Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Install and Configure CTE-U with CipherTrust Manager

Installation Prerequisites

search

Installation Prerequisites

This topic lists the tasks you must complete, and the information you must obtain, before installing CTE-U.

Prerequisites

Note

CTE-U v10.0.0, and all subsequent versions, support CipherTrust Manager v2.10 and all subsequent versions. It is not supported with previous versions of CipherTrust Manager.

Make sure you have the following information from the CipherTrust Manager Administrator:

  • The registration token for the CipherTrust Manager with which you plan to register the Agent.

  • The name of the profile you intend to assign to the client if you want to use a profile other than the default client profile.

  • Optionally, the name of the host group to which you want this client to be a part.

Packages

The following dependencies are prerequisites for a CTE-U installation.

  • libatomic1

  • libselinux1

  • libncurses5

For RHEL8 and subsequent versions, the following dependency is also required:

  • libnsl.so.1

Recommendations and Considerations

  • The host on which you want to install CTE-U must support AES-NI hardware encryption. If it does not, any attempt to install or upgrade CTE-U to release 10.0.0 or later will fail.

  • Thales recommends that you install CTE-U in the default location.

  • Do not install CTE-U on network-mounted volumes such as NFS.

  • Make the Installation root directory /opt a real directory.

Minimum System Requirements

GuardPoints Recommended Storage (RAM)
1 100 MB
10 1 GB
100 10 GB
1000 100 GB

Network Setup Requirements

  • The IP addresses, routing configurations, and DNS addresses must allow connectivity of the CipherTrust Manager to all clients where you install CTE UserSpace.

  • If the host is a virtual machine, the VM must be deployed and running.

Port Configuration Requirements

The following port information applies to both Windows and Linux systems.

Communication through a Firewall

If a protected client must communicate with CipherTrust Manager through a firewall, see the CipherTrust Manager documentation to determine which of the ports must be opened through the firewall.

Communication with CipherTrust Manager

The default port for http communication between CipherTrust Manager and the CTE Agent is 443. If this port is already in use, you can set the port to a different number during the CTE Agent installation.

Limitations

  • The Linux Kernel FUSE driver does not support odirect + mmap for any FUSE file systems. As such, use of odirect + mmap on CTE-U is not supported and attempting to memory map a file opened with the odirect flag will fail.

On this page