1. Manuals
  2. Brands
  3. Fidelis Manuals
  4. Network Hardware
  5. Common Criteria
  6. Configuration manual

Connect A Physical Appliance To The Network And Configure; Appendix A Security Certificates And Common Access Cards; Obtaining And Importing A Certificate - Fidelis Common Criteria Configuration Manual

Hide thumbs
Table of Contents

Advertisement

Access to the iLO or IMM interface should be physically limited to only those users that
require access. These interfaces are not secured by Fidelis Network software.
Refer to Appendix B in the Enterprise Setup and Configuration Guide[1] for Security
practices regarding your installation.
Connect a Physical Appliance to the Network
and Configure
The first four steps in this section apply to physical appliances. The remaining steps apply to physical and
virtual appliances. For virtual appliances, you also need to refer to chapter 3 in the Enterprise Setup and
Configuration Guide [1].
1. Rack the unit with access to proper power, cooling, and ventilation.
2. Connect power cables and attach to the power supplies in the back of the appliance.
3. Refer to the Quick Start Card for initial post-factory installation of the product if needed. It will guide
you through the process of finalizing Fidelis Network software installation.
4.
Connect a keyboard and monitor to the appliance.
5.
After configuration is complete, type exit to log out.
Appendix A Security Certificates and
Common Access Cards

Obtaining and Importing a Certificate

Follow instructions in this section to generate a Certificate Signing Request (CSR); obtain a certificate, CA
certificates, CRL; import these for use by a Fidelis Network component. Run all commands in this section
as root. In all commands, <subsystem> is the affected part of Fidelis Network functionality and must be
one of the recognized subsystems listed above.
1.
Generate a Certificate Signing Request (CSR).
This will generate a new RSA private key, and create a new CSR based on it.
The --subject-dn=<component_dn> argument specifies the component's Distinguished Name (DN),
which will be used in the CSR and will eventually be used as a subject in the certificate.
If it is not specified, the component's hostname will be used as the default Common Name (CN).
/FSS/bin/cert_manager --subsystem=<subsystem> --action=export-csr --csr-
outfile=/tmp/<output_CSR_file>.pem --subject-dn='<component_dn>'
The Subject Distinguished Name should be provided in the form:
--subject-dn='/C=US/ST=MD/L=Bethesda/O=MyCompanyName/OU=IT
Department/CN=sensor1.mycompany.local'
where the DN fields are separated by '/', with keys separated from values with '='.
Supported DN fields are:
Fidelis Network Common Criteria Configuration Guide Version 9.0.3
3
www.fidelissecurity.com

Advertisement

Table of Contents
loading

Related Manuals for Fidelis Common Criteria

Related Content for Fidelis Common Criteria

Table of Contents