Remote Management

Some local console operations can also be carried out remotely using the Dinamo client software installed on Windows systems. A USB smart card reader plugged into the station will be required.

Once authentication is complete, the following HSM management operations will be available remotely:

  1. Stop service
  2. Restart
  3. Switch off
  4. Unlock master user
  5. Online synchronization(Database live sync)
  6. Return to factory mode
  7. Changing the operating mode

To enable this functionality, the HSM must be configured for remote management (Remote Management). Enter the option Configuration in the main menu of the local console and then the option Load Remote Management. From this point on, the HSM will accept a remote connection for configuration commands. To disable this, simply press ESC.

Remote management option on the local console

Remote management option on the local console

Remote management enabled

Remote management enabled

Only one remote configuration connection can be opened at a time. If a connection is already open, a new one will be denied.

There is an inactivity tolerance time for the remote connection of 2 minutes. If the remote connection is not used, it will be terminated automatically.

When remote management is in use, the local console will display information about the state of the connection, such as the source IP address and the bundle of cryptographic algorithms used in the session.

Active connection in HSM remote management

Active connection in HSM remote management

Local access to the HSM always takes priority over remote access. Any local activity will disable remote management until the HSM is configured again.

If the HSM is switched off or restarted remotely, remote management will be active when the HSM returns.

See the topic Device management for more information on using Dinamo client software for remote management.