Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ACE WAF nCipher implementation

Hello guys,

I need store private keys for encryption private keys saved on HDD on HW keystore. After reading Cisco doc it's not clear for me. Can Anybody explain it for me?

I have 3 WAF appliances:

- 1x management (ACE-WAF-MGT-LICFX license)

- 2x fw (ACE-WAF-GAT-LICFX license)

All three appliances have ACE-XML-FIPS license

Currently are boxes in production with SSL termination. Two fw appliances are load-balanced.

I need integrate hardware keystores and security world. I read Cisco doc (http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_waf/v60/administration/guide/axg_admin_hardwarekeystores.html).

I'm not sure:

1. if I can follow steps described in part "creating the new security world" without impact to production.

2. if I must implement nCipher only to 2x fw appliances, or I must join all 3x appliances (1x mgmt, 2x fw) to one security world. How many cards I need used? 3 for production and 3 for backup, or 2 for production and 2 for backup?

Thanks fof help

martin

134
Views
0
Helpful
0
Replies
CreatePlease to create content