8.1.3 Administration

The Database Encryption Expert provides centralized administration for managing policies, keys, hosts, users, and logs through a Web-based GUI, which is also referred to as management console. Figure 8-6 shows the management console dashboard.

Figure 8-6 Database Encryption Expert dashboard

From the management console the security administrator can perform the following:

Manage users including adding and removing user accounts and granting different roles such as administrator, audit, key, policy, and authorities to different users. Figure 8-7 shows the Administrator panel.

Figure 8-7 Adding new user account.

Add, remove, and administrate hosts and host groups. Figure 8-8 shows the Hosts managing panel.

Figure 8-8 Administrating hosts

Manage and create keys, affiliate keys, and key groups. Figure 8-9 shows the Key managing panel.

Figure 8-9 Administrating keys

Create and manage online and offline policies. Figure 8-10 shows the initial panel for managing policies.

Figure 8-10 Administrating policies

View logs. You can display the security server log and configure the events that it displays in the management interface. Figure 8-11 shows a sample log panel.

Figure 8-11 View logs

Configure Web interface preferences, as shown in Figure 8-12.

Figure 8-12 Preferences

Add a failover server designed to perform the backup and restore functions in case the primary security server becomes unavailable. Failover servers contain replicated data from the primary server with the same keys, policies, host information, and so on. Figure 8-13 shows the High Availability Servers interface.

Figure 8-13 Managing high availability servers