SafeNet Luna SA User Manual

Overview of the document's purpose and structure, including key sections and their page numbers.

Explains standard conventions used for user interface and important information alerts.

Details how to contact technical support for installation, registration, or operation issues.

Describes the multiple identities and functions available to map to roles and functions in an organization.

Details the default and custom administrative user accounts and their assigned roles.

Explains the consequences of restoring user profiles from backup, including potential data loss or security issues.

Discusses security considerations for shell accounts, especially in exposed network positions.

Explains the subdivision of the Partition Owner role into Crypto Officer and Crypto User for enhanced security.

Details how administrative and user roles are invoked and managed within the system.

Describes the system's response to multiple failed login attempts for security.

Covers planning for cloning domains for HSM SO space and partitions.

Guides planning for PED Key options and choices before actions that invoke PED Keys.

Explains the meaning of prompts from the PED when key/access secrets are invoked.

Details essential network parameters and information required before configuration.

Lists software and system requirements for client workstations connecting to the appliance.

Provides recommendations for bandwidth, latency, and network settings for optimal Luna appliance performance.

Guides on establishing an initial serial connection to the Luna appliance for configuration.

Details the initial login process and changing the default administrative password.

Explains how to set the system date, time, and timezone for accurate operation and certificates.

Guides on setting the appliance's IP address, subnet mask, gateway, and DNS settings.

Instructions for establishing an ethernet connection to the network after configuration.

Describes generating a new server certificate for enhanced security.

Provides guidance on handling authentication errors during HSM initialization.

Explains the recovery process for the Secure Recovery Vector (SRK) if the HSM was shipped in Secure Transport Mode.

Outlines the steps required before initializing a PED-version Luna SA HSM, including checking its state.

Guides on establishing a serial terminal or SSH connection for HSM initialization.

Describes how to modify HSM policies for Password Authentication.

Details how to modify HSM policies for PED (Trusted Path) Authentication.

Outlines the steps for creating an HSM Partition using Password Authentication.

Guides on creating an HSM Partition and setting its password.

Details the process for creating an HSM Partition using PED (Trusted Path) Authentication.

Guides on creating and initializing an HSM Partition using a PED.

Instructs on how to record the generated partition client password for authentication.

Shows how to display the current policies of a created HSM Partition.

Provides instructions on how to modify a Partition Policy for a given Partition.

Outlines the steps for preparing a client system for network connection and certificate exchange.

Guides on importing the HSM appliance server certificate onto the client.

Details creating a Network Trust Link with the Luna SA appliance from Windows.

Explains how to register the HSM server certificate with a Windows client.

Guides on creating a client certificate and private key for Windows clients.

Details sending the client certificate to the HSM appliance from Windows.

Details creating a Network Trust Link with the Luna SA appliance from UNIX/Linux.

Guides on creating a client certificate and private key for UNIX/Linux clients.

Details sending the client certificate to the HSM appliance from UNIX.

Explains registering the client certificate with the HSM Server.

Assigns a registered client to a specific HSM Partition.

Guides on verifying the client and HSM configuration and registration.

Explains configuring Host Trust Links for secure connections to trusted hosts.

Details synchronizing the appliance with an NTP server for accurate time.

Describes setting up multiple HSMs for redundancy and load balancing.