PEDserver and PEDclient

You can use the PEDserver and PEDclient utilities to manage your remote PED devices.

The PEDserver Utility

PEDserver is required to run on any computer that has a SafeNet Remote PED attached, and is providing PED services.

The PEDserver utility has one function. It resides on a computer with an attached Luna PED (in Remote Mode), and it serves PED operations to an instance of PEDclient that operates on behalf of an HSM. The HSM could be local to the computer that has PEDserver running, or it could be on another HSM host computer at some distant location.

PEDserver can also run in peer-to-peer mode, where the server initiates the connection to the Client. This is needed when the Client (usually SafeNet Luna Network HSM) is behind a firewall that forbids outgoing initiation of connections. See Backup and Restore From the Client to a Remote Backup HSM (LunaCM, RBS) for more information.

See pedserver.

The PEDclient Utility

PEDclient is required to run on any host of an HSM that needs to be served by a Remote Luna PED. PEDclient must also run on any host of a Remote Backup HSM that will be serving remote primary HSMs.

The PEDclient utility performs the following functions:

>It mediates between the HSM where it is installed and the Luna PED where PEDserver is installed, to provide PED services to the requesting HSM(s).

>It resides on a computer with RBS and an attached SafeNet Luna Backup HSM, and it connects with another instance of PEDclient on a distant host of an HSM, to provide the link component for Remote Backup Service.

>It acts as the logging daemon for HSM audit logs.

NOTE   PEDclient exists on the SafeNet Luna Network HSM appliance, but is not directly exposed. Instead, the relevant features are accessed via LunaSH hsm ped commands. See hsm ped in the LunaSH Command Reference Guide.

Thus, for example, in the case where an administrative workstation or laptop has both a Remote PED and a Remote Backup HSM attached, PEDclient would perform double duty. It would link with a locally-running instance of PEDserver, to convey HSM requests from the locally-connected Backup HSM to the locally-connected PED, and return the PED responses. As well, it would link a locally-running instance of RBS and a distant PEDclient instance to mediate Remote Backup function for that distant HSM's partitions. See Backup and Restore From the Client to a Remote Backup HSM (LunaCM, RBS) in the Administration Guide for more information.

See pedclient.


Customer Support Portal

SafeNet Luna Network HSM 7.1 Product Documentation  13 December 2019  Copyright 2001-2019 Thales Group. All rights reserved.