Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE
Community Manager winkra Community Manager
Community Manager
267 views

Voltage SecureData Server Customer Advisory

Voltage SecureData Server

Customer Advisory

December 10, 2018

Title:
Appliance upgrade can result in a software protected Field Encryption Key

 

Summary: 
Appliance upgrade results in a software protected Field Encryption Key despite the presence of a configured HSM

 

Details:
When applying a SecureData Appliance upgrade, the upgrade script makes a backup of the existing management configuration database, and restores the backup after application of software updates. 
After restoration of the backup, the configuration database has sensitive data secured via the Field Encryption Key (FEK).  Systems with Hardware Security Modules (HSMs) enabled protect the FEK with an HSM, otherwise the FEK is protected with a software derived key.
The upgrade process can result in a software derived FEK, even when an HSM is available.  This applies only to upgraded systems configured with HSMs.  Fresh installs of SecureData Appliance are not subject to this issue.

 

Recommendation:
For appliances configured with HSMs, upgrade to SecureData Appliance version 6.6.1:  the new upgrade script corrects the FEK protection to use the HSM if available. 

Alternatively, apply the following workaround to HSM configured Voltage SecureData Management Console:

From the management console (“Systems->Advanced” settings):

  1. disable HSM support,
  2. save settings,
  3. re-enable HSM support,

save settings (No deploy is necessary, and this will result in an HSM derived FEK).

 

Products Affected:
Voltage SecureData Management Console – all versions

 

Obtaining Support:
If you require technical assistance with this issue, please contact Micro Focus Voltage Customer Support

(Phone) https://softwaresupport.softwaregrp.com/web/softwaresupport/document/-/facetsearch/document/KM00006

(Chat) https://softwaresupport.softwaregrp.com/web/softwaresupport/chat-language-selection

(MySupport Web Portal) https://softwaresupport.softwaregrp.com/

(Internet) https://www.microfocus.com/support-and-services/contact-support/

Date: December 10, 2018

Document ID: MF-VOLT-CA-201806

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.