ebook img

Professional IT-Security for your Corporation PDF

162 Pages·2009·2.93 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Professional IT-Security for your Corporation

Professional IT-Security for your Corporation ® SafeGuard Enterprise Installation manual Version 5.40 Document date: July 2009 Contents CHAPTER 1 SafeGuard Enterprise Overview.................................................................. 1 CHAPTER 2 SafeGuard Enterprise components ............................................................. 2 2.1 SafeGuard Enterprise with central management .......................................................... 3 2.2 SafeGuard Enterprise Standalone ................................................................................ 6 CHAPTER 3 Preparing for installation.............................................................................. 9 3.1 First steps before installing ........................................................................................... 9 3.2 System requirements .................................................................................................. 10 3.3 Installation packages .................................................................................................. 10 3.4 User interface language.............................................................................................. 11 3.5 Interaction with other SafeGuard products ................................................................. 12 3.5.1 Interaction with SafeGuard LAN Crypt............................................................. 12 3.5.2 Interaction with SafeGuard PrivateCrypto and SafeGuard Private Disk.......... 12 3.6 Securing transport connections with SSL ................................................................... 13 3.6.1 Setting up SSL................................................................................................. 13 3.6.2 Activating SSL encryption in SafeGuard Enterprise ........................................ 14 3.7 Installation steps for SafeGuard Enterprise ................................................................ 15 3.8 Installation steps for SafeGuard Enterprise Standalone ............................................. 17 3.9 Installation steps for SafeGuard Enterprise Client on multiple operating systems (runtime system) ......................................................................................................... 18 CHAPTER 4 Setting up SafeGuard Enterprise Database .............................................. 19 4.1 Prerequisites ............................................................................................................... 20 4.2 Authentication for the database .................................................................................. 21 4.3 Rights to access the database.................................................................................... 21 4.4 Setting up an SQL user account for SafeGuard Enterprise ........................................ 24 4.5 Generating the SafeGuard Enterprise database......................................................... 28 4.5.1 Generating SafeGuard Enterprise Database via SafeGuard Management Center .............................................................................................................. 28 4.5.2 Generating SafeGuard Enterprise Database with a script............................... 28 1 Contents CHAPTER 5 Setting up SafeGuard Management Center .............................................. 30 5.1 Prerequisites ............................................................................................................... 32 5.2 Installing SafeGuard Management Center.................................................................. 32 5.3 Configuring SafeGuard Management Center ............................................................. 34 5.4 Carrying out initial configuration.................................................................................. 35 5.5 Configuring for multiple databases (Multi Tenancy).................................................... 41 5.5.1 Creating further database configurations ........................................................ 41 5.5.2 Connecting to an existing database configuration........................................... 42 5.5.3 Exporting a configuration to a file .................................................................... 42 5.5.4 Importing a configuration ................................................................................. 43 5.5.5 Importing a configuration via the SafeGuard Management Center ................. 43 5.5.6 Importing a configuration by double-clicking the configuration file (Single and Multi Tenancy) .............................................................................. 44 5.5.7 Fast switching of database configurations....................................................... 45 5.6 Logon to the SafeGuard Management Center............................................................ 46 5.6.1 Logon in Single Tenancy mode ....................................................................... 46 5.6.2 Logon in Multi Tenancy mode ......................................................................... 46 5.7 Installing SafeGuard Management Center on further computers ............................... 48 CHAPTER 6 Setting up SafeGuard Enterprise Server................................................... 51 6.1 Prerequisites ............................................................................................................... 52 6.2 Configuring Microsoft Internet Information Services ................................................... 53 6.2.1 Hardening the IIS server.................................................................................. 53 6.2.2 IIS rollout name ............................................................................................... 56 6.2.3 Testing .NET Framework registration.............................................................. 56 6.2.4 Checking ASP.NET registration....................................................................... 57 6.2.5 Enabling recycling for the IIS server ................................................................ 