About CSP Compliance Manager
CSP Compliance Manager Release Notes
Release Notes Overview
Supported Upgrade Versions
What's New and Changed in Version 10.5.1
Issues Resolved in 10.5.1
Known Limitations in CSP Compliance Manager 10.5.1
Known Limitations in CSP Discovery
Installation and Upgrade
Installation
Installation Requirements
System Resource Recommendations
Supported Platforms
Network Requirements
Browser Requirements
Deployment
Installing from an OVA
Power On the Appliance from vSphere
Installing from an ISO
ISO Installation Overview
Installing the First node from an ISO Image
Installing a new node from an ISO Image
Installing from an AMI
Starting the AWS Instance
Associating an Elastic IP Address
Configuring a node in AWS
Deploying in Microsoft Azure
Overview for Microsoft Azure deployment
Recommendations
Deploying a node in Azure
Configuring the First Node in Azure
Configuring Additional Nodes in Azure
Setting the System Console password
Setting Up the webGUI
Upgrading
Upgrading Requirements
Running the Upgrade
Cluster Management
Cryptographic Security Platform Compliance Manager Nodes and Clusters
Viewing Cluster Status
Adding a Node to an Existing Cluster in vSphere
Removing a Node from a Cluster
Joining or Rejoining a Compliance Manager Cluster
Joining a Compliance Manager Cluster
Rejoining a Compliance Manager Cluster
Changing the IP Address for a Node
Rebooting a Compliance Manager Node
Decommissioning a Compliance Manager Node
Compliance Manager Backup and Restore
Backing Up Using the Compliance Manager webGUI
Accessing Compliance Manager Backup Files
Restoring Cryptographic Security Platform Compliance Manager
Startup Authentication
Enabling Startup Authentication
Disabling Startup Authentication
Account Settings
Changing Your Account Settings
Admin Keys
Generating the Admin Key
Downloading your Admin Key
Verifying the Admin Key
Configuring Local Authentication
Enabling Two Factor Authentication
Managing Two-Factor Authentication
Setting Mail Server Preferences
Recovering Access to Cryptographic Security Platform Compliance Manager
System Maintenance and Troubleshooting
Configuring System-Level SNMP Traps
Configuring Syslog Server Settings
Setting the Default Account Expiration
Increasing CSP Compliance Manager Storage in a VM
Setting the Compliance Manager webGUI Session Timeout
Configuring TLS
Creating a Support Bundle with the Compliance Manager webGUI
Creating a Support Bundle for the Compliance Manager System Console
Using the Restricted Shell
Setting Console Manager webGUI Alert Settings
Enabling an HTTP Proxy Server in Compliance Manager
Enabling or Disabling the Support Login
nShield KeySafe5 Requirements
nShield KeySafe5 Settings
Certificates
Cryptographic Security Platform Compliance Manager Certificates
Viewing the Expiration Date for the Current SSL Certificate
Creating a Certificate Signing Request
Using Self-Signed Certificates for All Nodes in a Cluster
Installing External Certificates for Internal and External Webservers
CSP Compliance Manager Certificate Expiration Notification
Installing a New Self-Signed Certificate
Downloading a CSP Compliance Manager CA Certificate
Using the Audit Log
Configuring Audit Log Settings
Viewing the Audit Log
Exporting the Audit Log
CSP Appliance Management webGUI Page Reference
Cluster Page
Audit Log Page
Alerts Page
Settings Page
System Upgrade Page
System Upgrade Page Details
CSP Compliance Manager Tenant Management
About the Tenant Manager Role
Creating the Default Tenant
Creating Additional Tenants
Modifying a Tenant
Changing the Default Tenant
Resending an Invite to a Tenant
Recovering the Tenant Password
Deleting a CSP Compliance Manager Tenant
Using the Compliance Manager webGUI
CSP Compliance Manager Users
Accessing the Compliance Manager webGUI
Getting Started with the Compliance Manager webGUI
Understanding the Compliance Manager Dashboard
Using CSP Discovery
Discovery Overview
AWS Certificate Manager plugin
AWS Key Management Service plugin
AWS Secrets Manager plugin
Azure Key Vault plugin
GCP Certificate Manager plugin
GCP Key Management Service plugin
GCP Secret Manager plugin
HashiCorp Vault plugin
Network Scanner - Nmap plugin
Network Scanner - OIDC plugin
Network Scanner - SSH plugin
Tenable Vulnerability Management plugin
Accessing the Discovery User Interface
Discovery Dashboard
Managing Discovery Configurations
Discovery Insights Panel
Discovery Filter Options
Discovery Content Area
Editing an Existing Configuration
Manually Running a Configuration
Scheduling Automatic Runs
Creating a New Configuration
Deleting a Configuration
Managing Discovery Plugins
Plugin Configuration
AWS Certificate Manager plugin configuration
AWS Certificate Manager plugin credentials
AWS Certificate Manager plugin settings
Required AWS Certificate Manager plugin settings
Optional AWS Certificate Manager plugin settings
AWS Key Management Service plugin configuration
AWS Key Management Service plugin credentials
