A Smartpoint combines a Smartcrypt TDE key and Smartcrypt TDE Smartpoint policy and applies this combination to one agent in one specific path. You may add, edit, or delete Smartpoints within the Smartcrypt TDE Manager.
The list of existing Smartpoints includes information on these fields:
|Path||The Path to this Smartpoint.|
|Key||The name of the TDE Key associated to this Smartpoint.|
|Policy||The Smartpoint Policy that applies to this Smartpoint.|
|Smartpoint Status||If the TDE Agent has connected to the server recently, this will display Up to Date. This field will display Not Up to Date if the agent has not connected. If the agent has an issue with Key Rotation or connecting with the server, this field will display Error.|
|Key Rotation Status||Key Rotation is an aspect of the Smartcrypt TDE Manager that allows you to decide when a TDE key should no longer be used. See Keys for more information.|
|Reporting||When this is Enabled, Smartpoint events are included in the TDE Data Security Intelligence reporting system.|
|Learning||When this is Enabled, Learn Mode is active on this Smartpoint.|
|Owner||The user responsible for this Smartpoint.|
|Edit||See Editing a Smartpoint below.|
|Delete||See Deleting a Smartpoint below.|
|Encrypt All||Click to encrypt files in the Smartpoint not yet encrypted or with an older version of the Smartpoint's TDE Key, regardless of the existing policy. This link only appears after a file has been placed in the defined Smartpoint path.|
Adding a Smartpoint
To add a Smartpoint to your system:
- Go to Smartpoints page. Any existing Smartpoint will display in a list.
- Click Add Smartpoint(s). Smartcrypt Manager displays a list of up to 10 configured devices for this system. If the device you want is not on the list, start typing the agent/device name to locate it.
Click the device link.
Type the Path to the volume you want to encrypt.
Use the TDE Key drop-down menu to select an active key.
Click Save to return to the Smartpoints list for this device. You may add more Smartpoints, or click Done to identify another device.
Caution: Do not create a Smartpoint pointing to the Path of Smartcrypt Enterprise Manager's own database directory.
In order to create a Smartpoint, you must first define the agent you wish to utilize the Smartpoint. A TDE agent is simply a server. The list of available TDE agents appears after you select Add Smartpoint(s). You may select any TDE Agent listed under Device.
To learn how to Add a TDE Agent, see TDE Agent for more information.
When adding a Smartpoint, you must select a path within the selected TDE agent. Now when any additional files are added to this path, the files will be transparently encrypted as defined by the created Smartpoint.
The TDE key represents the key that will be used for encryption. The user's list of available keys will appear in the drop down menu. TDE keys are defined within the Keys tab.
See Keys for more information.
The final aspect of a Smartpoint that must be defined is the Smartpoint policy you wish the Smartpoint to follow. A Smartpoint Policy is a list of rules that control the transparent encryption applied to the Smartpoint. Smartpoint polices may be used by multiple Smartpoints. Any changes made to a Smartpoint policy will be reflected in existing Smartpoint(s).
See Smartpoint Policies for more information.
Editing a Smartpoint
You may edit a Smartpoint at any time by selecting Edit next to the Smartpoint you wish to edit. From here you may edit the path**, TDE key, and Smartpoint policy that apply to the Smartpoint.
** IMPORTANT: If you choose to edit the path, it will not decrypt any existing files within the Smartpoint.
Deleting a Smartpoint
A Smartpoint may be deleted by selecting Delete located to the right of the Smartpoint you wish to delete.
** IMPORTANT: If you choose to delete a Smartpoint, it will only remove it from being protected by the agent. It will not decrypt any existing files within the Smartpoint.