User's Guide: Getting Started with Fortanix Data Security Manager - UI

1.0 Introduction

This guide provides an overview of the initial steps to begin using Fortanix Data Security Manager (DSM). It includes essential information for users to execute the following actions within Fortanix DSM:

  • Signing Up
  • Setting Up an Account
  • Creating a Group
  • Adding an Application and assigning it to a Group(s)
  • Add Users and assigning them to a Group(s)

For more details on the concepts of the Fortanix DSM, refer to the Concepts documentation.

2.0 Signing Up

To get started with the Fortanix Data Security Manager (DSM) cloud service, you must register an account at <Your_DSM_Service_URL>. For example, https://eu.smartkey.io.

For detailed steps on how to set up the Fortanix DSM, refer to the User's Guide: Sign Up for Fortanix Data Security Manager SaaS documentation.

3.0 Setting Up an Account

Access the <Your_DSM_Service_URL> on the web browser and enter your credentials to log in to the Fortanix DSM.

Screenshot (299).png

Figure 1: Logging In

Within this interface, you have the option to either create a new account or respond to an invitation to join an existing account. If you have a newly created account, perform the following steps to add your first group and an application in the Fortanix DSM.

fig2.png

Figure 2: Create/Use Existing Account

After entering an account, you can access a Dashboard view providing a comprehensive overview of your system. The top section highlights the five most active groups and their associated activities. The administrators can observe the top 5 applications in terms of activity and the number of operations they perform.

A section of the dashboard displays cards detailing the count of Groups, Apps, Security Objects, Users, and Plugins within the account.

fig3.png

Figure 3: Dashboard View

To know the steps for deleting or disabling an account, refer to the the FAQs - Fortanix Data Security Manager UI documentation.

4.0 Creating a Group

Perform the following steps to create the first group in the Fortanix DSM:

  1. Click the Groups menu item in the DSM left navigation bar and click the + button to add a new group.
    group-landing-page.png
    Figure 4: Add Groups
  2. On the Adding new group page, enter the following details:
    • Title: Enter a title for your group.
    • Description (Optional): Enter a short description for the group.
    • Add Group Quorum Policy: Specify the quorum policy for the group. This setting determines the number of approvals required for security-sensitive operations within the group. Adjust this policy based on your security requirements. For detailed information, refer to User's Guide: Group Quorum Policy documentation.
    • Configure as HSM/External KMS group: Select this option to configure the group as an HSM (Hardware Security Module) or External Key Management Service (KMS) group. This is relevant if you intend to use external devices or services for key management. For more information, refer to the User's Guide: HSM Gateway documentation.
    • Configure a KEK from an existing group: Select this option to configure a Key Encryption Key (KEK) for the group using an existing group as a reference. This is useful when establishing cryptographic mechanisms within the group. For more information, refer to the User's Guide: Group Key Encryption Key documentation.
  3. Click the SAVE button to create the new group.

The new group is added to the Fortanix DSM successfully.

5.0 Fortanix DSM Application

An application within Fortanix DSM leverages the platform for generating, storing, and utilizing security objects such as cryptographic keys, certificates, or arbitrary secrets. Examples of such applications encompass web servers, Public Key Infrastructure (PKI) servers, key vaults, and others. The application can interact with Fortanix DSM through different interfaces, such as the Representational State Transfer (REST) APIs or employing the Public-Key Cryptography Standards (PKCS)#11, Java Cryptography Extension (JCE), or Cryptography API: Next Generation (CNG) providers.Top of Form

5.1 Adding an Application

Perform the following steps to create the first application in the Fortanix DSM:

  1. Click the Apps menu item in the DSM left navigation bar and click the + button to add a new group.
    apps-landing-page.png
    Figure 5: Add Application
  2. On the Adding new app page, enter the following details:
    • App Name: Enter the name of your application.
    • Interface (Optional): Select the required interface type from the drop down menu, such as REST API, PKCS#11, JCE, CNG, and KMIP.
    • ADD DESCRIPTION (Optional): Enter a short description for the application.
    • Authentication Method: Select the required method of authentication from the list of options available on the UI. For more information on these authentication methods, refer to User's Guide: Authentication documentation.
      • Set app secret key size: Select the required size of the application secret key in bytes from the drop down menu.
    • OAuth: Enable OAuth to authorize the application to perform crypto and key management operations on behalf of the User in groups that the User has administrator role.
    • Assigning the new app to groups: Select one or more group names from the drop down menu to associate this application with that group(s).
  3. Click the Save button to add the new application.

The new application is added to the Fortanix DSM successfully.

5.2 Mapping Group to an Application

To associate a new or existing application to a particular group, you can select either of the following methods:

  • Method 1 - Using the Apps menu item.
  • Method 2 - Using the NEW APP button.
  • Method 3 - Using the ADD APP button.

5.2.1 Method 1 - Using the Apps Menu Item

Perform the following steps:

  1. Navigate to Apps menu and select the required application from the list.
  2. On the detailed view of the required application, locate the Groups section and click the EDIT GROUPS button.
    app-method1.png
    Figure 6: Edit Group for Application
  3. On the Group Association dialog box, select an existing group from the drop down menu or click the CREATE NEW GROUP option to add a new group.
  4. Click the SAVE CHANGES button to save the updates to the application.

