Setting the adapter Transport Mode
The adapter transport mode allows an adapter HSM to be removed from the host system PCI bus without causing a tamper condition. A tamper will remove all sensitive material from the adapter including the adapter configuration, all keys, and certificates.
Setting the adapter transport mode is the responsibility of the device administrator and is performed using the ProtectToolkit-M administration utility.
To set the adapter Transport Mode
Caution
Transport Mode only disables the tamper response mechanism when removing the ProtectServer 3 PCIe adapter from the PCIe bus. Attempting any other hardware tamper procedure described in Hardware tamper procedures or physically attacking the ProtectServer 3 HSM will still result in a tamper response when a Transport Mode is enabled.
-
Launch the administration utility from the Start menu by selecting Start > Programs > SafeNet > ProtectToolkit M > gmadmin.
-
Select the desired adapter from the Active Adapters list.
-
Open the Adapter menu and choose Set Transport Mode.
-
The device administrator is now prompted to choose one of three possible transport modes:
-
None: To be applied when adapter is installed and configured. This mode will tamper the adapter if removed from the PCIe Bus.
-
Single: Adapter will not be tampered after removal from the PCIe bus. Adapter will automatically change to “None” Transport Mode the next time the adapter is reset or power is removed and restored.
-
Continuous: Adapter will not be tampered by being removed from the PCIe bus.
-
-
The administration utility will now prompt for the device administrator password.
Mode number Mode name Mode description 0 No Transport Mode (Default) Default mode that is applied when the HSM is installed and configured. This mode will tamper the HSM if it is removed from the PCI bus or any other hardware tamper procedure described in Hardware tamper procedures is attempted. 1 Single Transport Mode HSM will not be tampered by removal from the PCI bus and will automatically revert to No Transport Mode the next time the HSM is reset or power is removed and restored. 2 Continuous Transport Mode HSM will not be tampered by removal from the PCI bus.