Installing KeyControl from an ISO Image

Important: Make sure that all KeyControl nodes reside on devices that are not encrypted. KeyControl has its own internal encryption, and it must be available to provide the keys for the encrypted devices before the encrypted devices can be accessed.

Before You Begin 

  • If you are installing KeyControl on an existing VM, make sure that there is no important data currently on the target system. The installer will overwrite all data on the selected disks.
  • Make sure that the target VM can access the HyTrust DataControl ISO image.
  • Make sure the target VM meets the basic system requirements described in System Requirements.
Note: The following procedure is based on vCenter Web Client version 5.5.0. If your version of the vCenter Web Client is different from what is described below, please see your vCenter documentation for details about the ISO deployment process.

Procedure 

  1. Log into the vSphere Web Client.
  2. Create a new virtual machine using the settings appropriate to your environment.

  3. When you are prompted to select a guest OS, set the following:

    Field

    Setting
    Guest OS Family Other

    Guest OS Version

    FreeBSD (64-bit)
  4. Click Next.

  5. On the Virtual Hardware tab of the Customize hardware page, set the following options:

    Field

    Notes
    CPU We recommend you select 2 CPUs for a standard installation or 4 CPUs for a large installation. For details, see System Resource Recommendations.

    Memory

    		 We recommend you select 8 GB for a standard installation or 16 GB for a large installation.
    New Hard Disk

    We recommend you select 20 GB for a standard installation or 60 GB for a large installation.

    New SCSI Controller

    We recommend you use the default LSI Logic Parallel SCSI controller. If you want to change this controller, make sure that the controller you want to use is compatible with FreeBSD 64-bit.
    New CD/DVD Drive Select Datastore ISO File and then connect this option to the HyTrust installation ISO file you want to use.

    The rest of the options on this tab should be configured to match your vSphere environment.

  6. Go to the VM Options tab and expand the Boot Options section. Make sure that the Firmware boot option is set to BIOS.
  7. Deploy the new VM and then log into that VM. When it is powered on, it should boot from the HyTrust KeyControl installation ISO file that you specified in the New CD/DVD Drive field.

  8. When prompted about starting the installation, verify the version of KeyControl you are about to install, then select Yes and press Enter.

    Note: If the installer detects a previous version of the software, it prompts you to choose between an upgrade and a fresh install. To upgrade your system, see KeyControl and Policy Agent Upgrades. To overwrite the existing installation with a fresh install, select Install version version-number and press Enter.
  9. If your system contains a single disk, the installer displays a message recommending that you mirror the install disk using hardware RAID or by canceling the installation and restarting after you have added a second disk. To continue the installation, select OK and press Enter.

  10. If your system contains multiple disks:

    1. On the Choose Install Disk screen, select the primary disk on which KeyControl should be installed.
    2. Select OK and press Enter.

    3. On the Choose Mirror Disk screen, select the disk on which you want to mirror the KeyControl software. If you do not want to mirror the software at this time, select None. Once you make your selection, select OK and press Enter.

      We recommend you mirror the software on a second disk unless the primary disk is protected with hardware RAID or you plan to set up mirroring later through the KeyControl webGUI.

  11. The installer displays a message warning you that all data on the selected disks will be overwritten. To continue with the install, select OK and press Enter.

  12. When the software is installed, the HyTrust SecureOS Installation screen displays a success message and prompts you to configure the new system. Press Enter to complete the base software installation.

    The wizard automatically ejects the ISO CD/DVD and restarts the system. When the reboot completes, the wizard displays the HyTrust SecureOS System Configuration screen.

  13. If you have installed KeyControl in a VM, disconnect the CD drive if needed.

    Tip: If you are using vSphere, select Virtual Machine Properties > Hardware > CD/DVD drive and make sure the Connect at power on check box in the Device Status section is not checked.

What to Do Next 

If this is the first KeyControl node in the system, follow the steps in Configuring the First KeyControl Node (ISO Install).

If you are adding this node to an existing KeyControl cluster, follow the steps in Adding a KeyControl Node to an Existing Cluster (ISO Install).

 

HyTrust DataControl v 4.3

Copyright © 2019 HyTrust, Inc. All Rights Reserved.

Follow us: