Download
Share
Print this page
  1. Manuals
  2. Brands
  3. Entrust Manuals
  4. Network Hardware
  5. nShield
  6. Hardware and setup manual

Entrust nShield Connect Hardware And Setup Manual

Nshield v13.6.5
Hide thumbs Also See for nShield Connect:

Advertisement

Quick Links

Download this manual
nShield Security World
nShield v13.6.5 Hardware
Install and Setup Guides
08 January 2025

Advertisement

loading
Need help?

Need help?

Do you have a question about the nShield Connect and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Entrust nShield Connect

Summary of Contents for Entrust nShield Connect

  • Page 1 nShield Security World nShield v13.6.5 Hardware Install and Setup Guides 08 January 2025...

  • Page 2: Table Of Contents

    Table of Contents 1. Hardware install and setup guides............ ...

  • Page 3: Hardware Install And Setup

    • nShield Solo XC The network-attached HSM install guide covers the following products: • nShield 5c • nShield Connect The USB HSM setup guide covers the following products: • nShield Edge For instructions on installing the nShield Security World software, see https://nshielddocs.entrust.com/security-world-docs/software-install/intro.html.

  • Page 4: Nshield Network-Attached Hsms

    2. nShield Network-Attached HSMs 2.1. Prerequisites and product information This guide covers the following HSMs: • nShield Connect • nShield 5c These Hardware Security Modules (HSMs) provide secure cryptographic processing within a tamper-resistant casing. Each nShield HSM is configured to communicate with one or more client computers over an Ethernet network.

  • Page 5: Handling The Hsm

    If you are installing the module in a 19” rack, make sure that you follow the nShield Connect or 5c Slide Rails Instructions provided with the rails. In particular, be careful of sharp edges.

  • Page 6: Physical Location Considerations

    2.1.5. Physical location considerations Entrust nShield HSMs are certified to NIST FIPS 140 Level 2 and 3. In addition to the intrinsic protection provided by an nShield HSM, customers must exercise due diligence to ensure that the environment within which the nShield HSMs are deployed is configured properly and is regularly examined as part of a comprehensive risk mitigation program to assess both logical and physical threats.

  • Page 7: Connecting Ethernet, Console And Power Cables

    To install the HSM in a cabinet or a shelf, fit self-adhesive rubber feet to the bottom of the HSM, one in each corner. If you encounter any problems during the install process, refer to https://nshielddocs.entrust.com/security-world-docs/hsm-user-guide/  na/troubleshooting.html. This page includes explanations for the status LED, log messages, and audible warnings as well as other information.
  • Page 8 Ethernet port. Two Ethernet ports are available. Port 1 is the left-hand connector when the HSM is viewed from the back RJ45 port for a serial console cable If you connect only one Ethernet cable to the HSM, Entrust  recommends that you connect it to Ethernet port 1. This is the left-hand Ethernet connector on the rear of the HSM (shaded in the image).

  • Page 9: Connecting The Serial Console

    Chapter 2. nShield Network-Attached HSMs 2.2.2. Connecting the Serial Console On supported HSM hardware variants (see Model numbers) there is a serial console port that provides access to a serial console command line interface that enables remote configuration of the HSM. The RJ45 connector for the serial cable is at the rear of the HSM and is labelled Console, Connecting Ethernet, console and power cables.

  • Page 10: Checking The Installation

    Chapter 2. nShield Network-Attached HSMs Instead of using the controls on the front panel to configure the HSM, you can use a US or UK keyboard. You might find a keyboard easier for entering dates and IP addresses. You connect the keyboard to the USB connector on the front of the HSM. 2.2.3.1.

  • Page 11: Nshield Pcie Hsms

    • nShield Solo XC • nShield 5s These Hardware Security Modules (HSMs) are for use in servers and appliances. • For further information about the HSM and HSMs in general, see https://nshielddocs.entrust.com/security-world-docs/hsm-user-guide/intro.html. • For help installing the Security World software, see https://nshielddocs.entrust.com/ security-world-docs/software-install/intro.html.

  • Page 12: Handling The Hsm

    Chapter 3. nShield PCIe HSMs 3.1.2. Handling the HSM nShield HSMs contain solid-state devices that can withstand normal handling. However, do not drop the module or expose it to excessive vibration. Before installing hardware, you must disconnect your computer from the power supply.
  • Page 13 Chapter 3. nShield PCIe HSMs *Air temperature at PCIe card inlet surface. For more information, see [hardware- install:pcie-preinstall:::cooling]. nShield Solo nShield Solo environmental Operating range Comments conditions Min. Max. Operating temperature* 10°C (50°F) 35°C (95°F) Subject to sufficient airflow Storage temperature -20°C (-4°F) 70°C (158°F) Operating humidity...
  • Page 14 3.1.3.3. Cooling recommendations for a desktop installation For a desktop installation running in operating environmental conditions, dedicated airflow is required across the module. If the system cannot provide the necessary airflow, Entrust recommends you add a sufficiently powerful dedicated fan to directly cool the module. For details regarding the cooling requirements see [hardware-install:pcie-preinstall:::cooling].

