Deployment Guide
Table Of Contents
- Dell Security Management Server Virtual Quick Start and Installation Guide v11.1.1
- Contents
- Quick Start Guide
- Detailed Installation Guide
- About Security Management Server Virtual
- Contact Dell ProSupport
- Requirements
- Download and Install OVA File
- Open Management Console
- Install and Configure Proxy Mode
- Basic Terminal Configuration Tasks
- Advanced Terminal Configuration Tasks
- Maintenance
- Troubleshooting
- Post-Installation Configuration
- Management Console Administrator Tasks
- Ports
Post-Installation Configuration
After installation, some components of your environment may need to be configured, based on the Dell Data Security solution
used by your organization.
After installing the Security Management Server Virtual, the following defaults should be modified:
● Change the back end server password at the following location:
C:\Program Files\Dell\Enterprise Edition\Message Broker\conf\application.properties
● Change password for every front end server in your environment at the following location:
C:\Program Files\DELL\Enterprise Edition\Beac\conf\application.properties
The password displays as follows: proxy-server.password=ENC(<texthere>)
To change the password:
1. Select: ENC(<texthere>)
2. Change the selected text to: CLR(<newpasswordhere>)
After service restart, the modified line changes to ENC from CLR and the password is encrypted.
NOTE: The proxy-server.username may also be modified, but this must match within the Message Broker's
application.properties file and all active front end servers.
Validate Manager Trust Chain Check
If a self-signed certificate is used on the Security Management Server Virtual for SED or BitLocker Manager, SSL/TLS trust
validation must remain
disabled
on the client computer. Before enabling SSL/TLS trust validation on the client computer, the
following requirements must be met:
● A certificate signed by a root authority (for example, Entrust or Verisign) must be imported into the Dell Server. See Import
an Existing Certificate or Enroll a New Server Certificate.
● The full chain of trust of the certificate must be stored in the Microsoft keystore on the client computer.
To disbale SSL/TLS trust validation, on the client computer, change the value of the following registry entry to 1:
[HKLM\System\CurrentControlSet\Services\DellMgmtAgent\Parameters]
DisableSSLCertTrust=REG_DWORD (32-bit):1
5
Post-Installation Configuration 31