58 6.3 Installing SafeGuard Enterprise Server ...................................................................... 60 6.4 Registering and configuring SafeGuard Enterprise Server......................................... 60 CHAPTER 7 Testing communication ............................................................................. 66 7.1 Prerequisites ............................................................................................................... 66 7.2 Performing connection test ......................................................................................... 70 2 Contents CHAPTER 8 Replicating the SafeGuard Enterprise Database ...................................... 72 8.1 Merge replication ........................................................................................................ 72 8.2 Setting up database replication................................................................................... 72 8.2.1 Generating the master database ..................................................................... 74 8.2.2 Generating the replication databases Graz and Linz....................................... 74 8.3 Installing and configuring SafeGuard Enterprise Server............................................. 75 8.3.1 Generating the configuration packages for the Graz database ....................... 75 8.3.2 Generating the configuration packages for the Linz database ........................ 76 8.3.3 Installing the server configuration packages.................................................... 76 8.4 Installing and configuring SafeGuard Enterprise Client .............................................. 76 CHAPTER 9 Setting up an organizational structure....................................................... 78 9.1 Creating an organizational structure manually............................................................ 79 9.2 Importing an organizational structure.......................................................................... 81 CHAPTER 10 Setting up SafeGuard Policy Editor ........................................................... 85 10.1 Prerequisites ............................................................................................................... 86 10.2 Installing SafeGuard Policy Editor .............................................................................. 87 10.3 Configuring SafeGuard Policy Editor .......................................................................... 88 10.3.1 Setting up the SQL database .......................................................................... 89 10.3.2 Setting up a password for the security officer.................................................. 90 10.3.3 Creating a certificate store............................................................................... 90 10.3.4 Creating pre-configured default policies .......................................................... 90 10.3.5 Logging on to the SafeGuard Policy Editor ..................................................... 92 CHAPTER 11 SafeGuard Client Configurations............................................................... 93 11.1 Restrictions ................................................................................................................. 94 11.2 SafeGuard Enterprise Clients ..................................................................................... 96 11.3 SafeGuard Standalone Clients ................................................................................... 98 11.3.1 Restrictions...................................................................................................... 98 11.3.2 Standalone Clients managed via SafeGuard Policy Editor.............................. 99 11.3.3 Standalone Clients managed via SafeGuard Management Center............... 101 3 Contents CHAPTER 12 Setting up user PCs centrally .................................................................. 102 12.1 General prerequisites................................................................................................ 103 12.2 Prerequisites for Windows Vista BitLocker ............................................................... 103 12.3 Restrictions ............................................................................................................... 104 12.4 Tasks for centralized install....................................................................................... 105 12.4.1 Creating an Enterprise Client configuration package .................................... 106 12.4.2 Creating a Standalone Client configuration package..................................... 109 12.5 Command for centralized install................................................................................ 113 12.5.1 Command options ......................................................................................... 114 12.5.2 SafeGuard Client Features (ADDLOCAL) ..................................................... 115 12.5.3 Sample command for volume and file based encryption ............................... 119 12.5.4 Sample command for Windows Vista with BitLocker support........................ 120 CHAPTER 13 Setting up user PCs locally ..................................................................... 121 13.1 Prerequisites ............................................................................................................. 121 13.2 Installing SafeGuard Enterprise or Standalone Client .............................................. 122 13.3 Selecting features ..................................................................................................... 123 CHAPTER 14 Installing SafeGuard Enterprise Client on computers with multiple operating systems ................................................................................. 126 14.1 Requirements and restrictions .................................................................................. 126 14.2 Preparations.............................................................................................................. 127 14.3 Setting up SafeGuard Enterprise Runtime Client ..................................................... 