background image

 

 

19     

 

Secure Multi-Domain Tempest Smart Card Reader (MDR) User Manual

 

Section 4 - Operation 

Operation 

One  completing  the  initial  MDR  configuration  steps  the  MDR  is 
ready  for  use  allowing  simultaneous  usage  of  a  single  smart  card 
with multiple PCs. 

Smart Card Removal Behavior 

Removing the smart card from the MDR immediately de-associates 
the  MDR  from  all  coupled  PCs.  As  a  result,  smart  card-aware 
applications  will  notice  the  smart  card  absence  and  respond 
accordingly. 

For  example,  a  Windows  PC  that  is  configured  to  require  smart 
cards for user logon may be set to lock the user’s desktop once the 
smart card is removed. 

Re-associating the MDR after Smart card 
Removal 

In  order  to  continue  using  the  smart  card  (after  it’s  been 
removed  from  the  MDR),  the  user  has  to  insert  the  smart 
card  into  the  MDR  and  complete  steps  6-9  in  order  to  re-
associated the MDR with all the corresponding PCs. 

De-associating the MDR from a Specific PC 

Long pressing a PC Number Button is the equivalent of removing the 
smart  card  only  from  the  PC  which  corresponds  to  that  button 
without effecting other associated PCs. To re-associate that PC with 
the  MDR,  press  the  PC  Number  Button  to  initialize  the  MDR  (as 
described in step 7). 

The de-association option is useful in any case a user wants to de-
associate the MDR from a specific PC, without interfering with other 
PCs which are associated with the MDR.  

For example, when a user has to lock PC#1 by removing the smart 
card  yet  remain  logged-on  to  PC#2,  or  when  a  certain  PC  is  not 
successfully  associated  with  the  MDR  and  the  user  wants  to  re-
associate it. 

 

 

 
 

 

 

 
 

 

 

 

Important Security Note:

  

If you are aware of potential security vulnerability while installing or 
operating this product, we encourage you to contact us immediately in 
one of the following ways: 

 

Web form: 

http://www.emersonnetworkpower.com/en-

US/Support/Technical-Support/KVM/Pages/default.aspx 

 

Email: 

[email protected]

 

 

Tel: +1-888-793-8763 

 

Important:

 If the unit’s enclosure appears disrupted or if all LEDs flash 

continuously, please remove product from service immediately and 
contact Technical Support at 

http://www.emersonnetworkpower.com/en-US/Support/Technical-
Support/KVM/Pages/default.aspx 

 

Important:

  This  product  is  equipped  with  always-on  active  anti-

tampering  system.  Any  attempt  to  open  the  product  enclosure  will 
activate  the  anti-tamper  triggers  and  render  the  unit  inoperable  and 
warranty void. 

 

 

 

Summary of Contents for SC2MDST

Page 1: ...1 Section 1 Introduction Secure MDR SC2MDST 2 Port USB SC4MDST 4 Port USB Rev E Doc No HDC10377 Secure Multi Domain Tempest Smart Card Reader MDR User Manual ...

Page 2: ... 9 Tamper Evident Labels 11 Active Anti Tampering System 11 Product Enclosure Warning Label 11 Panel Features SC2MDST SC4MDST 12 Product Specifications 13 Before Installation 14 Prerequisites 15 PC Modes 15 Active Mode 15 Passive Mode 15 MDR Operational Modes 15 Typical system installation 18 Operation 19 Smart Card Removal Behavior 19 Re associating the MDR after Smart card Removal 19 De associat...

Page 3: ... packaging you will find the following Emerson Secure Product AC Power Cord User Guidance Documentation Revision A Initial Release 23 Feb 2015 B Corrections 19 April 2015 C Corrections 25 May 2015 D User Guidance updates 21 June 2015 E Correction to Features section 13 August 2015 Important Security Note If you are aware of potential security vulnerability while installing or operating this produc...

Page 4: ...ve moisture water or any other liquid o The product is not working well even after carefully following the instructions in this user s manual o The product has been dropped or is physically damaged o The product shows obvious signs of breakage or loose internal parts o In case of external power supply If power supply overheats is broken or damaged or has a damaged cable The product should be store...

Page 5: ...utorisé Si une des situations suivantes survenait faites vérifier l appareil par un technicien de maintenance qualifié o En cas d alimentation externe L alimentation de l appareil surchauffe est endommagée cassée ou dégage de la fumée o ou provoque des court circuits de la prise du secteur o Un liquide a pénétré dans le boîtier de l appareil o L appareil est exposé à de l humidité excessive ou à l...

