Prepare for deployment of CipherTrust Manager KMS

To prepare for the deployment of CipherTrust Manager, install the latest Verint KB on the Verint Application server, get the installation files for the third-party platforms like VMware, Hyper-V, AWS, or Google Cloud Platform (GCP). Also, ensure that ports are open and get the connection information required for deployment.

Procedure 

    Download the following KBs from the Verint portal, and install them on the Verint Application server.

    • WFM Kit 1030 or higher

    • Latest Security Kit

    • EM - KB225013 or higher

    • Recorder data center APIs - KB223024 or higher

    • EM DB server - KB222695 or higher

  1. Work with Verint Support to get the installation files and information:

    • For VMware and Hyper-V, get the ISO (installation package) from Verint Support.

    • For AWS, provide the AWS account information and AWS region information to Verint Support, so they can help provision the Amazon Machine Image (AMI).

    • For GCP, provide the Google Cloud Platform account details to Verint Support, so they can open a case with Thales to get access to the customer account. Create the GCP image file, as described in the GCP deployment section.

  2. Make sure the servers for CipherTrust Manager meet the following minimum requirements, as described in WFO V15.2 Customer Furnished Equipment (CFE) Guide (XLSM):

  3. Make sure that the required ports are open and reachable on the servers and network devices in your IP network. See WFO V15.2 Firewall Ports Configuration (XLSM).

  4. Collect the following information that is required to create the CA certificate:

    Description

    Value

    IP Settings for KMS server

     

    Primary static IP address

     

    Primary host name

     

    Primary domain name

     

    Secondary static IP address

     

    Secondary host name

     

    Secondary domain name

     

    Certificate information

     

    Name of the certification authority (CA).

     

    Fully qualified domain name (FQDN).

    Note: The FQDN must exactly match the host name including the domain.

     

    Optional. Name of your organizational unit.

     

    Optional. Name of your organization (up to 32 characters).

     

    Optional. Full name of your city or locality. Do not use abbreviations.

     

    Optional. Full name of your state or province. Do not use abbreviations.

     

    Optional. Two letter country code.

     

    Email address of the person responsible for the certificate.

     

    SCP Server for External Backup Information

     

    IP or host name of the SCP server.

     

    Port number of the SCP server. The default port is 22.

     

    User name of the SCP server.

     

    Password or public key for the authentication of the SCP server.

     

    Path of the SCP server where backup is transferred.

     

CipherTrust Manager New Server Installation