5.2.2 Method 2 - Using the NEW APP Button

Perform the following steps:

  1. Navigate to Groups menu tab and select the required group from the list.
  2. In the Info tab, click the NEW APP button.
    app-method2.png
    Figure 7: Add Application to Group
    This will redirect you the Adding new apps page. For more information, refer to Section 5.1: Adding an Application.
    NOTE
    In the Assigning the new app to groups section, the group is already assigned. Click the EDIT GROUPS button to add more groups to the application.
  3. Click the SAVE button to keep the changes.

5.2.3 Method 3 - Using the ADD APP Button

Perform the following steps:

  1. Navigate to Groups menu tab and select the required group from the list.
  2. In the detailed view of the group, under the APPS tab, click the ADD APP button.
    app-method3.png
    Figure 8: Add Application to Apps Tab
  3. In the Search for apps to add dialog box, select one or more existing applications to associate with that group.
  4. Click the SAVE CHANGES button to keep the changes.

5.3 Deleting the Application

To remove an application, you can select either of the following methods:

  • Method 1 – Using the Apps menu item.
  • Method 2 – Using the Groups menu item.

5.3.1 Method 1 – Using the Apps Menu Item

Perform the followings steps to delete an application using the Apps menu item:

  1. Navigate to Apps menu tab and select the required application from the list.
  2. On the detailed view of the required application, scroll to the end of the page and click the DELETE APP button.
    delete-app-method1.png
    Figure 9: Delete App Button
  3. On the Delete App dialog box, click the DELETE button to confirm the action.

5.3.2 Method 2 - Using the Groups Menu Item

Perform the followings steps to delete an application using the Group menu item:

  1. Navigate to Groups menu tab and select the required group from the list.
  2. In the Apps tab, click the overflow menu (three dots) for an Application row and select the DELETE option to remove the application.
    delete-app-method2.png
    Figure 10: Delete Option
  3. On the Remove App dialog box, click the REMOVE button to confirm the action.

6.0 Fortanix DSM Users

A user who creates a group automatically gets assigned the role of the group administrator. You can add more Users to a group in the role of administrators, auditors, or members. These roles may be assigned at either the account or group level. For detailed information, refer to the Authorization documentation.

6.1 Adding a User

For detailed information on how to invite a user, create a new user or delete the user, refer to the User's Guide: Inviting a User to Fortanix Data Security Manager documentation.

6.2 Mapping Group to User

To associate a new or existing user to a particular group, you can select either of the following methods:

  • Method 1 - Using the Users menu item.
  • Method 2 - Using the NEW USER button.
  • Method 3 - Using the ADD USER button.

6.2.1 Method 1 - Using the Users Menu Item

NOTE
You can modify the groups for a user only if the invite is in pending state and if the user is an Account Member.

Perform the following steps:

  1. Navigate to Users menu and select the required user from the list.
  2. On the detailed view of the required user, locate the Groups section and click the EDIT GROUPS button.
    NOTE
    If the user is an Account Administrator or Account Auditor, then they are automatically assigned to all groups as Group Administrator or Group Auditor respectively.
    fig11.png
    Figure 11: Edit Groups for User
  3. In the Manage group for user dialog box, select an existing group from the drop down menu or click the CREATE NEW GROUP option to add a new group. Edit the permission of the user for the group if required.
  4. Click the SAVE CHANGES button to save the updates.

6.2.2 Method 2 - Using the NEW USER Button

Perform the following steps:

  1. Navigate to Groups menu tab and select the required group from the list.
  2. In the Info tab, click the NEW USER button.
    user-method2.png
    Figure 12: Add User to Group This will redirect you the Adding new users to the account page. For more information, refer to Section 6.1: Adding a User.
  3. Click the SAVE button to keep the changes.

6.2.3 Method 3 - Using the ADD USER Button

Perform the following steps:

  1. Navigate to Groups menu tab and select the required group from the list.
  2. In the USERS tab, click the ADD USERS button.
    user-method-3.png
    Figure 13: Add User to USERS Tab
  3. In the Search for users to add dialog box, select one or more existing users to associate with that group. Edit the permission of the user for the group if required.
    NOTE
    The Search for users to add to dialog box only displays users who are account members.
  4. Click the SAVE CHANGES button to complete associating users to a group.

6.3 Deleting the User

Perform the followings steps to delete a user:

  1. Navigate to Users menu tab and select the required user from the list.
  2. On the detailed view of the required application, scroll to the end of the page and click the DELETE USER button.
    delete-user-method-1.png
    Figure 14: Delete User Button
    NOTE
    Alternatively, you can click the overflow menu (three dots) for a User row and select the DELETE option to remove the user.
    delete-user-method-2.png
    Figure 15: Delete Option
  3. On the Delete User dialog box, click the DELETE button to confirm the action.

Comments

Article is closed for comments.

Was this article helpful?
1 out of 1 found this helpful