I need store private keys for encryption private keys saved on HDD on HW keystore. After reading Cisco doc it's not clear for me. Can Anybody explain it for me?
I have 3 WAF appliances:
- 1x management (ACE-WAF-MGT-LICFX license)
- 2x fw (ACE-WAF-GAT-LICFX license)
All three appliances have ACE-XML-FIPS license
Currently are boxes in production with SSL termination. Two fw appliances are load-balanced.
I need integrate hardware keystores and security world. I read Cisco doc (http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_waf/v60/administration/guide/axg_admin_hardwarekeystores.html).
I'm not sure:
1. if I can follow steps described in part "creating the new security world" without impact to production.
2. if I must implement nCipher only to 2x fw appliances, or I must join all 3x appliances (1x mgmt, 2x fw) to one security world. How many cards I need used? 3 for production and 3 for backup, or 2 for production and 2 for backup?
Thanks fof help