|
Home > |
|---|
See the table below for a simple breakdown of the normal tasks and if/how the PED and PED keys might apply.
|
Situation |
Needs |
Action with PED and PED keys |
|---|---|---|
|
Setup/configuration |
•Appliance admin password (only for SafeNet Luna Network HSM), blue, red and black PED keys and PED. •Network connection to the appliance from your administrative PC, and preferably also a local serial connection. •Optionally an orange PED key if an RPK was already created and you are performing these actions remotely. |
You perform the HSM initialization, create Partition Groups, and set up a redundant, load-sharing HA group with other SafeNet Luna HSM appliances. This is performed before first putting the unit into “production.” The PED keys are required at several stages, as well as the PED. |
|
Occasional Maintenance of HSM |
•Appliance admin password •Blue and black PED keys, possibly the red if you need to initialize a new cluster member, and the PED. •Network connection to the appliance.appliance. |
Add and remove HA-group members, modify number and assignment of Partitions/Groups, enable and disable. You might need some or all PED keys for authentication, depending on the activity. |
|
Occasional Maintenance of appliance (non-HSM part) |
•Appliance admin password |
None. You just login as appliance admin and perform any needed task related to network settings, logging, snmp, or other non-HSM chores. No PED key or PED use is needed when you are not logging into the HSM, within the appliance. |
|
Client access to their assigned cluster partitions |
•Clients need their own authentication that is set up when clients are registered; no PED key or PED required. •Network connection from the client(s) – which, depending on your application, might be other servers serving further downstream clients, or might be end-user client computers. |
None. You would normally have activated/auto-activated the HA-group members (in other sections of this table), and put the PED and PED keys away in safe storage. |
|
PED key administration |
•A PED and whichever PED keys you wish. You can connect to any SafeNet Luna HSM that has the proper connector – This is to power the PED only. Alternatively, you can use the PED power supply kit provided with Remote PED. |
While you can perform some PED key administration during HSM operations (mentioned elsewhere). You can also just power up the PED, go to Admin mode (instead of the default Local PED mode), and perform actions like creating duplicates of your existing, imprinted PED keys. No HSM access is required. |
If you ever discover a situation where our implementation seems inconsistent, please let us know by contacting support@safenet-inc.com. We will either fix it or explain why it is not considered a problem.