Manuale d’uso / di manutenzione del prodotto ET1000A del fabbricante Black Box
Vai alla pagina of 48
B L A C K B O X ® The Encr yp Tight ™ Man ager Inst al la tion Guide pro vid es detail ed i n f or ma ti on on ho w t o instal l and conf igure Encr yp Tight Manager sof t ware. EncrypT ight Installation Guide E T 0 010 A E T 010 0 A E T 10 0 0 A ET 1 0000 A Ord er toll -free in th e U.
.
EncrypTight Manager Installation Guide 3 T able Of Content s About This Document ................................ ..................................................... ..............5 EncrypTight Manager 3.3 Installation Options ......................
4 EncrypTight Manager Installation Guide Procedure 0. copying drives wit h dd (only for non-RAID s ystems!!!!) ................. .......... 27 Procedure 1. Backing up the entire filesys te m ............. ................ ................ ............
EncrypTight Manager Installation Guide 5 Preface About This Document Purpose The EncrypT ight Manager Insta llation Guide provides detailed i nformation on how to in stall and configure EncrypT ight Manager software.
Preface 6 EncrypTight Manager Installation Guide Black Box Corporation 1000 Park Drive Lawrence, P A 15055-1018 email: info@b lackbox.com Cont acting Customer Support T echnical support services are accessible through the Black Box support center .
EncrypTight Manager 3.3 Installation Options EncrypTight Manager Installation Guide 7 EncrypT ight Manager 3.3 Inst allation Options • V irtual Machines • EncrypT ight-Manager-3.3-standalone • EncrypT ight-Manager-3.3 • single server • cluster high availabilit y • single server disaster recovery • Hardware • EncrypT ight-Manager-3.
8 EncrypTight Manager Installation Guide EncrypT ight-Manager-3.3 • A vailable in 32 and 64 bit architectures • Expects to be run in an environment where the VM has at least 2GB of RAM and 40GB of disk • This virtual machine is set up so that when it first boot s it will initialize the operating system for use by EncrypTight Manager.
Firewall Information EncrypTight Manager Installation Guide 9 Firewall Information Servers in cl uster must hav e the follow ing ports avai lable: TCP 21 TCP 2221 TCP 22 TCP 80 TCP 8080 TCP 443 TCP 8443 TCP 8764 TCP 5432 TCP 47788 TCP 47799 UDP 45588 UDP 46688 UDP 45599 UDP 46699 NOTE These ports are made available b y default.
10 EncrypTight Manager Installation Guide Figure 1 EncrypT ight Manager Con sole view Configuring Networking Parameters Once the machine is running, you can configure networking parameters. This includes assigning a st atic IP address, netmask, and gateway address.
Installation Examples EncrypTight Manager Installation Guide 11 4T y p e 1 and press Enter to exit the menu. Note that you can use the same menu to assign a host name, specify a DNS server , set up a proxy server , or view the current networking configurati on.
12 EncrypTight Manager Installation Guide • Modify the /opt/scrip ts/policyserver-init.conf and set the fo llowing. Emacs, na no, and vi are available on the OS.
Installation Examples EncrypTight Manager Installation Guide 13 NOTE Support for a crossover cable conn ection between node1 and node2 has been added in the hardware cluster installation.
14 EncrypTight Manager Installation Guide Disaster Recovery Option If this cluster is going to have a disaster recov ery site assigned to it then you need t o modify the following section of the /opt/scripts/policyserver-init.
Installation Examples EncrypTight Manager Installation Guide 15 Ordering of actions is import ant. Y ou should install in the following steps: 1 Power on both servers 2 Assign IP to server #1 3 Assign IP to server #2 4 Make sure that server #1 can see server #2 on the network 5 Run /etc/init.
16 EncrypTight Manager Installation Guide ## comma separated list of hosts to check # heartbeatHosts= # # ######################################################################## ####### Run the installation script on the Main site: /etc/init.d/policyserver-ins tall Disaster Recovery Site • Assign an IP to the DR site install ation.
EncrypTight Manager Upgrade of an Existing ETM Instance EncrypTight Manager Installation Guide 17 > /etc/init.d/policyserver s top Once that is down you can see that the di saster recovery picks up rekeys by viewing the DR logs on the DR Machine: > tail -f /opt/jboss/server/ policyserver/log/server.
