Overview
XCrypt Management Platform for OpenShift is a software-only solution that enables encryption of data stored in Red Hat OpenShift container environments without impacting performance of the applications. Additionally it provides a transparent and granular layer of security that protects container data across on-premises, hybrid, and multi-cloud environments.
XCrypt Management Platform for OpenShift delivers on the promise of container data security in the same way that Red Hat delivers the stable, consistent, and supported base that organizations need to get applications out the door faster.
Highlights
- Confidently focus on driving innovation quickly Dramatically reduce the risk of potential breaches and data theft Ensure developers are no longer required to make security decisions Create a smooth plan for the transition to DevSecOps
Details
Typical total price
$0.616/hour
Pricing
Free trial
Instance type | Product cost/hour | EC2 cost/hour | Total/hour |
---|---|---|---|
t2.medium Recommended | $0.57 | $0.046 | $0.616 |
Additional AWS infrastructure costs
Type | Cost |
---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
No Refund
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Refer README for Release Notes
Additional details
Usage instructions
Connecting to the Instance:
- SSH via port 22 with the username 'centos'
Configuring SSL
Perform the following steps on the machine that will run the API Server.
-
Install CA Server
$ sudo /usr/share/zts/cmc/zts-cmc-server/bin/install_ca_server.sh
-p-o -u -e
-l-s -c replace
with a password you generate. CA parameters are optional; if it is not specified, defaults will be used.
Here's an example of this command.
$ sudo /usr/share/zts/cmc/zts-cmc-server/bin/install_ca_server.sh
-p asdf1234 -o Zettaset -u Engineering -e engineering@zettaset.com
-l 'Mountain View' -s California -c US -
Start CA Server
$ sudo service estserver start
-
Generate certificates for API Server and Web Server
$ sudo /usr/share/zts/cmc/zts-cmc-server/bin/configure_ssl_certs.sh
-i-p
-o-u -e
-l-s -c
-nreplace
with the public IP address of the local host replace with the CA password you created in Step 1. replace
in -n argument with the DNS (or resolvable via /etc/hosts) name of the Management Console server. CA parameters are optional; if it is not specified, defaults will be used. Make sure that you specify the same CA parameters as those you used in step 1 above.
When this command finishes executing, it will display keystore password. Save this password in a secure location. You will need it to configure the API server.
If you are installing CLI client on the same host as the API server, make sure the CLI client RPM is installed before running this command. This will ensure that the CA certificate will be automatically added to CLI client configuration.
Here's an example of this command.
sudo /usr/share/zts/cmc/zts-cmc-server/bin/configure_ssl_certs.sh
-i 192.168.99.100 -p asdf1234
-o Zettaset -u Engineering -e engineering@zettaset.com
-l 'Mountain View' -s California -c US
-n ztc-cmc -
Stop CA Server
$ sudo service estserver stop
-
If your CLI client is installed on a host other than the API server, perform the following steps to configure SSL connection between the CLI client and the API server:
5.1. Obtain CA certificate for the API server. It is located in /usr/share/zts/ca/certs/cacert.pem on the API server host.
5.2. On the host where you installed the CLI client, place the CA certificate in /usr/share/zts/cmc/zts-cmc-cli/config/cacert.pem and make sure that it is readable by users that will run the CLI client.
Coniguring CLI Client:
Perform the following steps on the host that runs CLI client.
- Configure API server connection in ~/.zts/adminconfig.
sample ~/.zts/adminconfig file
[default] Consoleserver = zmc-server # hostname or IP address of the console server UseSSL = yes CAcert = /usr/share/zts/cmc/zts-cmc-cli/config/cacert.pem # leave as default
end sample file
By default, the API server will use port 8444 when SSL is enabled and port 8081 when SSL is not enabled.
- Configure API server credentials in ~/.zts/admincredentials files
sample ~/.zts/admincredentials file
[default] userid = system password = manager
end sample file
IMPORTANT: All CLI commands in the following sections of this document assume that you performed the configuration steps described in this section.
Configuring API Server:
- Make sure you performed CLI Client configuration steps documented in Section I and Section II.
Perform the following steps on the API server host.
- Set API server name via
property in the server configuration file /usr/share/zts/
Resources
Vendor resources
Support
Vendor support
At Zettaset our goal is to ensure a positive, consistent, and successful customer experience with each one of our advanced data protection solutions. As part of our on-going commitment, Zettaset offers a world-class customer service and support program to effectively complement our industry-leading data security products. Every aspect of our customer service and support program is staffed by expert and highly-trained engineers who have years of experience in cybersecurity and regulatory compliance requirements.
Phone: +1-866-561-4981 Email: support@zettaset.com https://www.zettaset.com/customer-support/
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.