IronKey Workspace W700-SC Скачать руководство пользователя страница 7 | Manualshive

Страница: 7 / 45

background image

Device specifications

7

ABOUT MY IRONKEY WORKSPACE W700-SC DEVICE

IronKey Workspace W700-SC User Guide

The IronKey Workspace W700-SC adds an extra security factor when authenticating, a smart card. Instead of
a device password like other IronKey Workspace devices, you can use your smart card to unlock the device.
The encryption key from the smart card is paired with the device and bound to the device authentication
method.

The IronKey Cryptochip is hardened against physical attacks such as power attacks and bus sniffing. It is
physically impossible to tamper with its protected data or reset the password counter. If the Cryptochip
detects a physical attack, it destroys the Cryptochip, making the stored encrypted files inaccessible.

We strive to be very open about the security architecture and technology that we use in designing and
building this product. We use established cryptographic algorithms, we develop threat models, and we
perform security analyses (internal and third party) of our systems all the way through design, development
and deployment.

Note:

The W700-SC “device password” referred to in this section is the smart card encryption certificate that

is protected by the smart card PIN.

Data Encryption Keys

• AES key generated by onboard Random Number Generator

• AES key is generated at initialization time and encrypted with a hash of the device password

• No back-doors: AES key cannot be decrypted without the device password

• AES key never leaves the hardware and is not stored in NAND flash

Data Protection

• Windows To Go partition is not accessible until the device password is verified in hardware

• Device password retry-counter implemented in tamper-resistant hardware

• If you exceed the smart card PIN retry-count, the smart card will lock and an administrator will have

to unlock the card.

• Sensitive data and settings are stored in hardware

Device Password Protection

• USB command channel encryption to protect device communications

• Password-in-memory protection to protect against cold-boot and other attacks

The device password is hashed using salted SHA-256 before being transmitted to the device firmware over a
secure USB channel. It is stored in an extremely inaccessible location in the protected Cryptochip hardware.
The hashed password is validated in hardware (there is no “getPassword” function that can retrieve the hashed
password), and only after the password is validated is the AES encryption key decrypted. The password try-
counter is also implemented in hardware to prevent memory rewind attacks.

DEVICE SPECIFICATIONS

The following table provides details about your W700-SC device.

Table 1:

Device specifications

Specification

Details

Capacity*

32GB, 64GB, 128GB

Dimensions

82mm X 21.1mm X 9.1mm

«
...
5
6
7
8
9
...
»

Содержание Workspace W700-SC

Страница 1: ...IRONKEY WORKSPACE W700 SC User Guide ...

Страница 2: ...y cause undesired operation This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the...

Страница 3: ...vice on a Macintosh 18 Using my W700 SC device 20 Activating a managed device on first time use 20 Starting Windows from the device 23 Unplugging the device 24 Managing your Smart Card and PIN 24 Updating device software 26 Changing the Unlock message 27 Viewing device information 28 Troubleshooting 29 Resolving boot issues 30 Appendix 1 Imation support for Macintosh 34 IronKey Workspace applicati...

Страница 4: ...W700 SC device Once you unlock your W700 SC device you can safely boot a fully functional version of Microsoft Windows 8 1 Desktop Use the Windows 8 1 workspace as you would any other Windows 8 1 computer When your work is finished shut down the Windows 8 1 operating system and remove the device from the host computer You re ready to bring your PC on a Stick anywhere Use this guide to learn more a...

Страница 5: ...are installed in Windows To Go Your administrator may have included this software when your device was provisioned For more information see Booting your device on a Macintosh on page 18 To use your W700 SC with a smart card you must have HID Global s ActiveID ActivClient soft ware version 6 2 0 50 6 2 0 195 or 7 0 2 403 installed on the host computer so that it is available when you activate the d...

Страница 6: ...Key Control Panel allows the device to connect to the management system Using the Control Panel you can activate your device with the management system and download device software updates For more information see About IronKey Control Panel on page 10 Figure 3 IronKey Control Panel application DEVICE SECURITY IronKey Workspace W700 SC devices have been designed from the ground up with security in...

Страница 7: ...umber Generator AES key is generated at initialization time and encrypted with a hash of the device password No back doors AES key cannot be decrypted without the device password AES key never leaves the hardware and is not stored in NAND flash Data Protection Windows To Go partition is not accessible until the device password is verified in hardware Device password retry counter implemented in ta...

Страница 8: ...drive is difficult and often not possible It is recommended that you store files and data using an alternate storage method If your company has purchased IronKey secure storage devices you can save your data to the IronKey storage device while booted in Windows To Go You can also use folder redirection or offline files or back up your data to a network drive or cloud based storage space Weight 1 1...

