This topic is an introduction to the Vormetric encryption appliance known as the Data Security Manager (DSM).
This topic also explains the default accounts that are used to log into the DSM.
Before you begin, you must be able to:
- Access your SSL/VPN account and connect to your Armor environment.
- Access the DSM configuration provisioning ticket in my.armor.com.
- This ticket contains the necessary administrator credentials and the public IP address for the DSM.
What is Vormetric’s DSM?
The DSM is a dedicated virtual appliance in your Armor environment that serves as a centralized hub for managing your persistent file/folder encryption. The DSM is where all of the encryption policies are configured and the encryption keys are managed. The DSM then sends the policies and keys to the corresponding transparent encryption agent installed on the host virtual machines where sensitive data is stored. The agent side then uses those policies to control access and to encrypt the data
How do I access the DSM?
- Connect to your SSL/VPN account.
Open a web browser, and then type https:// followed by the public / front-end IP address of the DSM.
There are no redirects using HTTP. Because of Armor’s self-signed SSL certificate, you must add the security exception every time you log into the DSM.
- Enter the address, and then add the security exception. You will see the following screen:
Vormetric administrative accounts
When Armor customers take ownership of the DSM, the DSM will come with three administrator accounts for customer use and one account for Armor support use. The Armor support account can only view logs, add hosts, and guard points. Beyond that, Armor support cannot make meaningful changes to the encryption setup. As a result, all administration of the DSM is performed by the customer.
Below is a list of the customer accounts and what they do:
- [Customer_ID]admin - The admin account is used for tasks such as creating new administrators of all kinds, resetting administrator passwords, updating software, and various other high-level administrative tasks.
- [Customer_ID]domain - The domain account is used for tasks that involve administering the Vormetric domains. This is not to be confused with a Microsoft Active Directory domain or an LDAP domain. These domains only exist within the Vormetric software.
- [Customer_ID]security - The security account performs most all of the day-to-day administrative tasks in Vormetric.