Vormetric Data Security Manager (DSM) Integration Guide

Describes how to integrate the data-fabric platform with the Vormetric Data Security Manager.

This chapter discusses how to set up the Vormetric Data Security Manager (DSM) and prepare it for integration with the data-fabric KMIP client.

Data Fabric integration works with any DSM release that supports KMIP 1.0-1.4, although this integration guide is based on the Data Security Manager Release 6. Changes in the DSM user interface and functionality in different DSM releases may affect the steps outlined in this integration guide. For more information, refer to the Vormetric DSM documentation for the authoritative guide for the DSM appliance:

  • Data Security Manager Release 6 Installation and Configuration Guide

  • Data Security Manager DSM Release 6 Administration Guide (get these two guides from the vendor)

This chapter provides an overview of DSM setup and installation as it relates to the data-fabric core platform and KMIP. DSM requires a KMIP license in order to run the KMIP server and connect KMIP clients to the DSM. Details of how to set up and manage KMIP in DSM can be found in Chapter 25: Key Management Interoperability Protocol of the Data Security Manager DSM Release 6 Administration Guide (get it from the vendor).

It is assumed that the Vormetric DSM Local CA is used to sign the client certificate. This may not always be the case in production deployments, since trusted CA’s may be imported. Refer to the Vormetric DSM Administration Guide (get it from the vendor) for details on how to configure and/or import CAs and client certificates.

The steps for integration are as follows:

  1. Install and set up the DSM, including high availability
  2. Install the KMIP license
  3. Install the KMIP trusted CA certificate
  4. Create and download the client certificate
  5. Create the KMIP group and user
  6. Create a KMIP-enabled DSM domain