Страница 9: ... 1 support on Mac computers Table 2 Reference information from Apple Topic Reference Main Boot Camp Support page http www apple com support bootcamp Boot Camp 5 1 Frequently Asked Questions http support apple com kb HT5639 Boot Camp Frequently Asked Questions about Installing Windows 8 http support apple com kb HT5628 Boot Camp System requirements for Microsoft Windows operating systems http suppo...

Страница 10: ...ation You can access the Control Panel when the host operating system is running this is called non boot mode or when you boot into Windows To Go this is called Windows To Go mode Some tasks can only be completed when you run the Control Panel in non boot mode for example installing device updates The following table outlines IronKey Control Panel operations available in non boot and Windows To Go...

Страница 11: ...n non boot mode You can manually lock the device or set the device to automatically lock after a period of inactivity For managed devices auto lock settings are available in IronKey Control Panel if enabled in the device policy The device policy is applied to the device during activation For a list of operations that are available with IronKey Control Panel in non boot mode see IronKey Control Pan...

Страница 12: ...om the bottom left corner of the application You can also use the keyboard shortcut CTRL L Note Once the device is locked you can safely unplug it To set the device to automatically lock 1 In IronKey Control Panel click the Settings button in the menu bar 2 Click Preferences in the left sidebar 3 Click the check box for auto locking the device and set the time out for either 5 15 30 60 120 or 180 ...

Страница 13: ...the device to start the application The device unlocks when you authenticate in the IronKey Workspace Preboot environment Locking the device does not apply in Windows To Go mode instead you must shutdown the Windows operating system For more information see Unplugging the device on page 24 To start IronKey Control Panel in Windows To Go When booted in Windows on the Windows taskbar right click the...

Страница 14: ...rmation about Running the Startup Assistant Manually configuring the host computer Performing a one time boot operation Booting your device on a Macintosh RUNNING THE STARTUP ASSISTANT Run the IronKey Workspace Startup Assistant first before you try booting Windows To Go from the device The Startup Assistant runs on Windows computers only and will not configure Mac systems The tool can configure h...

Страница 15: ...guration USB Configuration For information about how to enter the BIOS Setup see Manually configuring the host computer on page 8 To run the IronKey Workspace Startup Assistant 1 Make sure that the host computer is turned on and the host operating system is running 2 Insert the IronKey Workspace W700 SC device into the USB port of the host computer 3 Click the Settings button and from the left sid...

Страница 16: ...ually configured see Manually configuring the host computer on page 8 7 When the configuration process has completed click Exit The host computer is now ready to automatically boot Windows To Go from the device To boot from the device make sure the device is plugged in and restart the host computer Note If the configuration is incomplete review the details in the System information section on scre...

Страница 17: ...y fast step You have only a few seconds to press the correct key to access the BIOS typically when the manufacturer s logo appears You can press the key multiple times to increase the chances of successfully entering the firmware BIOS Many manufacturers use F2 but an on screen message will indicate the key sequence for the computer you are configuring for example Press the F2 key or Press F1 to en...

Страница 18: ...ING YOUR DEVICE ON A MACINTOSH With the proper Boot Camp Support Software from Apple Inc IronKey Workspace devices will boot Windows To Go on many Mac computers that support Windows 8 or higher Boot Camp software contains drivers that must be installed in Windows To Go to make sure that components such as Wifi access will work in Windows To Go when booted on a Mac There are two Boot Camp support p...

Страница 19: ...ific Mac models on page 34 click Options and click to clear the Use default reboot behavior check box Click Use alternate reboot method and then click Back 6 In the Workspace Preboot environment type your SmartCard PIN in the text box of the Unlocker window and click Unlock 7 Click Reboot Now and immediately hold the Option key again 8 When the Startup Manager opens select the USB Windows device o...

Страница 20: ...r Smart Card and PIN Updating device software Changing the Unlock message Viewing device information ACTIVATING A MANAGED DEVICE ON FIRST TIME USE Activating a device binds the device to your user account in the IronKey Enterprise Management System With the IronKey Workspace W700 SC the smart card is also paired with your device during this process You will need the activation code provided by you...

Страница 21: ...ug in the device install the Auto Launch Assistant See Installing the Auto Launch Assistant Mac only on page 22 If you are running Windows open a file manager double click the IronKey exe file from the IronKey Workspace drive 5 Type the Activation Code or copy and paste the characters if you received an email with the activation code and click the check box to agree to the End User License Agreeme...

