Symantec Encryption Management Server is able to perform many features, including Email Encryption, Secure Content Delivery, including Web Email Protection and Secure PDF Messenger, as well as being able to manage keys, and Symantec Encryption Desktop clients. The server is certified for internet-placement scenarios, and undergoes all the rigorous security testing and reviews. The server is also an on-premise solution, which means that you deploy the solution within your own infrastructure, but can then be placed in a public-facing scenario.
There are several cloud solutions where a cloud vendor hosts your instance, but you still retain the capabilities of your product. Symantec Encryption Management Server does not officially certify these solutions, but may work well within then provided the installation can work in a default setting. This article will go over some of the basics that you can consider for Oracle Cloud specifically.
In order to use Symantec Encryption Management Server or the PGP Encryption Server with Oracle Cloud, you must first deploy to a VMware system. This is because Oracle Cloud does not directly support ISO installation methods, which is what Symantec Encryption Management Server uses.
This is easily done as the server can be installed in VMware using the standard ISO that we provide on our download portal to all entitled customers.
Additionally, the following requirements must be met to work with Oracle Cloud:
*No third-party applications can ever be installed on the PGP Server's backend operating system.
*No modifications to the PGP Backend operating system are made.
*The IP Address and networking for the PGP server must remain static (No DHCP).
Once the ISO has been downloaded, create a VM image for "Red Hat Enterprise Linux 7" or "CentOS 7". These are both 64-bit systems.
Once the VM system has been created, boot off of the ISO and go through the installation process, which will ask for IP addresses, Hostnames, DNS servers, Gateways, etc.
Once the installation has completed on the installation side, you will navigate to the Web portal: https://FQDN:9000
Once here, you will then be able to configure the needed information. Choose "New Installation" for this installation and configure the server as you would a brand-new server. Choose this even if you intend to restore a backup from a previous installation.
Once you have created this New Server install, make note of the IP address, FQDN, and other network details. Shut the system down and export the VMware machine in the format Oracle Cloud requires.
You can then move this VMware machine to Oracle to import.
In order to import the VMware machine into Oracle Cloud, you may need to use "Emulated Mode":
Once this is powered on, if you require changing the IP address, this can be down with the assistance of Symantec Encryption Support. Please open a case and we will be able to help you make these changes.
Once these changes are made, the new system should be up an running.
Important Notes: Installing third-party applications, or using customized scripts outside of written/contractual approvals/agreements is not supported. Symantec Encryption Management Server is scanned for security and is considered a locked box. As a result, SEMS is considered a secure device and making changes to the system could introduce security-related issues, therefore installing any third-party software is highly discouraged and is not supported. For more information on this topic, see the following article
206673 - Can third-party software be installed on Symantec Encryption Management Server?
Once the above has been done, the Symantec Encryption Management Server should then be able to reside and be hosted by the Oracle Cloud solution.
254744 - Using Symantec Encryption Management Server in Azure Cloud Infrastructure (PGP Server)
209191 - Logging a Support case for Symantec Endpoint Encryption, Symantec Endpoint Protection and other Symantec Enterprise Security Solutions
193931 - How to download Symantec Encryption products from the Broadcom download Portal (And where to find the license number for PGP)