherTrust Manager installed and configured. See CipherTrust Manager Documentation for more information.
-
CipherTrust Manager must contain a Client Profile. See Changing the Profile for more information.
-
CipherTrust Manager must contain a registration token. See Creating a Registration Token.
-
Optionally, the name of the host group you want this client to be a part of.
-
CipherTrust Manager must contain an LDT Communication Group if you will use CTE to guard data over CIFS/NFS shares using LDT policies. See Managing LDT Communication Groups for more information.
Procedure
-
Log on to the host as a Windows user with System Administrator privileges.
-
Copy the CTE installation file onto the Windows system.
-
Double-click the installation file. The InstallShield Wizard for CipherTrust Transparent Encryption opens.
-
Verify the version of CTE you are installing and click Next.
-
On the License Agreement page, accept the License Agreement and click Next.
-
On the Live Data Transformation for network shares page:
-
On this server, do you plan to protect CIFS/SMB-based GuardPoints with Live Data Transformation (LDT) add on? If so, select yes.
-
Select No if you:
-
Are using a DSM.
-
Plan to create local file system GuardPoints with standard and LDT policies on this host.
-
Apply GuardPoints on local CIFS shares using standard or LDT policies.
-
When you are done, click Next.
-
-
On the Destination Folder page, click Next to accept the default folder or click Change to select a different folder. When you are done, click Next.
• Thales recommends that you install CTE in the default installation directory,
C:\Program Files\Vormetric\DataSecurityExpert\agent\
• You must install the CTE Agent on the same drive as Windows. For example, if Windows is installed on theC:
drive, you must install the CTE Agent on theC: drive
. -
On the Ready to Install page, click Install. When the installation is finished, the Install Shield Wizard Completed window opens.
-
In the Register Host dialog box, verify the host's machine name and click Next.
-
On the Gathering agent information page, select the File System check box and click Next.
-
On the Gathering Key Manager information page, enter the FQDN or IP address of the primary CipherTrust Manager.
The default communication port is 443. If you want to specify a different communication port, enter it with the primary key manager host name in the format: <hostName>:<port#>. For example:10.3.200.141:8445.
When you are done, click Next. CTE communicates with the selected CipherTrust Manager to validate what features have been licensed and are available to the CTE Agent.
-
On the Gathering host name information page:
-
Specify the host name or IP address of the client. You can select the host name from the drop-down list or type it in the field.
-
To prevent cloning, select Enable Hardware Association. For details, see Hardware Association Feature.
-
If you want to have CipherTrust Transparent Encryption - Live Data Transformation available on the client, select Enable LDT Feature. For details on CTE-LDT, see CTE-Live Data Transformation with CipherTrust Manager.
When you are done, click Next.
-
-
On the Gathering registration information page, enter the following:
-
Registration token: The registration token for the CipherTrust Manager with which you want to register this host.
-
Profile name: The name of the profile that you want to associate with this host. This name must match exactly the name of the profile in the CipherTrust Manager. If you do not specify a profile name, the CipherTrust Manager associates the default client profile with this client.
-
Host group (optional): The name of the client group to which the client will be added.
-
Host description (optional): A user-defined description of the client. This description will be displayed in the CipherTrust Manager.
-
LDT Communication Group: If you are planning on using LDT over CIFS/NFS on a CipherTrust Manager, enter the name of the LDT Communications Group that this node will join. See Adding Clients to an LDT Communication Group for more information.
The registration token, profile name, client group name and LDT Communication Group name are case-sensitive. If any of these are entered incorrectly, the client registration will not succeed. If the registration fails, click Back in the installer and verify that the case is correct for all entries on this page.
When you are done, click Register. CTE contacts the CipherTrust Manager and attempts to register the client with the specified options. The Register Host dialog box displays a message with the results of the registration request.
If the registration completed successfully, click Finish.
-
-
Restart the client to complete the installation process on the client.
-
After the host has rebooted, you can verify the installation by checking CTE processes:
-
In the system tray of the protected host, right-click the CipherTrust Lock icon.
-
Select Status. Review the information in the Status window to confirm that the correct CTE version is installed and registered.
-
If you are using CipherTrust Manager version 2.2 or later, you can now use CipherTrust Manager to administer CTE on the client.
If you are using CipherTrust Manager version 2.1 or earlier, change the client password using the manual password creation method. This password allows users to access encrypted data if the client is ever disconnected from the CipherTrust Manager. For details on changing the password, see the CipherTrust Manager documentation.
-
-