Amulet Hotkey DXZC-AM Скачать руководство пользователя страница 20 | Manualshive

Страница: 20 / 25

Amulet Hotkey DXZC-AM Скачать руководство пользователя страница 20

DXZC-AM and DXZC-AMC Manual

Security Edition

www.amulethotkey.com |

20

6.4 Smart card authentication

Applies to DXZC-AMC only.

The DXZC-AMC features an integral smart card reader that
supports 5V, 3V and 1.8V smart cards, including support
for Common Access Card (CAC) smart cards and SIPRNet
hardware tokens.

Important!

Users must always insert smart cards into the

smart card reader with the integrated circuit chip (ICC)
facing down and forward-most. For example, this means
that CAC cards are inserted upside down and with the
chip towards the slot.

Depending on your security requirements, the integral smart
card reader can be configured for

pre-session

or

in-session

authentication:

■

Pre-session authentication:

The smart card is used to

authenticate the user before a PCoIP session is established.
This allows the user to log on directly to their virtual
desktop. After supplying their smart card PIN, they do not
need to separately connect to their remote PCoIP host or log
into their desktop OS (typically Windows) .

The requirements for pre-session authentication are
summarized in Teradici Knowledge Base article

Do PCoIP

zero clients support pre-session smart card authentication?
(15134-299)

. Teradici Knowledge Base articles are available

to registered users at

techsupport.teradici.com

■

In-session authentication:

The smart card is used to

authenticate the user after a PCoIP session has been
established. That is, the user first connects to their virtual
desktop or remote workstation in the normal way (see

and

. The smart card is then used to

log the user into their desktop OS.

For further information about zero client security, see the

Teradici PCoIP Zero Client and Host Admin Guide

, particularly

the ‘PCoIP Zero Client Security Overview’ and ‘Security settings
Checklist’ sections. This manual is available on the Doc Center
page of the Teradici Support site at

techsupport.teradici.com

DXZC-AMC front panel:

Flip the smart card over and insert with

integrated circuit chip

(

1

)

facing down and forward-most.

Typically, DXZC-AMC zero clients require no additional

PCoIP

configuration to support smart card user authentication (but
see the note below).

Note:

For CAC cards that support both the modern

Personal Identity Verification (PIV) interface and old-style
CAC (GSC-IS) interface, it is possible to configure zero
clients to prefer the GSC-IS interface. For details see the

Teradici PCoIP Zero Client and Host Admin Guide.

ü

û

1

1

Chip on underside of card

«
...
18
19
20
21
22
...
»

Содержание DXZC-AM

Страница 1: ...Revision 2 4 June 2016 HB DXZC 0003 DXZC MANUAL SECURITY EDITION DXZC AM DXZC AMC PCoIP Zero Clients...

Страница 2: ...e SFP module emits invisible radiation which can cause harm if installed or serviced incorrectly Follow the guidelines below Warning Class 1 laser product Warning Invisible laser radiation can be emit...

Страница 3: ...lar installation If this device does cause harmful interference to radio or television reception which can be determined by turning the device off and on the user is encouraged to try to correct the i...

Страница 4: ...re 13 3 2 Controlling the use of USB devices 13 3 3 Event logs 14 3 4 Secure disposal of DXZC AM and DXZC AMC devices 14 4 DXZC AM DXZC AMC zero client features 15 4 1 Front panel 15 4 2 Rear panel 16...

Страница 5: ...aintenance increased security and cost savings See section 1 3 for details 3 1 4 LAN WAN Copper Fibre 2 1 Example PCoIP system with DXZC AM zero client 1 DXZC AM zero client dual video head 2 Monitors...

Страница 6: ...ore general information about PCoIP zero clients visit www teradici com Note Other remote computing protocols use client rendering To render an image on the client each command from the host and each...

Страница 7: ...tal video audio and USB data generated by the PC and compresses and encrypts this data It then transmits this data in real time over an IP network to the user s PCoIP zero client Amulet Hotkey PCoIP h...

Страница 8: ...we strongly recommend that you implement a robust and secure password policy Where possible use a machine generated password of eight or more characters We also recommend that you provide your DXZC A...

Страница 9: ...only With no USB or audio data PCoIP uses approximately 32Kbit s per pair of monitors General office use that is writing documents consumes between 300 500Kbit s PCoIP only sends display changes so a...

Страница 10: ...ministrator Guide available to download from the Teradici website 2 9 1 PCoIP Management Console The PCoIP Management Console has a web interface that allows you to manage multiple devices PCoIP zero...

Страница 11: ...owing check boxes Disable Administrative Web Interface Disable Management Console Interface If you keep the AWI and CMI enabled so that zero client administration is not restricted to the local On Scr...

Страница 12: ...DXZC AMC Manual Security Edition www amulethotkey com 12 Without these spacers airflow is restricted and can cause higher than usual temperatures in some units Important Do not stack units without us...

Страница 13: ...ction 2 9 4 Therefore you must make the configuration changes described below on each zero client unit before you deploy it to end users The DXZC AM zero client supports access control of peripheral U...

Страница 14: ...your zero clients You can also enable enhanced logging for a single category of log entries such as USB entries or Smartcard entries 3 From the home screen choose Configuration Time Configure the Net...

Страница 15: ...00 Level 1 and is compatible with 5V 3V and 1 8V smart cards For an overview of smart card authentication see section 6 4 4 DXZC AM front panel 7 1 2 3 4 5 6 DXZC AMC front panel 7 1 2 3 4 5 6 8 4 1 F...

Страница 16: ...1 DisplayPort connector Video output 2 DisplayPort connector By default the On Screen Display OSD displays on the monitor connected to video output 1 Alternatively you can specify video output 2 as th...

Страница 17: ...tively you can connect USB audio devices to any USB socket on the front or rear panel 5 2 Connect to a PCoIP host The DXZC AM connects to a remote PCoIP host via the network port DXZC AM zero clients...

Страница 18: ...mainly used for testing and evaluation purposes Note See section 5 4 for more information about using the SLP Discovery connection method Using a connection broker A third party connection broker is...

Страница 19: ...their monitors There is a pause while the zero client acquires the host IP address the PCoIP On Screen Display OSD briefly shows a connection progress screen see below on the monitor attached to vide...

Страница 20: ...support pre session smart card authentication 15134 299 Teradici Knowledge Base articles are available to registered users at techsupport teradici com In session authentication The smart card is used...

Страница 21: ...ble solution is to implement fix 1 7 This section describes how to resolve a display problem that can affect PCoIP systems that use TERA2 hosts and zero clients Note For other known TERA2 display issu...

Страница 22: ...sking environment the most reliable solution is to implement fix 1 We do not recommend fix 2 if the physical monitor arrangements are likely to differ for each zero client Repeat these steps on each z...

Страница 23: ...gy to the Windows operating system 1 On the host PC right click the PCoIP icon in the notification area of the Windows taskbar Then click Open Properties 5 Disconnect then reconnect the PCoIP session...

Страница 24: ...e on request USB connections DXZC AM 4 x USB 2 0 Type A including keyboard and mouse ports DXZC AMC 3 x USB 2 0 Type A including keyboard and mouse ports Note USB 2 0 devices are supported but not in...

Страница 25: ...er DXZC AMC Standards ISO 7816 EMV 2000 Level 1 GSA FIPS 201 approved product list Protocols T 0 T 1 2 wire SLE 4432 42 S 10 3 wire SLE 4418 28 S 9 I2C S 8 Supported card types 5V 3V and 1 8V smart ca...

Отзывы:

Нет отзывов