  • Page 15: Physical Location

    Chapter 3. nShield PCIe HSMs 3.1.4. Physical location considerations Entrust nShield HSMs are certified to NIST FIPS 140 Level 2 and 3. In addition to the intrinsic protection provided by an nShield HSM, customers must exercise due diligence to ensure that the environment within which the nShield HSMs are deployed is configured properly and is regularly examined as part of a comprehensive risk mitigation program to assess both logical and physical threats.
  • Page 16 Chapter 3. nShield PCIe HSMs switch (C) must be set to Operational (O). ◦ To use the Remote Administration feature to change the mode of the module remotely, ensure that the jumper switch (E) is in the off position and the physical mode switch (C) is set to Operational (O).

  • Page 17: Swap The Module

    Physical mode switch Physical mode override jumper switch, in the Off position. When set to On, the mode switch (C) is deactivated. See the https://nshielddocs.entrust.com/security-world-docs/hsm-user-guide/pcie/ check-change-mode-solo.html for more information. Remote mode override jumper switch, in the Off position. When set to On, remote mode switching is disabled.

  • Page 18: Install The Module

    Chapter 3. nShield PCIe HSMs Figure 1. Screw placement on an nShield 5s. Screw placement is the same on a Solo module bracket, however the  Solo and Solo XC brackets also have a physical mode switch. 3.2.3. Install the module 1.

  • Page 19: Fitting A Smart Card Reader

    3.2.5. After installing the module 3.2.5.1. Set the system clock nShield 5s only Set the system clock. See https://nshielddocs.entrust.com/security-world-docs/hsm-user- guide/pcie/sys-clock.html. 3.2.5.2. Install the nShield World software If the Security World software has not already been installed, you must install the Security World Software by following the instructions in the https://nshielddocs.entrust.com/...
  • Page 20 Chapter 3. nShield PCIe HSMs If the new module has been supplied from the factory it will already be in factory state. nShield v13.6.5 Hardware Install and Setup 18/24 Guides...

  • Page 21: Nshield Usb

    Edge HSMs are connected to the same computer or VM, are not supported. Entrust does not recommend using the nShield Edge alongside other Entrust nShield HSMs on the same computer or VM. • For further information about the HSM and HSMs in general, see https://nshielddocs.entrust.com/security-world-docs/hsm-user-guide/intro.html.

  • Page 22: Fips

    To help maintain security: • Always inspect the USB cable and the nShield Edge before use, specifically the Entrust logo hologram in the tamper window shown below. (The nShield Edge Developer Edition does not have a hologram and tamper window.) If there are any signs of tampering, do not use the cable and the nShield Edge.

  • Page 23: Physical Location Considerations

    10 - 85% non-condensing 4.1.4. Physical location considerations Entrust nShield HSMs are certified to NIST FIPS 140 Level 2 and 3. In addition to the intrinsic protection provided by an nShield HSM, customers must exercise due diligence to ensure that the environment within which the nShield HSMs are deployed is configured properly and is regularly examined as part of a comprehensive risk mitigation program to assess both logical and physical threats.

  • Page 24: Connecting An Nshield Edge

    Chapter 4. nShield USB HSMs Linux Set power options to never put computer to sleep. 4.2.2. Connecting an nShield Edge Do the following: 4.2.2.1. Windows Connect the nShield Edge to your computer, using the supplied USB cable. If your operating system detects the nShield Edge automatically, allow it to finish. A message appears, reporting that Windows is stopping and restarting the hardserver.

  • Page 25: Enabling Optional

    4.2.3. Enabling optional features The nShield Edge supports a range of optional features, which can be enabled with a certificate or Activator card that you order from Entrust. To enable optional features, follow the instructions in https://nshielddocs.entrust.com/ security-world-docs/hsm-user-guide/hsm-mgmt/features.html, or follow the instructions...
  • Page 26 Chapter 4. nShield USB HSMs If the the HSM has been installed correctly. mode operational If the output from the command says that the module is not found, first restart enquiry your computer, then re-run the command. enquiry Ensure that the Windows power saving features are disabled. See Power ...

This manual is also suitable for:

Nshield 5cNshield soloNshield solo xcNshield 5sNshield edge