18 EncrypTight Manager Installation Guide Optional - V erify the downloaded upgrade bin f ile. • Download and scp the public key pubkey .txt over to the ETM server . # scp pubkey.txt root@19 2.168.X.X:/opt/upgrade/ • Scp the external signature for the upgrade bin: # scp policyserver-upgra de-<VERSION>.
EncrypTight Manager Upgrade of an Existing ETM Instance EncrypTight Manager Installation Guide 19 **************************** ***************************************** **** ******** UPGRADE: Examining System, Please Wait.
20 EncrypTight Manager Installation Guide Finished server backup Running through the upgrades available **************************** ***************************************** ** Performing upgrade to 3.1 Application upgrade... upgrade ../../common/ear/cip her.
EncrypTight Manager Upgrade of an Existing ETM Instance EncrypTight Manager Installation Guide 21 Upgrading the policyserver-i nit.conf Upgrading the database schem a sql Upgrading the system scripts ############################ ######################################### ## Upgrade process complete.
22 EncrypTight Manager Installation Guide gpg: Signature made Mon 12 Dec 2011 03:19:38 PM EST using DSA key ID 9B705669 gpg: Good signature from "Black Box (Policy Server) <support@blac kbox.com>" gpg: WARNING: This key i s not certified with a trusted signature! gpg: There is n o indication that the signature belongs t o the owner.
EncrypTight Manager Upgrade of an Existing ETM Instance EncrypTight Manager Installation Guide 23 YOU MUST wait for the upgrade to complet e before continuing EXAMPLE : Upgrade from 3.2.3 971 to 3.3.4364: [root@PIT -ETM-N1 upgrade]# ./po licyserver-upgrade-3.
24 EncrypTight Manager Installation Guide scp_host not set, no t scp-ing /opt/upgradebackup/db-back up-2012-02-15-18-54-v.sq l.gz backup anywhere keeping backup 1: /opt/upgra debackup/db-backup-2012-02-15-18-54-v.sql .gz Finished db-backup done. Backing up the server dirs: / opt/ftpserverdir /opt/filestore /opt/jbos s/server/p olicyserver.
Backup and Restore of EncrypTight Manager EncrypTight Manager Installation Guide 25 [root@PIT-ETM-N1 upgrade ]# /etc/init.d/policyserver start Server is starting, chec k the log files for application .
26 EncrypTight Manager Installation Guide Backup component s provided by ETM EncrypT ight Manager provides mechanisms for backing up its datab ase, and also for backing up the ETM software.
Backup and Restore of EncrypTight Manager EncrypTight Manager Installation Guide 27 Other hardware component failures If some component other than a drive has failed, that component could be replaced in the field, or the server could be RMA'd back to Black Box.
28 EncrypTight Manager Installation Guide tar cvpzf backup.tgz --exclude=/proc --exclude=/los t+found --exclude=/backup.tgz --exclude=/mnt --exclude=/sy s / Please familiarize yourself with the tar command and its arguments. The man pages are included in the ETM distro.
Backup and Restore of EncrypTight Manager EncrypTight Manager Installation Guide 29 • Backup Server scp User • Backup Server scp Password Also note that the ETM root di r is /opt/jboss/server/po licyserver, and that the /opt/scripts directory is a symlink to /opt/jbo ss/server/policyserver/scripts, so that di rectory will be backed up.
30 EncrypTight Manager Installation Guide If you changed the database userid or password, you wil l have to supply those opti ons as well. [root@policyserver log]# /op t/scripts/db-import.
Appendices EncrypTight Manager Installation Guide 31 Appendices Hardware Disaster Recovery Cluster Inst all If you are going to have the disaster recovery cl us ter on node1 = 192.168.80.3 and node2 = 192 .168.80.4 then you would run like this on both installs: • Modify the /opt/scrip ts/policyserver-init.
32 EncrypTight Manager Installation Guide ######################################################################## ####### ######################################################################## ####.
Appendices EncrypTight Manager Installation Guide 33 UDP 45599 UDP 46699 Ordering of actions is import ant. Y ou should install in the following steps: 1 Power on both servers 2 Assign IP to server #1 3 Assign IP to server #2 4 Make sure that server #1 can see server #2 on the network 5 Run /etc/init.
34 EncrypTight Manager Installation Guide EncrypT ight Manager OV A Deployment Using vS phere Client Applications Y ou need to install vSphere Clien t onto your workstation. The vSphere Client software is only available for Windows platforms. Open up the VMware vSphere Client software.