AWS Key Management Service plugin settings
Required AWS Key Management Service plugin settings
Optional AWS Key Management Service plugin settings
AWS Secrets Manager plugin configuration
AWS Secrets Manager plugin credentials
AWS Secrets Manager plugin settings
Required AWS Secrets Manager plugin settings
Optional AWS Secrets Manager plugin settings
Azure Key Vault plugin configuration
Azure Key Vault plugin credentials
Creating Azure Key Vault credentials with the Azure CLI
Creating Azure Key Vault credentials with the web console
Azure Key Vault plugin settings
GCP Certificate Manager plugin configuration
GCP Certificate Manager plugin credentials
GCP Certificate Manager plugin settings
GCP Key Management Service plugin configuration
GCP Key Management Service plugin credentials
GCP Key Management Service plugin settings
Required GCP Key Management Service plugin settings
Optional GCP Key Management Service plugin settings
GCP Secret Manager plugin configuration
GCP Secret Manager plugin credentials
GCP Secret Manager plugin settings
HashiCorp Vault plugin configuration
HashiCorp Vault plugin credentials
HashiCorp Vault plugin settings
Required HashiCorp Vault plugin settings
Optional HashiCorp Vault plugin settings
Network Scanner - Nmap plugin configuration
Network Scanner - Nmap plugin credentials
Network Scanner - Nmap plugin settings
Optional Network Scanner - Nmap plugin settings
Required Network Scanner - Nmap plugin settings
Network Scanner - OIDC plugin configuration
Network Scanner - OIDC plugin credentials
Network Scanner - OIDC plugin settings
Required Network Scanner - OIDC settings
Optional Network Scanner - OIDC settings
Network Scanner - SSH Scanner plugin configuration
Network Scanner - SSH plugin credentials
Network Scanner - SSH plugin settings
Required Network Scanner - SSH plugin settings
Optional Network Scanner - SSH plugin settings
Tenable Vulnerability Management plugin configuration
Tenable Vulnerability Management plugin credentials
Tenable Vulnerability Management plugin settings
Required Tenable Vulnerability Management plugin settings
Optional Tenable Vulnerability Management plugin settings
Schedule
Validation results
Discovery Plugins Output
AWS Certificate Manager plugin output
AWS Key Management Service plugin output
AWS Secrets Manager plugin output
Azure Key Vault plugin output
GCP Certificate Manager plugin output
GCP Key Management Service plugin output
GCP Secret Manager plugin output
HashiCorp Vault plugin output
Network Scanner - TLS plugin output
Network Scanner - OIDC plugin output
Network Scanner - SSH plugin output
Tenable Vulnerability Management plugin output
Discovery Settings
Collections and Data Sources
About Collections and Data Sources
Viewing Collections
Creating a Collection
Editing a Collection
Deleting a Collection
Creating a Data Source Connection
Deleting a Data Source from a Collection
Editing Data Source Details
Viewing Connected Data Source Connections
Moving a Data Source to a Different Collection
Disconnecting or Reconnecting a Data Source Connection
Managing Data Sources
Cryptographic Assets
About Cryptographic Assets
Viewing Cryptographic Assets
Documenting Cryptographic Assets
Sending Documentation Requests
Reports
Viewing Reports
Creating a Report
Editing a Report
Deleting a Report
Compliance
About Compliance
Viewing Compliance Policies
Post-Quantum Compliance
Creating a Compliance Policy
Modifying an Existing Compliance Policy
Deleting a Custom Compliance Policy
About Schedules
Creating a Schedule
Manually Running a Schedule
Editing a Schedule
Deleting a Schedule
Documentation
About Documentation
Viewing Documentation Templates
Creating a Documentation Template
Assigning a Documentation Template
Modifying a Template
Deleting a Custom Template
Appliance Clusters
About Appliance Clusters
Creating an Appliance Cluster Connection
Viewing Appliance Cluster Details
Compliance Manager Authentication and Settings
Adding an Image
Inviting and Removing Local Authentication or OpenID Connect (OIDC) Members
Adding and Removing Active Directory (AD) Members
Single Sign-On (SSO) Authentication
Adding and Deleting Local Users
Configuring Active Directory
Reconfiguring Active Directory
Configuring OpenID Connect
Licensing and Entitlements
About Licenses and Entitlements
Adding a License
Viewing Entitlements and Licenses
External Authentication Providers
Example: Configuring Azure OIDC to use with Cryptographic Security Platform Compliance Manager
Example: Configuring Entrust Identity as a Service
System Console
Accessing the System Console
Using the CSP Compliance Manager System Console
Setting Console Settings
Manage your Network Settings
Manage Your Static Routes
Test Your Network Connectivity
Manage htadmin Account and SSH Access
Manage Full Support Access
Manage Read Only Support Access
Change the secroot Account
Delete CSP Compliance Manager Snapshots
Recover Compliance Manager Cluster
Manage Timeouts and Appearance
Exiting the Console
Copyright