User guide

4. Return to the node’s System > Clustering > Status tab, select the checkbox next to

disabled nodes in the Cluster Members column, and then click Enable.

5. Wait for all the cluster members to go into an "Enabled" state.

6. Set the mode switch on the cryptographic modules of cluster members that were

earlier disabled to I (initialization mode).

7. Reboot each of these nodes from the serial console.

8. After a node joins the security world, reset its cryptographic module's mode switch

to O (operational mode).

Replacing Administrator Cards

You can replace an administrator card by selecting the Replace Administrator Card Set

option from the serial console. You cannot increase the number of administrator cards

in an existing set. If you want to do this, you have to create a new security world which

replaces all of the existing cards in a set and allow you to create a set with a larger or

smaller number of cards.

NOTE: Replacing administrator cards restarts services on your standalone

Secure Access device or cluster.

If you need to replace administrator cards for a security world, you must have physical

access to:

•

A cryptographic module that belongs to the security world.

•

A smart card reader (if you use an older model Secure Access device that does not

contain a built-in card reader).

•

An administrator card that is pre-initialized with the security world.

•

An un-formatted smart card or administrator card containing data that you can safely

overwrite.

•

The same number of unformatted smart cards or administrator cards as in the original

set containing data that you can safely overwrite.

NOTE: If you need to replace administrator cards, you must replace the same

number of cards that you first initialized for the security world. You cannot

replace a subset of the cards.

NOTE: If you require additional smart cards, please contact your Secure

Access Reseller.

Chapter 5: Security World