Appendices EncrypTight Manager Installation Guide 35 Figure 3 Inst alling the CSM OV A Click on the menu opti on File -> Deploy OVF T emplate... This will bring up the O VF T emplate Deploy dialog:.
36 EncrypTight Manager Installation Guide Figure 4 Deploy OVF T e mplate Select the "Deploy from fi le" option. Copy and paste the ova link that i s generated from the CSM build server .
Appendices EncrypTight Manager Installation Guide 37 Figure 5 OVF T emplate Det ails Select Next. Y ou will see the Name and Location. Here you will enter a Name for yo ur virtual machine that will be created.
38 EncrypTight Manager Installation Guide Figure 6 Name and Location Select Next. Y ou will see the Host / Cluster selection. Se lect the Simulators -> v mhost1.
Appendices EncrypTight Manager Installation Guide 39 Figure 7 Host / Cluster Select Next. Y ou will see the Resource Pool selection. Select the vmhost1 .
40 EncrypTight Manager Installation Guide Figure 8 Resource Pool Select Next. Y ou will see the Datastore selection. Y ou can select any of the available Datastores.
Appendices EncrypTight Manager Installation Guide 41 Figure 9 Dat astore Select Next. Y ou will see the Ready to Complete screen..
42 EncrypTight Manager Installation Guide Figure 10 Ready to Complete Select Next. Now vSphere will import the ova into the CSM T esting Reso urce Pool. Y ou will see a dialog w ith the progress and a complete message once it is done. Y ou can close the complete message.
Appendices EncrypTight Manager Installation Guide 43 Figure 1 1 Basic T asks Once the VM begins to power up yo u right click on the VM and select “Op en Console”.
44 EncrypTight Manager Installation Guide Figure 12 Main Screen Setup Networking Once you are on the main blue screen of the virtual machine appliance you can click yo ur mouse inside of it. The virtual machine now has control of your mous e. Y ou will have to type "Ctrl+Alt " to release the mouse from it.
Appendices EncrypTight Manager Installation Guide 45 Figure 13 Main Network Config Now you will be able to en ter your IPv4 address informatio n: Configure an IPv4 address for eth0? y /n n: y Use a DHCPv4 Server instead of a static IPv4 address? y/n n: n IPv4 Address []: 192.
46 EncrypTight Manager Installation Guide Figure 14 Default Gateway Enter 0 for the interface to configure. Enter 192.168.1.1 for the Gatewa y . (Optional) If you need to setup DNS fo r external acce ss from the VM select option 4 from the menu and enter the DNS IP settings.
.
72 4 - 7 4 6 -5500 | blac kbo x.c om About Bl ack B ox Black Box Net work Ser vices is your source for an ex tensive range of net working and infra struc ture product s.
Un punto importante, dopo l’acquisto del dispositivo (o anche prima di acquisto) è quello di leggere il manuale. Dobbiamo farlo per diversi motivi semplici:
Se non hai ancora comprato il Black Box ET1000A è un buon momento per familiarizzare con i dati di base del prodotto. Prime consultare le pagine iniziali del manuale d’uso, che si trova al di sopra. Dovresti trovare lì i dati tecnici più importanti del Black Box ET1000A - in questo modo è possibile verificare se l’apparecchio soddisfa le tue esigenze. Esplorando le pagine segenti del manuali d’uso Black Box ET1000A imparerai tutte le caratteristiche del prodotto e le informazioni sul suo funzionamento. Le informazioni sul Black Box ET1000A ti aiuteranno sicuramente a prendere una decisione relativa all’acquisto.
In una situazione in cui hai già il Black Box ET1000A, ma non hai ancora letto il manuale d’uso, dovresti farlo per le ragioni sopra descritte. Saprai quindi se hai correttamente usato le funzioni disponibili, e se hai commesso errori che possono ridurre la durata di vita del Black Box ET1000A.
Tuttavia, uno dei ruoli più importanti per l’utente svolti dal manuale d’uso è quello di aiutare a risolvere i problemi con il Black Box ET1000A. Quasi sempre, ci troverai Troubleshooting, cioè i guasti più frequenti e malfunzionamenti del dispositivo Black Box ET1000A insieme con le istruzioni su come risolverli. Anche se non si riesci a risolvere il problema, il manuale d’uso ti mostrerà il percorso di ulteriori procedimenti – il contatto con il centro servizio clienti o il servizio più vicino.