background image

 

7     

 

Section 4 - Operation 

Secure Multi-Domain Tempest Smart Card Reader (MDR) User Manual

 

c.

 

When connecting a non-qualified display, the video 
diagnostic  LED  will  flash  green  and  video  will  not 
work. 

d.

 

When connecting a non-qualified USB device, fUSB 
LED  will  flash  green  and  USB  device  will  be 
inoperable. 
 

8.

 

Do not connect product to computing devices: 

a.

 

That are TEMPEST computers;  

b.

 

That include telecommunication equipment;  

c.

 

That include frame grabber video cards;  

d.

 

That include special audio processing cards. 
 

9.

 

Product has a remote control port in the back panel labeled 
RCU.  Do  not  use  this  port  -  it  is  inoperable  and  for  future 
use.  
 

10.

 

Important! Before re-allocating computers to channels, it is 
mandatory to power cycle product, keeping it powered OFF 
for more than 1 minute.  
 

11.

 

Product log access and administrator configuration options 
are described in product Administrator Guide. 
 

12.

 

Authentication  session  will  be  terminated  once  product 
power is down or user intentionally terminates session.  

 

 

13.

 

If you are aware of any potential security vulnerability while 
installing or operating product, please remove product from 
service immediately and contact us in one of the ways listed 
in this manual.  

14.

 

MDR:  When  powering  up  a  secure  smart  card  reader  with 
the  card  inserted,  the  product  will  provide  an  auditory 
warning signal and will be inoperable. Power recycling MDR 
will terminate all mapped sessions.  
 

 

 

Summary of Contents for SC2MDST

Page 1: ...1 Section 1 Introduction Secure MDR SC2MDST 2 Port USB SC4MDST 4 Port USB Rev E Doc No HDC10377 Secure Multi Domain Tempest Smart Card Reader MDR User Manual ...

Page 2: ... 9 Tamper Evident Labels 11 Active Anti Tampering System 11 Product Enclosure Warning Label 11 Panel Features SC2MDST SC4MDST 12 Product Specifications 13 Before Installation 14 Prerequisites 15 PC Modes 15 Active Mode 15 Passive Mode 15 MDR Operational Modes 15 Typical system installation 18 Operation 19 Smart Card Removal Behavior 19 Re associating the MDR after Smart card Removal 19 De associat...

Page 3: ... packaging you will find the following Emerson Secure Product AC Power Cord User Guidance Documentation Revision A Initial Release 23 Feb 2015 B Corrections 19 April 2015 C Corrections 25 May 2015 D User Guidance updates 21 June 2015 E Correction to Features section 13 August 2015 Important Security Note If you are aware of potential security vulnerability while installing or operating this produc...

Page 4: ...ve moisture water or any other liquid o The product is not working well even after carefully following the instructions in this user s manual o The product has been dropped or is physically damaged o The product shows obvious signs of breakage or loose internal parts o In case of external power supply If power supply overheats is broken or damaged or has a damaged cable The product should be store...

Page 5: ...utorisé Si une des situations suivantes survenait faites vérifier l appareil par un technicien de maintenance qualifié o En cas d alimentation externe L alimentation de l appareil surchauffe est endommagée cassée ou dégage de la fumée o ou provoque des court circuits de la prise du secteur o Un liquide a pénétré dans le boîtier de l appareil o L appareil est exposé à de l humidité excessive ou à l...

Page 6: ... mouse will be mapped to the active channel 1 and default settings will be restored erasing all user set definitions 3 The appropriate usage of peripherals e g keyboard mouse display authentication device is described in detail in this User Manual s appropriate sections Do not connect any authentication device with an external power source to product 4 For security reasons products do not support ...

Page 7: ... inoperable and for future use 10 Important Before re allocating computers to channels it is mandatory to power cycle product keeping it powered OFF for more than 1 minute 11 Product log access and administrator configuration options are described in product Administrator Guide 12 Authentication session will be terminated once product power is down or user intentionally terminates session 13 If yo...

Page 8: ...n the TCO and administrative effort required to support such environments is extremely high For example an employee that has to access 3 computers simultaneously would need to have 3 smart cards one for every computer environment domain plus 3 smart card readers each reader connected to a separate computer EMERSON MDR Solution EMERSON developed the Secure Multi Domain Smart Card Reader MDR technol...

Page 9: ... filtration of AUX channel exists to reject unauthorized transactions Isolation of power domains Complete isolation of power domains prevents signaling attacks Secure administrator access log functions Product incorporates secure administrator access and log functions to provide auditable trail for all product security events including battery backup life for anti tampering and log functions Non r...

Page 10: ... reader Product supported by most OS in use today All firmware is in ROM Read Only Memory Cost effective This product was designed to provide an affordable solution for agencies and organizations Product cost can be easily justifiable once compared with issuing and maintaining multiple cards for each user Ease of use The MDR automatically switches between channels The user needs minimal training i...

Page 11: ... different than the example shown here please call Technical Support and avoid using that product Active Anti Tampering System Product is equipped with always on active anti tampering system If mechanical intrusion is detected by this system the Product will be permanently disabled and all LEDs will blink continuously If product indicates tampered state all LEDs blinking please call Technical Supp...

Page 12: ...tion 4 Operation Secure Multi Domain Tempest Smart Card Reader MDR User Manual Panel Features SC2MDST SC4MDST Note the model described in above image is SC4MDST SC2MDST is identical except for having 2 ports ...

Page 13: ...ser warnings 65dB maximum Smart Card Reader Supports ISO7816 Class A and AB Smartcards T 1 T 0 protocol support Communication speed up to 344 105 bps PPS FI parameter Frequency up to 12 MHz PPS DI parameter Connector with sliding 8 contacts designed for 150 000 insertions Driver and OS Compatibility CCID compliant PC SC Compatible Reader Supports All Operating Systems Windows OS XP version and abo...

Page 14: ...ciding where to place product Product front panel must be visible to the user at all times The location of the computers in relation to the product and the length of available cables typically 1 8 m Warning Avoid placing cables near fluorescent lights air conditioning equipment RF equipment or machines that create electrical noise e g vacuum cleaners Important 1 If the unit s enclosure appears dis...

Page 15: ...s operating system device manager as a smart card reader The computer s OS and applications have full read write access to the smart card Passive Mode The smart card is inserted into the MDR The PC Association LED is ON The PC Number LED is OFF The MDR appears under the computer s operating system device manager as a smart card reader The computer s OS and applications have NO access to the smart ...

Page 16: ...16 Section 4 Operation Secure Multi Domain Tempest Smart Card Reader MDR User Manual ...

Page 17: ...17 Section 4 Operation Secure Multi Domain Tempest Smart Card Reader MDR User Manual ...

Page 18: ...18 Secure Multi Domain Tempest Smart Card Reader MDR User Manual Section 4 Operation Typical system installation SC2MDST SC4MDST ...

Page 19: ...To re associate that PC with the MDR press the PC Number Button to initialize the MDR as described in step 7 The de association option is useful in any case a user wants to de associate the MDR from a specific PC without interfering with other PCs which are associated with the MDR For example when a user has to lock PC 1 by removing the smart card yet remain logged on to PC 2 or when a certain PC ...

Page 20: ...rvice marks of Avocent Corporation This document may contain confidential and or proprietary information of Avocent Corporation and its receipt or possession does not convey any right to reproduce disclose its contents or to manufacture or sell anything that it may describe Reproduction disclosure or use without specific authorization from Avocent Corporation is strictly prohibited 2015 Avocent Co...

Reviews: