Device Overview
12. Configure payShield Manager
• Follow the instructions provided in the payShield Manager Quick start guide to complete the configuration of payShield Manager
13. Configuring the host ports
Depending upon the configuration connection required between the Host and the payShield 10K, you may require additional
information from your Network or Systems Support Group in order to complete this step.
• Using either the console or payShield Manager, configure the Host ports to suit your system requirements. The parameters you
need to enter will vary, depending upon the type of communications to be used.
Test the connection:
• The FICON board and transceivers can be tested using the FICNTEST console command. payShield Manager users can run this
from the payShield Manager virtual console. Note, that to run FICONTEST, you will need the loopback device provided with your
transceiver.
10. Connect using the console
The console terminal is pre-configured to communicate with the HSM via the USB-C to USB-A cable.
• Use the supplied USB-C to USB-A cable to connect the USB-C port on the front of the payShield 10K to your laptop
NOTE: If your laptop has a USB-C port, instead of a USB-A port, you will need to order or provide a standard USB-C to
USB-C cable.
• For Windows, ensure that all Windows updates have been applied and the laptop is connected to the internet before
connecting to the payShield. Upon connection, Windows will detect the new hardware and install the driver. The device
will appear as a new COM port.
• If the laptop cannot be connected to the internet, the drivers are available for download and manual installation from
the Microsoft Update Catalog: www.catalog.update.microsoft.com/Search.aspx?q=PI%20USB%20to%20serial
• Download the CAB file for the laptop operating system and extract the files into a folder
• Expand the "Other devices" section of the Device Manager and look for "Gadget Serial v2.4". Right click on that and select
the option to install the driver. Choose the option to browse for the driver and select the folder from the previous step.
• You may need to be signed in with an administrator account to install drivers
• Using a standard terminal emulation program, select the set-up for serial terminal emulation and configure it as follows:
• Baud Rate: 9600 bps
• Word Length: 8 bits
• Parity: None
• Stop Bits: 1 bit
Test the connection:
• Press the <Return> key on the console/laptop keyboard
The HSM should respond by displaying “Online>”, “Offline>”, or “Secure>” based on the position of the keys.
The appearance of this prompt indicates that the correct communications between the console and the HSM have been
established, but that no command has been entered.
Left key lock
Tamper light
Service light with serial number
Health LED
Smart card reader
Right key lock
USB-C
console port
Service light
on/off button
Ethernet
ports 1 & 2
Service LEDSerial number
2x Hot swappable fans
Erase Button
access
Printer ports
(Ethernet & USB-A)
Management
& Auxiliary
Erase
LED
Power
switch
2x Hot swappable power supplies
Power supply status LED
Fan status LED
© Thales Group - 2018-2021• 007-000856-001 Rev A
payShield 10K PS10-F
Installation Quick start guide
007-000856-001
> cpl.thalesgroup.com <
Contact us – For all office locations and contact information, please visit cpl.thalesgroup.com/contact-us
User Documentation
The payShield 10K user manuals are available for download from the Thales CPL support website: https://supportportal.thalesgroup.com/csm
NOTE: The HSM FICON interface supports speeds up to 32Gbp/s, with the option of 8Gbp/s or 16Gbp/s, if available. If using a
switched fabric, the connection switch must have the connecting port type set to fabric port.
11. Connect cables for payShield Manager
• payShield Manager provides a secure GUI interface with an authenticated, encrypted connection allowing a full remote
or local management of the payShield 10K
• Remote payShield Manager requires an Ethernet cable from the Management Port into your network
• If you are not using DHCP, then you may need to use the console to set up the static IP address for payShield Manager.
(Refer to the payShield Manager Quick start guide. For the Console, refer to the payShield 10K Console Guide.)
Remove from packaging:
• Remove the Accessories box
• Remove the payShield 10K from the packaging, checking that the tamper evident bag containing the unit is not tampered
• Check that the serial number on the tamper evident bag matches that supplied by email or shipment confirmation by Thales
Remove the accessories from the Accessories box.
Verify the shipment's contents:
• payShield 10K PS10-F Host Security Module
• HSM Rail Kit
• 2 AC power cables
• 4 Security keys in tamper evident bags (2 copies -- 4 total keys)
• USB-C to USB-A cable (for console connectivity)
Carry out the following checks:
• Check that the tamper evident bag containing the keys is not tampered and the serial number matches that supplied by email or
shipment confirmation by Thales
• Locate the serial number on the key tag and verify that it matches the serial number on the unit
1. Assure Safety
• Before installing, and using this product, please read the Warnings and Cautions in the following document: payShield 10K Regulatory User
Warnings & Cautions
• Either a FICON Short Wave Small form-factor pluggable
transceiver (SFP) or FICON Long Wave SFP (ordered
separately)
• Loopback device
• payShield 10K Regulatory User Warnings & Cautions
document
• payShield 10K PS 10-F Installation Quick start guide (this
document)
• payShield Manager Quick start guide
2. Unpack
• The way in which you do this will vary, depending upon your system configuration; for example: Ethernet environment – issue a
PING command (both from the payShield 10K to the Host, and from the Host to the payShield 10K)
To Next Page
Need help?
General
