Table of Contents
- List of Figures
- List of Tables
- Title and Copyright Information
- Preface
- 1 About Oracle Key Manager
-
2
Install the KMA
-
Prepare for the Installation
- Installation Planning Checklist
- Verify or Obtain a Cryptographic Card
- Verify the Site is Ready for Installation
- Verify the Rack Meets the Specifications for Installing a KMA
- Acclimate the Equipment to the Environment
- Obtain Required Installation Tools
- Obtain Necessary Documentation
- Unpack and Inventory Contents
- SPARC T7-1 or T8-1 Server Installation
- Initial ILOM Configuration
-
Prepare for the Installation
- 3 Configure a KMA with QuickStart
- 4 Install OKM Manager
- 5 Configure the Cluster
-
6
Enroll Tape Drives
- Tape Drive Enrollment Process Overview
- Supported Tape Drives and Required Firmware Levels
- Gather Information about the Tape Drives
- Obtain the T10000 Encryption Enablement Drive Data (Installer Task)
- Activate the Tape Drives (Installer Task)
- Enroll the Tape Drives (Customer Task)
- Assign Key Groups for Each Tape Drive (Customer Task)
- Switch Encryption On and Off
- Use Tokens to Transfer Encryption Keys
- Rebuild the Media Information Region for T10000 Drives
- 7 Basic OKM GUI Operations
- 8 Users and Roles
- 9 Monitor KMAs
- 10 Backups
-
11
Keys, Key Policies, and Key Groups
- About Key Lifecycles
- Manage Key Policies
- Manage Key Groups
- Manage Keys
- Transfer Keys Between Clusters
-
12
Sites, KMAs, Agents, and Data Units
-
Manage KMAs
- Create a KMA
- View and Modify KMA Settings
- Change a KMA Passphrase (Log the KMA Out of the Cluster)
- Delete a KMA
- Query KMA Performance
- Modify Key Pool Size
- Lock/Unlock the KMA
- Upgrade Software on a KMA
- Check the Replication Version of the KMA
- Switch the Replication Version
- View KMA Network Configuration Information
- View and Adjust the KMA Clock
- Check the Cryptographic Card
- Manage Sites
- Manage Agents
- Manage Data Units
-
Manage KMAs
- 13 Quorum Authentication
-
14
OKM Console
- Log into the KMA
- User Role Menu Options
-
OKM Console Functions
- Log KMA Back into Cluster
- Set a User's Passphrase
- Set KMA Management IP Addresses
- Set KMA Service IP Addresses
- View, Add, and Delete Gateways
- Set Acceptable TLS Versions
- Specify the DNS Settings
- Reset the KMA to the Factory Default
- Restart the KMA
- Shutdown the KMA
- Enable the Technical Support Account (using OKM Console)
- Disable the Technical Support Account
- Enable the Primary Administrator
- Disable the Primary Administrator
- Show Properties of the Root CA Certificate
- Renew the Root CA Certificate
- Log Out of Current OKM Console Session
- 15 Command Line Utilities
- 16 Certificates
- A Disaster Recovery
- B Configure the Network for the SL4000
- C Switch Configurations
-
D
Advanced Security Transparent Data Encryption
(TDE)
- About Transparent Data Encryption (TDE)
- Load Balancing and Failover When Using pkcs11_kms
- Planning Considerations When Using TDE
- Integrate OKM and TDE
- Migrate Master Keys from the Oracle Wallet
- Convert from Another Hardware Security Module Solution
- Key Destruction When Using TDE
- Key Transfer in Support of Oracle RMAN and Oracle Data Pump
- Attestation, Auditing, and Monitoring for TDE
- Locate TDE Master Keys in OKM
- Troubleshoot pkcs11_kms Issues
- E Solaris ZFS Encryption
- F Upgrade and Configure Integrated Lights Out Manager (ILOM)
- Index