Manualshelf

Deployment Guide

ManualsBrandsDell ManualsConverged InfrastructureEncryption
12345678910
The license file is an XML file located on the FTP site in the Client Licenses folder.
NOTE:
If you purchased your licenses on-the-box, no license file is necessary. The entitlement is automatically downloaded from
Dell upon activation of any new Encryption Personal, Encryption Enterprise, or Endpoint Security Suite Enterprise client.
Database is created?
(Optional) A new database is created on a supported server - see Requirements and Architecture in the
Security Management Server Installation and Migration Guide. The Security Management Server installer
creates a database during installation if one is not already created.
The target database user has been given db_owner rights.
DNS alias created for Security Management Server and/or Policy Proxies with Split DNS for internal and external
traffic?
It is recommended that you create DNS aliases, for scalability. This will allow you to add additional servers later or separate
components of the application without requiring client update.
DNS aliases are created, if desired. Suggested DNS aliases:
Security Management Server: dds.<domain.com>
Front end Server: dds-fe.<domain.com>
NOTE:
Split-DNS allows the user of the same DNS name internally and externally. This means that we could internally supply
dds.<domain.com> as an internal c-name, and direct this to the Dell Security Management Server ( back-end), and
externally we could supply an a-record for dds.<domain.com> and forward the relevant ports (see Ports for Security
Management Server) to the front-end server. We could leverage DNS round-robin or a load-balancer to distribute the load
to the various front-ends (if multiple exist).
Plan for SSL Certificates?
We have an internal Certificate Authority (CA) that can be used to sign certificates and is trusted by all
workstations in the environment or we plan to purchase a signed certificate using a public Certificate
Authority, such as VeriSign or Entrust. If using a public Certificate Authority, inform the Dell Client Services
Engineer. The Certificate contains the Entire Chain of Trust (Root and Intermediate) with Public and
Private Key Signatures.
Subject Alternate Names (SANs) on Certificate Request match all DNS aliases given to every server being
used for Dell Server installation. Does not apply to Wildcard or Self- Signed certificate requests.
Certificate is generated to a .pfx format.
Change Control requirements identified and communicated to Dell?
Submit any specific Change Control requirements for the installation of Encryption or Endpoint Security
Suite Enterprise to Dell Client Services prior to the installation engagement. These requirements may
include changes to the application server(s), database, and client workstations.
Test Hardware prepared?
Prepare at least three computers with your corporate computer image to be used for testing. Dell
recommends that you not use production computers for testing. Production computers should be used
during a production pilot after encryption policies have been defined and tested using the Test Plan
provided by Dell.
Preparation Checklist - Initial Implementation 9