Before you can use a
Thales nShield Connect with a NetScaler ADC, make sure that the following
prerequisites are met:
A Thales nShield Connect
device is installed in the network, ready to use, and accessible to the
NetScaler ADC. That is, the NetScaler IP (NSIP) address is added as an
authorized client on the HSM.
A usable Security World
exists. Security World is a unique key management architecture used by the
Thales nShield line of HSMs. It protects and manages keys as application key
tokens, enabling unlimited key capacity, and automatic key backup and recovery.
For more information about creating a Security World, see the nShield Connect
Quick Start Guide from Thales. You can also find the guide in the CD provided
with the Thales HSM module at
Note: Softcard or
token/OCS protected keys are currently not supported on the NetScaler ADC.
Licenses are available to
support the number of clients that will be connected to the Thales HSM. The ADC
and RFS are clients of the HSM.
A remote file server (RFS)
is installed in the network and is accessible to the NetScaler ADC.
The Thales nShield Connect
device, the RFS, and the NetScaler ADC can initiate connections with each other
through port 9004.
You are using NetScaler
release 10.5 build 52.1115.e or later.
The NetScaler appliance
does not contain a FIPS Cavium card.
Important: Thales HSM is not supported on the MPX 9700/10500/12500/15500