Page tree
Skip to end of metadata
Go to start of metadata

Overview

A Smartpoint combines a Smartcrypt TDE key and Smartcrypt TDE Smartpoint policy and applies this combination to one agent in one specific path. You may add, edit, or delete Smartpoints within the Smartcrypt Enterprise Manager (SEM).

 

Note: Before creating a Smartpoint, you must first define the agent you wish to use the Smartpoint. To learn how to Add a TDE Agent, see TDE Agent.

 

Status

Statuses provide an in depth view of the state of a Smartpoint. Below are explanations to the columns shown in a status page.

Header                    Definition
Compliance
Green Check: Verification that the client is running with latest policy
Red X: Server and client are out of sync and/or there are errors
PathLocal directory path the Smartpoint is assigned
KeyEncryption key the Smartpoint is assigned
Smartpoint Status
"Up to date": Client is running and operating normally
"Out of date": Client is not up to date with server
"Not supported. Please update TDE Agent.": Client version does not support sending Smartpoint status to the server
"n/a": Smartpoint does not have a status. This can happen when the Smartpoint is in learn mode
Note: Any errors will be written out in red text
Key Rotation Status
"No updates required": Client is running and operating normally. Key rotation is not occurring.
"Out of date": Client is not up to date with server
"Rotation pending...": Key rotation is occurring on the client
"n/a": Smartpoint does not have a status. This can happen when the Smartpoint is in learn mode
Note: Any errors will be written out in red text
Reported AtLast record of the client communicating with the Smartcrypt Enterprise Manager

 

 

Adding a Smartpoint

To add a Smartpoint to your system:

  1. Go to TDE > Smartpoints. Any existing Smartpoints will display in a list.

  2. Click Add.
  3. Use the Search to find the desired Smartcrypt Agent Device on the Windows platform. Leave the search fields empty to display all existing agents.
  4. Click Add to set up a Smartpoint on this Agent.
  5. Type the Path to the volume you want to encrypt.

  6. Use the TDE Key drop-down menu to select an active key.

  7. Use the Smartpoint Policy drop-down menu to select the Policy that applies to this Smartpoint.

  8. (Optional) Check Learn Mode to identify and report which users and locally installed applications are accessing data in a defined Smartpoint. Checking this box disables all other options on the page.
  9. (Optional) Check Reporting to include this Smartpoint in Data Security Intelligence (DSI) Reporting.
  10. Click Save to return to the Smartpoints list for this device. You may add more Smartpoints, or click Done to identify another device.

Caution: Do not create a Smartpoint pointing to the Path of Smartcrypt Enterprise Manager's own database directory.

Agents

A TDE agent is simply a server. The list of available TDE agents appears after you select Add Smartpoint(s). You may select any TDE Agent listed under Device.

Path

When adding a Smartpoint, you must select a path within the selected TDE agent. Now when any additional files are added to this path, the files will be transparently encrypted as defined by the created Smartpoint.

TDE Key

The TDE key represents the key that will be used for encryption.  The user's list of available keys will appear in the drop down menu.  TDE keys are defined within the Keys tab.

See Keys for more information.

Smartpoint Policy

The final aspect of a Smartpoint that must be defined is the Smartpoint policy you wish the Smartpoint to follow.  A Smartpoint Policy is a list of rules that control the transparent encryption applied to the Smartpoint.  Smartpoint polices may be used by multiple Smartpoints.  Any changes made to a Smartpoint policy will be reflected in existing Smartpoint(s).

See Smartpoint Policies for more information.

 

Editing a Smartpoint

You may edit a Smartpoint at any time by selecting Edit next to the Smartpoint you wish to edit. From here you may edit the path**, TDE key, and Smartpoint policy that apply to the Smartpoint.

** IMPORTANT: If you choose to edit the path, it will not decrypt any existing files within the Smartpoint.

 

Deleting a Smartpoint

A Smartpoint may be deleted by selecting Delete located to the right of the Smartpoint you wish to delete.

** IMPORTANT: If you choose to delete a Smartpoint, it will only remove it from being protected by the agent. It will not decrypt any existing files within the Smartpoint.

  • No labels