Skip to main content
This document describes how to configure the KMES Series 3 with the CyberArk Privileged Access Security (PAS) solution with PKCS #11 libraries. For additional questions KMES, see the relevant administrator guide.

About the CyberArk Privileged Access Security (PAS) solution

The CyberArk PAS solution is a full life cycle solution for managing the most privileged accounts and SSH Keys in the enterprise. It enables you to secure, provision, manage, control, and monitor activities associated with the following privileged identities and passwords:
  • Administrator on a Windows server
  • Root on a UNIX server
  • Cisco Enable on a Cisco device
  • Embedded passwords found in applications and scripts
The PAS solution provides a safe haven within your enterprise where you can securely archive and transfer all your administrative passwords. Authorized users, such as IT staff, on-call administrators, and local administrators in remote locations, can also share passwords from the PAS solution. The multiple security layers (including Firewall, VPN, Authentication, Access control, Encryption, and more) that are at the heart of the PAS solution offer you the most secure solution available for storing and sharing passwords in an enterprise environment. After you install and start the CyberArk vault, you can generate a new Server Key on the KMES Series 3. The Server Key opens the Vault, much like the key of a physical vault, and you need the key to start the Vault. Then, you can remove the Server Key until you need to restart the server. When you stop the Vault, the information stored in the Vault is completely inaccessible without that key.

Integration overview

This guide covers the following topics:
  1. Prerequisites.
  2. Configure KMES Series 3.
  3. Edit the Futurex PKCS #11 configuration file.
  4. Configure the Futurex PKCS #11 library with CyberArk Vault
The following sections describe using the CyberArk PAS solution with KMES Series 3.