Страница 22: ...s To Go Follow the procedure Starting Windows from the device on page 23 Tip You will need the smart card PIN when you start Windows from the device Installing the Auto Launch Assistant Mac only Installing the Auto Launch Assistant will automatically open the IronKey Unlocker window when you plug in the device on that computer This feature is only available on a Mac To install the Auto Launch Assi...

Страница 23: ... See Running the Startup Assistant on page 14 For Mac computers or host PCs that are not configured to boot automatically from a USB device see Booting your device on a Macintosh on page 18 or Performing a one time boot operation on page 17 To start the Windows operating system on the device 1 Turn off the host computer and insert the device into the USB 3 0 port if there is one 2 Turn on the host...

Страница 24: ... you should lock the device using IronKey Control Panel and then safely eject it from the host computer For more information about locking a device see To lock the device on page 12 To shut down Windows 1 In Windows To Go move the mouse to the bottom left corner of the screen and right click the Windows logo 2 Click Shut down or sign out and then click Shut down 3 When the operating system has shu...

Страница 25: ...0 SC DEVICE IronKey Workspace W700 SC User Guide 4 Open a file manager double click the IronKey exe file from the IronKey Workspace drive 5 Type a SmartCard PIN and confirm it and then click Continue The new smart card will be paired with the device ...

Страница 26: ... advantage of new upgrades as they become available You cannot update your device while booted in Windows To Go Important You must download and install the device update in non boot mode using a computer running Windows You cannot run the update file on a Mac For managed devices updates are uploaded to the IronKey Enterprise Management System by an administrator You can download and install the up...

Страница 27: ... the IronKey exe file on the IronKey Workspace drive from a file manager 4 Click the Settings button on the menu bar 5 Click Tools in the sidebar click Check for Updates 6 If an update is detected a Download dialog box will appear Click Download After the file is downloaded the Update wizard will start automatically 7 Follow the instructions in the Update wizard to complete the update CHANGING THE...

Страница 28: ...ION You can find specific information about your device such as the model and serial number software and firmware version from IronKey Control Panel To view device details 1 In IronKey Control Panel click the Settings button on the menu bar 2 Click Device Info in the left sidebar Device information will display on the right Tip Click Copy to copy the device information to the clipboard for pasting...

Страница 29: ...o non boot mode shut down the Windows To Go operating system and then unplug the device Restart the host computer and then plug the device back in Start the IronKey Control Panel on the application partition of the device Follow all of the steps in the procedure Updating device software on page 26 Windows To Go will not go into Hibernate or Sleep mode By default Hibernate and Sleep mode are not en...

Страница 30: ... computers may not recognize the drive This is known to happen with some Mac models see To boot Windows To Go on a Mac on page 18 If you have problems booting into Windows To Go follow these steps to use the alternate reboot method 1 In the IronKey Workspace Preboot Environment click Options 2 Click to clear the Use default reboot behavior check box and then click Use alternate reboot method 3 Cli...

Страница 31: ...tartup process can sometimes ignore inserted USB devices Turning off this process may solve the USB boot issue Once set when you shut down the PC it will perform a full shut down operation 1 Open the Control Panel and click Power Options 2 Tap or click the Choose what the power buttons do ...

Страница 32: ...ronKey Workspace W700 SC User Guide 3 Tap or Click the Change settings that are currently unavailable 4 If prompted by UAC then tap or click Yes 5 Under Shutdown settings click to clear the Turn on fast startup box and tap or click Save changes ...

Страница 33: ...sues are typically because PC vendors have different ways of manipulating hardware interfaces such as USB ports Below are some known workarounds from Imation support Try a different USB port Manufacturers may prioritize ports and how they are powered or the sequence in which ports are recognized and powered differently Try different ports on your PC to see which one works Try a USB 3 0 port if ava...

Страница 34: ...ts Mac models that have been tested with Windows To Go on an IronKey Workspace device The level of support for Mac hardware is indicated by model Level 1 Works with Windows To Go using the recommended Boot Camp Support Software Level 2 Works with Windows To Go using the recommended Boot Camp Support Software and may require additional modifications for example manually installing some drivers Leve...

Страница 35: ...n Windows To Go from a different host Mac computer that supports Boot Camp 5 1 5621 The MacBook Pro 13 inch Mid 2010 only supports Boot Camp 4 so it will not allow you to install Boot Camp 5 1 However Boot Camp 5 1 drivers seem to work on this computer if they are already installed when you try to boot the device MacBook Pro 15 inch Mid 2010 Mac OS X 10 6 8 Level 3 5 1 5621 Roaming between host Ma...

