CSSCurrent en:Quick Start Guide

Aus Cryptshare Documentation
Wechseln zu:Navigation, Suche



Welcome to Cryptshare!

Cryptshare Server is the core component of your Cryptshare system. Please install your Cryptshare Server before installing any add-ons products. This quick start guide will help you getting started in no time. It describes the minimal steps that need to be performed to install and start up the Cryptshare Server with basic settings, which can be changed later on.

1 Selecting a platform

Cryptshare runs on a dedicated server as one of the following options:

  • Cryptshare Virtual Appliance
  • Self-Installed System (i.e. self-installed server on MS Windows or Linux platform)

For details, please refer to Modes of Operation and Server System Requirements. We recommend running Cryptshare as a virtual appliance which is the option that the vast majority of customers took. Please make sure that you follow the instructions below for the platform of your choice.

2 Prepare what you need

Ideally, the following steps should be performed before you start the installation and configuration of your Cryptshare Server.

Depending on size and structure of your business, different stakeholders may need to be involved in your preparations. We strongly recommend you identify these stakeholders during your preparation and have these items completed so the installation can be carried out smoothly.

URL / Subdomain / IP Address

You will need a public, static IP address for your Cryptshare Server. Also, your Cryptshare Server will need a URL under which it can be reached. Most customers decide to use a subdomain of their internet domain, e.g. `https://cryptshare.mydomain.com/` and associate this subdomain with the public IP address of the Cryptshare Server. Depending on where your Cryptshare Server is located, your Internet Service Provider or Hosting Partner will be able to provide you with a public IP address and subdomain.

SSL Certificate

In order to secure communication between clients and your Cryptshare Server and in order to provide trust into the authenticity of your server, you need an SSL certificate. Cryptshare comes with a self-signed SSL certificate which provides secure communication, but which is not regarded as trusted by the users' browsers. This self-signed certificate is pre-installed to allow you to perform all first-time configuration steps through a secure connection, but it is not designed for productive use. In order to provide trust into the authenticity of your server for your users and eliminate corresponding warning messages in the browser, you need to purchase a commercial SSL certificate and install it on the Cryptshare Server or use an existing wildcard certificate which you may already own. For more information, please refer to the section SSL Certificate.

Firewall Ports

The Cryptshare Server communicates with users and other servers over certain ports. These ports need to be opened by your firewall administrator to allow the required communication to and from the server. See section Network Configuration for details.

Make sure that these ports are set up as required. Insufficient or incorrect configuration of firewall ports is the most common source of error during the process of taking Cryptshare productive.

Configure Mail Server for Relaying

Cryptshare Server sends notifications to users and administrators via email. Most customers let the Cryptshare Server relay these messages through an existing mail server or mail gateway as this eliminates the risk of these messages being rated as SPAM. However, this requires the mail server to be configured to accept messages from the Cryptshare Server. The responsibility for setting up the mail server accordingly may lie with another team in your company. Make sure to have that setting in place before you take your server online. The IP address and/or network name of the Cryptshare Server may be required to configure the mail server accordingly. Please refer to the documentation of your mail server to configure relaying.

Define Administrators

It is mandatory to configure the email address of a user or a user group as administrators of the Cryptshare Server. Cryptshare Server will send notifications to this email address in case of available updates, warnings or errors. Without an administrator email address, the configuration cannot be completed. Decide which email address should be used and set up a user group in your mail server directory if required.

3 Build your Cryptshare Server 

Virtual Appliance

Go to https://customer.pointsharp.com/en/support to build your machine using our VM Build Service. You will receive a download link for your pre-configured VM within 15 minutes. Import the machine into your VMware environment. You will find more details about the installation and management of Cryptshare VMs here.

Self-Installed Systems

4 Create and set storage locations for temp, retention and backup folders

Cryptshare can use up to three different storage locations to save temporary files, the transfer payload and backups. These storage locations should be sized according to your requirements and have to be configured in the Cryptshare Server. If you are running a Virtual Appliance or Self-Installed System, please follow the steps below.

Explanation
* Temporary files are created during the upload, virus check, encryption process or any other pre-processing tasks.
  • The retention folder is the folder where the payload of the system is stored, i.e. the encrypted files and messages that are being transferred from A to B reside in this folder until they are automatically deleted at the end of the retention time.
  • The backup folder is a folder into which you can back up your system configuration, transfer meta data and the transfer data itself. For more information refer to Backup & Restore.
Sizing Recommendation
To determine the correct size for your needs, use the following formula:

`suggested retention folder size in MByte = ((expected average number of transfers per day) * (expected average transfer size in MByte) * (maximum planned retention time)) * 1.25` This will provide enough space for your transfer data, for the temporary directory and also if you want to back up the system configuration and transfer meta information to this disk.

If you want to backup transfer data as well, you will have multiply the space by a factor (x+1) where x is the number of backups of the transfer data you want to keep. However, it is recommended to backup data to a location outside the Cryptshare Server as otherwise, you will lose your productive data and your backup data in case of a disk failure.

Virtual Appliance

When we create the Virtual Machine for you in our VM Build Service, we do not want you to download a vast empty store, so we keep the store of the download file small and you will have to add a disk to your VM to save temporary files, transfer data and backups.

Self-Installed Systems

Please refer to the documentation of your operating system to learn how to add a disk or directory and set the size for it.

  • Configure Cryptshare to use the additional disk for saving transfer data ("upload directory") as described in Transfer Settings.
  • To configure Cryptshare to use the additional disk for temporary files, please refer to System Startup Configuration.
  • To use the additional disk as target directory for backups, please refer to Backup & Restore.

5 Start up your Cryptshare Server

Virtual Appliance

  • Start up the virtual machine from your vSphere console.
  • The Cryptshare daemon will start up automatically during machine start-up.
  • Fore more details on starting or stopping the Cryptshare daemon, please refer to the section Cryptshare Service.


Self-Installed Systems

Start up your server as described in the section Installation - Self-Installed Systems

6 Install your SSL certificate

Install the SSL certificate you have purchased. For details about SSL certificates and the installation procedure, please refer to Setting up an SSL Certificate.

7 Install your licence key

A licence key is required to use the Cryptshare Server. Until the licence key is successfully installed, you can only work with administration interface of Cryptshare, but the user interface will remain deactivated. The licence key is a file named "cs\_license.txt" which we will have provided to you either as a test licence or productive licence.

Virtual Appliance

Depending on whether or not you have uploaded a licence key in our VM Build Service, the Virtual Appliance is shipped with or without a licence key installed. Please refer to the System Status section on the General Administration Interface to check if a licence key is installed and the registered domain(s) and the licence term are correct.

If no licence key is installed, please refer to Importing the Cryptshare Licence Key.

Self-Installed Systems

When you self-install a Cryptshare Server, you need to obtain a Cryptshare Licence Key from your Cryptshare reseller or directly from us. Install the licence key as described in the section Importing the Cryptshare Licence Key.

8 First-time configuration

Follow the steps described in the section First-Time Configuration.

Configuring Cryptshare for the first time
* Make sure to perform the configuration steps in the suggested order as later settings may require values from previous settings to be completed.
  • Make sure to click the "Save settings" button at the end of each configuration page as settings will not be saved if you just leave the page.

9 Check for updates

We frequently update the Cryptshare Server to provide functional improvements, but also to maintain a high level of security. Sometimes, updates may have become available in the time since you downloaded your installers or VM image files. To make sure you benefit from the latest version, check if updates are available and if so, install them now. The section Updates describes how you can check for updates and install them. Repeat the process until Cryptshare Server does not show you any further available updates as in some cases, you cannot update directly to the latest version as the installation routines of intermediate version perform important update steps.

Congratulations!

You are now ready to use Cryptshare Server! Users from inside and outside your business can use the Cryptshare Web Interface now to exchange secure email messages and large files.


Further steps you might want to take...

Customize the user interface, notifications and language packs

You can modify the look of the web user interface of Cryptshare Server as well as the design of the email notifications to reflect your corporate design. Further information can be found here:

Set up the Policy to tailor Cryptshare to your business needs

By default, based on the rules which are build into the licence key and which have been created in step 5, Cryptshare Server will allow all of your employees to communicate with everybody inside or outside your business and vice versa. However, no third parties can use your system to communicate with each other. A member of your licenced email domain has to be either the sender or the recipient of a transfer being performed using your Cryptshare Server. You can (but do not have to) apply further rules and definitions concerning who can or cannot use your system by setting up further Policy Rules. However this step is not required to start using the server.

Set up MS Outlook or IBM Notes integration for best user experience

You may want to proceed with installing our email integration options. Here are a few helpful links for further reading:

Allow your business applications to send secure emails and large files

You may want to proceed with integrating Cryptshare into other business applications, allowing them to send messages and large files securely via Cryptshare rather than vie email.

Further helpful links