127 14.4 Booting from a secondary volume via a boot manager............................................. 128 CHAPTER 15 Installing SafeGuard Configuration Protection ........................................ 129 15.1 Prerequisites and Restrictions .................................................................................. 129 15.2 Command for central installation .............................................................................. 130 15.3 Sample command for SafeGuard Configuration Protection with SGNClient.msi ...... 130 15.4 Sample command for SafeGuard Configuration Protection with SGNClient_withoutDE.msi ........................................................................................ 131 15.5 Local installation ....................................................................................................... 132 15.6 Uninstalling SafeGuard Configuration Protection ..................................................... 133 4 Contents CHAPTER 16 Preventing uninstallation from the user PC ............................................. 134 CHAPTER 17 Updating SafeGuard Enterprise .............................................................. 135 17.1 Updating SafeGuard Enterprise Database ............................................................... 136 17.2 Updating SafeGuard Enterprise replicated databases.............................................. 137 17.3 Updating SafeGuard Enterprise Server .................................................................... 138 17.4 Updating SafeGuard Enterprise Management Center .............................................. 138 17.5 Updating SafeGuard Enterprise Client...................................................................... 140 17.6 Updating SafeGuard Enterprise Standalone............................................................. 141 17.6.1 Updating SafeGuard Policy Editor ................................................................. 141 17.6.2 Updating SafeGuard Standalone Client ........................................................ 142 17.6.3 Enhancing SafeGuard Standalone Client with volume based encryption...... 142 17.7 Updating the operating system ................................................................................. 143 CHAPTER 18 Migrating SafeGuard Standalone to SafeGuard Enterprise .................... 144 18.1 Migrating SafeGuard Policy Editor to SafeGuard Management Center.................... 145 18.2 Migrating Standalone Clients to Enterprise Clients................................................... 146 CHAPTER 19 Migrating SafeGuard Easy to SafeGuard Enterprise .............................. 147 19.1 Requirements............................................................................................................ 147 19.2 Limitations................................................................................................................. 148 19.3 Which functionality is migrated ................................................................................. 149 19.4 Preparations.............................................................................................................. 151 19.5 Starting the migration................................................................................................ 151 19.6 After the migration..................................................................................................... 153 CHAPTER 20 Annex - Best practice scenario................................................................ 154 CHAPTER 21 Technical Support ................................................................................... 155 CHAPTER 22 Copyright ................................................................................................. 156 5 CHAPTER 1 SafeGuard Enterprise Overview 1 SafeGuard Enterprise Overview SafeGuard Enterprise is a comprehensive, modular data security solution that uses a policy-based encryption strategy to provide reliable protection for information and information sharing on servers, PCs and mobile end devices. The central administration is done by the SafeGuard Enterprise Management Center. Security policies, keys and certificates, smartcards and tokens can be managed using a clearly laid out, role-based administration strategy. Detailed logs and report functions ensure that users and administrators always have an overview of all events. On the user side, data encryption and protection against unauthorized access are the main security functions of SafeGuard Enterprise. SafeGuard Enterprise can be seamlessly integrated into the user's normal environment and is easy and intuitive to use. SafeGuard's own authentication system, Power-On Authentication (POA), provides the necessary access protection and offers user-friendly support when recovering credentials. TIP: Our video tutorials are an ideal way to learn about SafeGuard Enterprise. You can find them on the product CD under Tutorials. They describe how SafeGuard Enterprise is installed and how to use the SafeGuard Management Center. SafeGuard Enterprise 1 CHAPTER 2 SafeGuard Enterprise components 2 SafeGuard Enterprise components In this chapter you will learn about the SafeGuard Enterprise components and how the individual components work with each other. SafeGuard Enterprise can be administered centrally or run in standalone mode. SafeGuard Enterprise 2 CHAPTER 2 SafeGuard Enterprise components 2.1 SafeGuard Enterprise with central management One or several Microsoft SQL databases store information about the user PCs on the company network. The administrator, known in SafeGuard Enterprise as the Master Security Officer (MSO), uses the SafeGuard Management Center to manage the database contents and to create new security instructions (policies). The users' PCs/notebooks read the policies from the database and report successful execution to the database. The communication between the database and the user PCs is done by Internet Information Services (IIS) based web server which has the SafeGuard Enterprise Server installed on it. SafeGuard Enterprise 3 CHAPTER 2 SafeGuard Enterprise components SafeGuard Enterprise 4

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.