Страница 36: ...y install the correct version of the Boot Camp 5 1 driver to use the component For more information see Manually installing drivers on page 39 Mac Book Air 11 inch Mid 2012 Software OS X 10 8 5 Level 1 5 1 5621 MacBook Air 13 inch Mid 2011 Level 1 5 1 5621 iMac iMac 27 inch Late 2013 OS X 10 9 5 Level 1 5 1 5640 iMac 27 inch Late 2012 OS X 10 9 1 Level 1 5 1 5621 iMac 27 inch Mid 2011 OS X 10 8 5 ...

Страница 37: ...com kb HT5634 Installing Boot Camp 5 1 Support Software is a two step process 1 Boot Windows To Go 2 Run the setup file to install Boot Camp Support Software Make sure that you install the version required by the Mac computer you are using If a driver fails to install properly you can manually install it after For more information see Manually installing drivers on page 39 If the device will be us...

Страница 38: ...m will now start up 9 Type the Windows password if applicable and press ENTER When Windows To Go has successfully started you can install Boot Camp 5 1 Support Software Tip If you do not press the Option key in time and the Mac operating system starts click Restart on the Welcome screen or click the Apple menu and choose Restart and then immediately hold the Option key to open the Startup Manager ...

Страница 39: ...l dialog boxes that may appear The device is now ready for use on qualified Macs Manually installing drivers You may have to manually install Boot Camp software drivers in the following situations A Windows To Go component does not work after installing Boot Camp 5 1 Support Software For example if wireless is not working you can manually install the driver for the network adapter for example Broa...

Страница 40: ...to a USB flash drive formatted with the FAT file system After downloading you can install Boot Camp Support Software in Windows To Go To download Boot Camp 5 1 Support Software 1 Plug a USB flash drive that is formatted with the MS DOS FAT file system into the USB port of a com puter You can use a Mac or a PC to download the file 2 In a Web browser download one or both if required of the following...

Страница 41: ...r device You can activate your device on a qualified Mac or PC Device activation can only be done using the IronKey Control Panel in non boot mode not in Windows To Go Once activated you can boot your device by following the procedure Starting Windows from the device on page 23 Important To activate your W700 SC with a smart card you must have HID Global s ActiveID ActivClient software installed o...

Страница 42: ...the IronKey Workspace drive 5 Type the Activation Code or copy and paste the characters if you received an email with the activation code and click the check box to agree to the End User License Agreement 6 Click Activate During activation the device policy is applied and the device is bound to the user in the IronKey Enterprise Management System 7 Type the SmartCard PIN and then click Continue ...

Страница 43: ...o Administrator users in IronKey Enterprise Server or IronKey Enterprise Service with managed devices If you are an Admin user you are required to create an online account when you activate your device see Activating a managed device on first time use on page 41 You must be able to connect to the IronKey Enterprise Management System to access your online account through the IronKey Control Panel T...

Страница 44: ...ey Workspace W700 SC User Guide 2 Click Account in the left sidebar and then click Manage Account Settings 3 The Admin Console in the IronKey Enterprise Management System will open in a Web browser To edit a device nickname 1 Log on to your online account in IronKey Control Panel ...

Страница 45: ...ur online account To Do the following Review account activity Click Account Dashboard to monitor recent events such as login and failed password attempts for your device Set up e mail alerts Click Account Alerts and then click the Edit button Click to enable e mail alerts An alert notice will be sent to you when specific activities occur such as an incorrect secret question attempt Edit Secret Que...

Отзывы:

Нет отзывов

Похожие инструкции для Workspace W700-SC

Бренд: Secure Data Страницы: 2

Бренд: Seagate Страницы: 28

Бренд: Angelbird Страницы: 20

DTTA-351010 - Deskstar 10.1 GB Hard Drive

Бренд: IBM Страницы: 188

18-51000 Series

Бренд: Salsbury Industries Страницы: 5

Бренд: Lifetime Страницы: 96

NetShare GX ME-752GNS

Бренд: welland Страницы: 3

Бренд: LaCie Страницы: 24

Maxtor OneTouch 4

Бренд: Maxtor Страницы: 84

Бренд: DEC Страницы: 94

Бренд: Mercia Garden Products Страницы: 9

Beside Storage Pantry

Бренд: Haworth Страницы: 6

Бренд: P.Lindberg Страницы: 22

Бренд: Fantom Drives Страницы: 2

Бренд: Rocstor Страницы: 59

Бренд: U-Line Страницы: 6

Бренд: Lakeshore Страницы: 2

Бренд: Facom Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды