1.0 Introduction
This guide provides an overview of the initial steps to begin using Fortanix Data Security Manager (DSM). It includes essential information for users to execute the following actions within Fortanix DSM:
- Signing Up
- Setting Up an Account
- Creating a Group
- Adding an Application and assigning it to a Group(s)
- Add Users and assigning them to a Group(s)
For more details on the concepts of the Fortanix DSM, refer to the Concepts documentation.
2.0 Signing Up
To get started with the Fortanix Data Security Manager (DSM) cloud service, you must register an account at <Your_DSM_Service_URL>.
For detailed steps on how to set up the Fortanix DSM, refer to the User's Guide: Sign Up for Fortanix Data Security Manager SaaS documentation.
3.0 Setting Up an Account
Access the <Your_DSM_Service_URL> on the web browser and enter your credentials to log in to the Fortanix DSM.
Figure 1: Logging In
Within this interface, you have the option to either create a new account or respond to an invitation to join an existing account. If you have a newly created account, perform the following steps to add your first group and an application in the Fortanix DSM.
Figure 2: Create/Use Existing Account
After entering an account, you can access a Dashboard view providing a comprehensive overview of your system. The top section highlights the five most active groups and their associated activities. The administrators can observe the top 5 applications in terms of activity and the number of operations they perform.
A section of the dashboard displays cards detailing the count of Groups, Apps, Security Objects, Users, and Plugins within the account.
Figure 3: Dashboard View
To know the steps for deleting or disabling an account, refer to the the FAQs - Fortanix Data Security Manager UI documentation.
4.0 Creating a Group
Perform the following steps to create the first group in the Fortanix DSM:
- Click the Groups menu item in the DSM left navigation bar and click the + button to add a new group.
Figure 4: Add Groups - On the Adding new group page, enter the following details:
- Title: Enter a title for your group.
- Description (Optional): Enter a short description for the group.
- Add Group Quorum Policy: Specify the quorum policy for the group. This setting determines the number of approvals required for security-sensitive operations within the group. Adjust this policy based on your security requirements. For detailed information, refer to User's Guide: Group Quorum Policy documentation.
- Configure as HSM/External KMS group: Select this option to configure the group as an HSM (Hardware Security Module) or External Key Management Service (KMS) group. This is relevant if you intend to use external devices or services for key management. For more information, refer to the User's Guide: HSM Gateway documentation.
- Configure a KEK from an existing group: Select this option to configure a Key Encryption Key (KEK) for the group using an existing group as a reference. This is useful when establishing cryptographic mechanisms within the group. For more information, refer to the User's Guide: Group Key Encryption Key documentation.
- Click the SAVE button to create the new group.
The new group is added to the Fortanix DSM successfully.
5.0 Fortanix DSM Application
An application within Fortanix DSM leverages the platform for generating, storing, and utilizing security objects such as cryptographic keys, certificates, or arbitrary secrets. Examples of such applications encompass web servers, Public Key Infrastructure (PKI) servers, key vaults, and others. The application can interact with Fortanix DSM through different interfaces, such as the Representational State Transfer (REST) APIs or employing the Public-Key Cryptography Standards (PKCS)#11, Java Cryptography Extension (JCE), or Cryptography API: Next Generation (CNG) providers.Top of Form
5.1 Adding an Application
Perform the following steps to create the first application in the Fortanix DSM:
- Click the Apps menu item in the DSM left navigation bar and click the + button to add a new group.
Figure 5: Add Application - On the Adding new app page, enter the following details:
- App Name: Enter the name of your application.
- Interface (Optional): Select the required interface type from the drop down menu, such as REST API, PKCS#11, JCE, CNG, and KMIP.
- ADD DESCRIPTION (Optional): Enter a short description for the application.
-
Authentication Method: Select the required method of authentication from the list of options available on the UI. For more information on these authentication methods, refer to User's Guide: Authentication documentation.
- Set app secret key size: Select the required size of the application secret key in bytes from the drop down menu.
- OAuth: Enable OAuth to authorize the application to perform crypto and key management operations on behalf of the User in groups that the User has administrator role.
- Assigning the new app to groups: Select one or more group names from the drop down menu to associate this application with that group(s).
- Click the Save button to add the new application.
The new application is added to the Fortanix DSM successfully.
5.2 Mapping Group to an Application
To associate a new or existing application to a particular group, you can select either of the following methods:
- Method 1 - Using the Apps menu item.
- Method 2 - Using the NEW APP button.
- Method 3 - Using the ADD APP button.
5.2.1 Method 1 - Using the Apps Menu Item
Perform the following steps:
- Navigate to Apps menu and select the required application from the list.
- On the detailed view of the required application, locate the Groups section and click the EDIT GROUPS button.
Figure 6: Edit Group for Application - On the Group Association dialog box, select an existing group from the drop down menu or click the CREATE NEW GROUP option to add a new group.
- Click the SAVE CHANGES button to save the updates to the application.
5.2.2 Method 2 - Using the NEW APP Button
Perform the following steps:
- Navigate to Groups menu tab and select the required group from the list.
- In the Info tab, click the NEW APP button.
Figure 7: Add Application to Group
This will redirect you the Adding new apps page. For more information, refer to Section 5.1: Adding an Application.
- Click the SAVE button to keep the changes.
5.2.3 Method 3 - Using the ADD APP Button
Perform the following steps:
- Navigate to Groups menu tab and select the required group from the list.
- In the detailed view of the group, under the APPS tab, click the ADD APP button.
Figure 8: Add Application to Apps Tab - In the Search for apps to add dialog box, select one or more existing applications to associate with that group.
- Click the SAVE CHANGES button to keep the changes.
5.3 Deleting the Application
To remove an application, you can select either of the following methods:
- Method 1 – Using the Apps menu item.
- Method 2 – Using the Groups menu item.
5.3.1 Method 1 – Using the Apps Menu Item
Perform the followings steps to delete an application using the Apps menu item:
- Navigate to Apps menu tab and select the required application from the list.
- On the detailed view of the required application, scroll to the end of the page and click the DELETE APP button.
Figure 9: Delete App Button - On the Delete App dialog box, click the DELETE button to confirm the action.
5.3.2 Method 2 - Using the Groups Menu Item
Perform the followings steps to delete an application using the Group menu item:
- Navigate to Groups menu tab and select the required group from the list.
- In the Apps tab, click the overflow menu (three dots) for an Application row and select the DELETE option to remove the application.
Figure 10: Delete Option - On the Remove App dialog box, click the REMOVE button to confirm the action.
6.0 Fortanix DSM Users
A user who creates a group automatically gets assigned the role of the group administrator. You can add more Users to a group in the role of administrators, auditors, or members. These roles may be assigned at either the account or group level. For detailed information, refer to the Authorization documentation.
6.1 Adding a User
For detailed information on how to invite a user, create a new user or delete the user, refer to the User's Guide: Inviting a User to Fortanix Data Security Manager documentation.
6.2 Mapping Group to User
To associate a new or existing user to a particular group, you can select either of the following methods:
- Method 1 - Using the Users menu item.
- Method 2 - Using the NEW USER button.
- Method 3 - Using the ADD USER button.
6.2.1 Method 1 - Using the Users Menu Item
Perform the following steps:
- Navigate to Users menu and select the required user from the list.
- On the detailed view of the required user, locate the Groups section and click the EDIT GROUPS button.
- In the Manage group for user dialog box, select an existing group from the drop down menu or click the CREATE NEW GROUP option to add a new group. Edit the permission of the user for the group if required.
- Click the SAVE CHANGES button to save the updates.
6.2.2 Method 2 - Using the NEW USER Button
Perform the following steps:
- Navigate to Groups menu tab and select the required group from the list.
- In the Info tab, click the NEW USER button.
Figure 12: Add User to Group This will redirect you the Adding new users to the account page. For more information, refer to Section 6.1: Adding a User. - Click the SAVE button to keep the changes.
6.2.3 Method 3 - Using the ADD USER Button
Perform the following steps:
- Navigate to Groups menu tab and select the required group from the list.
- In the USERS tab, click the ADD USERS button.
Figure 13: Add User to USERS Tab - In the Search for users to add dialog box, select one or more existing users to associate with that group. Edit the permission of the user for the group if required.
- Click the SAVE CHANGES button to complete associating users to a group.
6.3 Deleting the User
Perform the followings steps to delete a user:
- Navigate to Users menu tab and select the required user from the list.
- On the detailed view of the required application, scroll to the end of the page and click the DELETE USER button.
Figure 14: Delete User Button - On the Delete User dialog box, click the DELETE button to confirm the action.
Comments
Article is closed for comments.