Page 6: ... mouse will be mapped to the active channel 1 and default settings will be restored erasing all user set definitions 3 The appropriate usage of peripherals e g keyboard mouse display authentication device is described in detail in this User Manual s appropriate sections Do not connect any authentication device with an external power source to product 4 For security reasons products do not support ...

Page 7: ... inoperable and for future use 10 Important Before re allocating computers to channels it is mandatory to power cycle product keeping it powered OFF for more than 1 minute 11 Product log access and administrator configuration options are described in product Administrator Guide 12 Authentication session will be terminated once product power is down or user intentionally terminates session 13 If yo...

Page 8: ...n the TCO and administrative effort required to support such environments is extremely high For example an employee that has to access 3 computers simultaneously would need to have 3 smart cards one for every computer environment domain plus 3 smart card readers each reader connected to a separate computer EMERSON MDR Solution EMERSON developed the Secure Multi Domain Smart Card Reader MDR technol...

Page 9: ... filtration of AUX channel exists to reject unauthorized transactions Isolation of power domains Complete isolation of power domains prevents signaling attacks Secure administrator access log functions Product incorporates secure administrator access and log functions to provide auditable trail for all product security events including battery backup life for anti tampering and log functions Non r...

Page 10: ... reader Product supported by most OS in use today All firmware is in ROM Read Only Memory Cost effective This product was designed to provide an affordable solution for agencies and organizations Product cost can be easily justifiable once compared with issuing and maintaining multiple cards for each user Ease of use The MDR automatically switches between channels The user needs minimal training i...

Page 11: ... different than the example shown here please call Technical Support and avoid using that product Active Anti Tampering System Product is equipped with always on active anti tampering system If mechanical intrusion is detected by this system the Product will be permanently disabled and all LEDs will blink continuously If product indicates tampered state all LEDs blinking please call Technical Supp...

Page 12: ...tion 4 Operation Secure Multi Domain Tempest Smart Card Reader MDR User Manual Panel Features SC2MDST SC4MDST Note the model described in above image is SC4MDST SC2MDST is identical except for having 2 ports ...

Page 13: ...ser warnings 65dB maximum Smart Card Reader Supports ISO7816 Class A and AB Smartcards T 1 T 0 protocol support Communication speed up to 344 105 bps PPS FI parameter Frequency up to 12 MHz PPS DI parameter Connector with sliding 8 contacts designed for 150 000 insertions Driver and OS Compatibility CCID compliant PC SC Compatible Reader Supports All Operating Systems Windows OS XP version and abo...

Page 14: ...ciding where to place product Product front panel must be visible to the user at all times The location of the computers in relation to the product and the length of available cables typically 1 8 m Warning Avoid placing cables near fluorescent lights air conditioning equipment RF equipment or machines that create electrical noise e g vacuum cleaners Important 1 If the unit s enclosure appears dis...

Page 15: ...s operating system device manager as a smart card reader The computer s OS and applications have full read write access to the smart card Passive Mode The smart card is inserted into the MDR The PC Association LED is ON The PC Number LED is OFF The MDR appears under the computer s operating system device manager as a smart card reader The computer s OS and applications have NO access to the smart ...

Page 16: ...16 Section 4 Operation Secure Multi Domain Tempest Smart Card Reader MDR User Manual ...

Page 17: ...17 Section 4 Operation Secure Multi Domain Tempest Smart Card Reader MDR User Manual ...

Page 18: ...18 Secure Multi Domain Tempest Smart Card Reader MDR User Manual Section 4 Operation Typical system installation SC2MDST SC4MDST ...

Page 19: ...To re associate that PC with the MDR press the PC Number Button to initialize the MDR as described in step 7 The de association option is useful in any case a user wants to de associate the MDR from a specific PC without interfering with other PCs which are associated with the MDR For example when a user has to lock PC 1 by removing the smart card yet remain logged on to PC 2 or when a certain PC ...

Page 20: ...rvice marks of Avocent Corporation This document may contain confidential and or proprietary information of Avocent Corporation and its receipt or possession does not convey any right to reproduce disclose its contents or to manufacture or sell anything that it may describe Reproduction disclosure or use without specific authorization from Avocent Corporation is strictly prohibited 2015 Avocent Co...

Reviews: