Site Tools


guides:workstation_configuration

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
guides:workstation_configuration [2023/07/11 00:26] brett.zamoraguides:workstation_configuration [2025/10/23 20:58] (current) 216.9.23.34
Line 2: Line 2:
  
  
-Once you have acquired your ERDS and/or G2G workstation, a variety of tasks must be performed to prepare the workstation to be used with CeRTNA’s ERDS and/or G2G platform. These tasks include:+Once you have acquired your ERDS and/or G2G workstation and/or created your ERDS and/or G2G Virtual Machine, a variety of tasks must be performed to prepare the workstation to be used with CeRTNA’s ERDS and/or G2G platform.
  
 +These tasks include:
  
 {{tablelayout?colwidth="250px,350px"&rowsFixed=1&rowsVisible=10&float=center}} {{tablelayout?colwidth="250px,350px"&rowsFixed=1&rowsVisible=10&float=center}}
 ^ Task ^ Description ^ ^ Task ^ Description ^
-| Physically Secure The Workstation | Certified ERDS workstations must be physically secured. Per CeRTNA’s HW / SW, CeRTNA recommends using a locking workstation security cabinet that can be secured to a wall or floor. \\ . \\ G2G workstations are not required to be kept in a locking security cabinet, however, many CeRTNA clients do secure their G2G workstations as well. | +| Physically Secure The Workstation \\ (Standalone workstations only.) | Certified ERDS workstations must be physically secured. Per CeRTNA’s HW / SW, CeRTNA recommends using a locking workstation security cabinet that can be secured to a wall or floor. \\ . \\ G2G workstations are not required to be kept in a locking security cabinet, however, many CeRTNA clients do secure their G2G workstations as well. \\ . \\ Notes regarding Virtual Machine (VM) installation are provided further down in this document. | 
-| Workstation Configuration | ERDS workstations need to pass a system security audit in order to be certified for transmitting ERDS transactions. This document provides recommendations on how to configure a variety of operating system components on your local workstations, including Windows Update settings, Local Security Policy settings, and Anti-Virus/Malware Protection settings. \\ . \\ G2G workstations are not subject to a system security audit, however CeRTNA recommends applying the same settings to your G2G workstation as recommended for your ERDS workstation. \\ . \\ Additional workstation configuration details are provided later in this document. | +| Workstation Configuration | ERDS workstations and/or Virtual Machines need to pass a system security audit in order to be certified for transmitting ERDS transactions. This document provides recommendations on how to configure a variety of operating system components on your local workstations, including Windows Update settings, Local Security Policy settings, and Anti-Virus/Malware Protection settings. \\ . \\ G2G workstations are not subject to a system security audit, however CeRTNA recommends applying the same settings to your G2G workstation as recommended for your ERDS workstation. \\ . \\ Additional workstation configuration details are provided later in this document. | 
-| Network / Firewall Configuration | Per regulations, certified ERDS workstations are expected to be secured for the ‘sole use’ purpose of electronic recording activity. CeRTNA’s ERDS infrastructure is accessible over the Internet, as such, workstations must restrict access to only domains that are required to facilitate the functionality provided in the APEX client. A list of the domains that are used by APEX are listed further down in this document. \\ . \\ Additional network configuration details are provided provided later in this document. |+| Network / Firewall Configuration | Per regulations, certified ERDS workstations and/or Virtual Machines are expected to be secured for the ‘sole use’ purpose of electronic recording activity. CeRTNA’s ERDS infrastructure is accessible over the Internet, as such, workstations must restrict access to only domains that are required to facilitate the functionality provided in the APEX client. A list of the domains that are used by APEX are listed further down in this document. \\ . \\ Additional network configuration details are provided provided later in this document. |
 | Software Installation | There is a limited amount of software that needs to be installed. Currently these include: \\ . \\ - SafeNet Authentication Client (SAC) \\ - APEX \\ . \\ APEX is CeRTNA’s client application software that is used to interact with the CeRTNA ERDS & G2G platforms. \\ . \\ The SafeNet Authentication Client (SAC) contains USB token drivers and APEX uses the token drivers to access the token based PKI certificates that are used for authentication, digital signatures, and encryption/decryption functions. \\ . \\ Additional software installation details are provided later in this document. | | Software Installation | There is a limited amount of software that needs to be installed. Currently these include: \\ . \\ - SafeNet Authentication Client (SAC) \\ - APEX \\ . \\ APEX is CeRTNA’s client application software that is used to interact with the CeRTNA ERDS & G2G platforms. \\ . \\ The SafeNet Authentication Client (SAC) contains USB token drivers and APEX uses the token drivers to access the token based PKI certificates that are used for authentication, digital signatures, and encryption/decryption functions. \\ . \\ Additional software installation details are provided later in this document. |
 +| Certificate Installation | The CeRTNA Root CA certificate needs to be installed to support out Private Key Infrastructure.   |
  
  
Line 25: Line 27:
   * Ensure the anti-virus/anti-malware software is installed. Note: Windows Defender is built into the Windows 10 and Windows 11 operating systems.   * Ensure the anti-virus/anti-malware software is installed. Note: Windows Defender is built into the Windows 10 and Windows 11 operating systems.
   * Ensure that a local Windows Firewall is running on the ERDS/G2G workstation. Some 3rd party antivirus solutions override the built-in Windows Firewall and this is acceptable as long as the firewall is enabled and protecting the computer.   * Ensure that a local Windows Firewall is running on the ERDS/G2G workstation. Some 3rd party antivirus solutions override the built-in Windows Firewall and this is acceptable as long as the firewall is enabled and protecting the computer.
 +
 +
 +== Install the CeRTNA Root CA certificate ==
 +
 +INstallation instructions can be found at LINK
  
  
guides/workstation_configuration.1689035172.txt.gz · Last modified: by brett.zamora