To perform an operation on the Hardware Security Module (HSM) or the firewall connected to
the HSM, select DeviceSetupHSM and select one of the following Hardware Security Operations:
Hardware Security Operations
Setup Hardware Security Module (Entrust nShield and SafeNet Network)
Configures the firewall to authenticate with an
HSM.
Set Up HSM Connectivity Account (Thales CipherTrust Manager
only)
Configures the firewall to authenticate with the Thales CipherTrust
Manager HSM. Use to import required authentication certificates.
Refreshes the PAN-OS state, removing old certificates and adding new
certificates.
Set Up HSM Crypto User Account (Thales CipherTrust Manager
only)
Configures the user account to connect to the user
account defined on the Thales CipherTrust Manager server.
Show Detailed Information
Displays information about HSM servers, HSM high
availability status, and HSM hardware.
Synchronize with Remote Filesystem (Entrust nShield only)
Synchronizes the key data from the nShield remote file system to the firewall.
Reset Configuration (Entrust nShield and SafeNet Network)
Removes all HSM connections to the firewall. You must
repeat all authentication procedures after resetting the HSM
configuration.
Select HSM Client Version (SafeNet Network only)
Allows you to choose the version of software running on the HSM
client (the firewall). The HSM client version must be compatible
with the HSM server version. See the HSM vendor documentation for a
matrix of client-server version compatibility.
Removes connections, certificates, and users relating to the HSM
configuration. After clearing the configuration, switch the HSM
provider to None to complete the removal.
