Demonstration Instructions

Similar documents
Wireless Security Setup Guide

Wireless Security Setup Guide

EasiShare ios User Guide

If your Mac keeps asking for the login keychain password

Copyright

IT Department. Basic WIFI Troubleshooting on ACC SSID. October 2017

Celadon Password Self-Service

Catalogue. Assembling... 1 Unpack Charge the Battery Install the Memory Card Product Basics Buttons and Connections...

Configuration. Guides on how to configure BarWeb hosted accounts. Exchange Accounts. Outlook Windows. Outlook Windows

IRONKEY D300S SECURE USB 3.0 FLASH DRIVE

Application User Configuration

GigaCentral ios User Guide V2.0. For User and Storage Admin

FAQ. General Information: Online Support:

VMware AirWatch: Directory and Certificate Authority

USER GUIDE GigaCentral Android User Guide

NotifyMDM Device Application User Guide Installation and Configuration for Android

1 Connect a computer and the NF10WV using an Ethernet cable. (A yellow Ethernet cable was provided with your NF10WV).

Administrator IT Guide. Samsung Knox Configure Shared Device

TCC College WiFi and Printer Setup 07/11/2018 College WiFi and Printer Setup Guide

Bechtel Partner Access User Guide

Mobility Manager 9.5. Users Guide

Wireless Troubleshooting Guide

Procedures and Steps for Receiving a New CAC at the Detroit Arsenal

BSE-SINGLE SIGN ON. For Brokers/ Banks/ Mutual Funds

ALTIRIS SECURITY SOLUTION 6.1 FOR HANDHELDS ADMINISTRATOR GUIDE

Workspace ONE UEM Certificate Authority Integration with Microsoft ADCS Using DCOM. VMware Workspace ONE UEM 1811

PeoplePassword Documentation v6.0

USER GUIDELINES. Q 2. Is it necessary to configure password retrieval question and answer? How can I do that? Q 3. How can I change password?

AT&T Business Messaging Account Management

Guide to your CGIAR Network account Self Service tool

Texas Division How to Login and Register for My IT Support and ServiceNow

Application User Setup

VMware AirWatch Integration with Microsoft ADCS via DCOM

linkzone User ManUal

Connect to eduroam WiFi

2. INTENDED USERS The intended users of this SOP are the DeWorm3 site data managers and/or trial coordinators.

Android User Guide. for version 5.3

CONFIGURING BASIC MACOS MANAGEMENT: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

BizMobile Go! Instruction Manual. (ios) Checkin, Profile & Template

MSAD Login V2 A Windows login process for Mac OS X

Recipient USER GUIDE

Frequently Asked Questions: Cisco Jabber Voice 9.1(4) for Android

Configuring an Enhanced Standard Security Policy

How to Update Your CHI Network Password and Avoid Lockouts

First Access Express OPERATOR GUIDE

VDSL Router 4 Port Wi-Fi Dual Band (NT3BB-4PVWN-147) Quick Installation Guide

ncrypted Cloud works on desktops and laptop computers, mobile devices, and the web.

Integration with Apple Configurator 2. VMware Workspace ONE UEM 1902

Dell EMC OpenManage Mobile. Version User s Guide (Android)

Comodo Mobile Security for Android Software Version 2.5

Getting Started. Version: 5.0. Date Released: September 27, Document Number: AY006AIO2-5

Secure Single Sign On with FingerTec OFIS

ESS Security Enhancements

Administration Guide

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP. For VMware AirWatch

Let s get started. Need more help getting started?

Desktop Application Reference Guide For Windows and Mac

AirWatch Mobile Device Management

Controlsoft Identity and Access Management Software Controlsoft Identity Access Management Software

SafeStick/SafeXs. User Guide. Created by BSO ITS Security Team Version 1.4

ISS INDIA Active Directory Self Password Management Solution ISS Facility Services India PVT.LTD.

AT&T Global Network Client for Android

NextMD Patient Portal Guide

Grapevine web hosting user manual. 12 August 2005

User Guide. BlackBerry Workspaces for Windows. Version 5.5

Equitrac Embedded for Kyocera Mita. Setup Guide Equitrac Corporation Equitrac Corporation

Mobile Client. User Manual. Version: 2.0.0

VMware AirWatch Product Provisioning and Staging for Windows Rugged Guide Using Product Provisioning for managing Windows Rugged devices.

LastPass Enterprise Recommended Policies Guide

Workspace Secure Container for Mobile Devices

Go Ahead Bring Your Own Device to Work... 1 Requirements... 1

PMS 138 C Moto Black spine width spine width 100% 100%

VMware AirWatch Symbian Platform Guide Deploying and managing Symbian devices

Using the Vita Group Citrix Portal

ForeScout Extended Module for VMware AirWatch MDM

Getting Started New User. To begin, open the Multi-Factor Authentication Service in your inbox.

Cloud Compute. Backup Portal User Guide

INF204x Module 2 Lab 2: Using Encrypting File System (EFS) on Windows 10 Clients

DataTraveler 4000 User Manual

Setting up Special Credentials:

Dell EMC OpenManage Mobile. Version 3.0 User s Guide (Android)

Dell EMC OpenManage Mobile. Version User s Guide (ios)

22 August 2018 NETOP REMOTE CONTROL PORTAL USER S GUIDE

IMC inode Intelligent Client v7.0 (E0106) Copyright (c) Hewlett-Packard Development Company, L.P. and its licensors.

owncloud Android App Manual

CLIQ Web Manager. User Manual. The global leader in door opening solutions V 6.1

Install Application Start Download the Application

A5500 Configuration Guide

AD Sync Client Install Guide. Contents

AT&T Global Network Client for Mac User s Guide Version 1.7.3

Comodo Antispam Gateway Software Version 2.11

PAS. Installation Guide. BG0608 Rev. A1. Copyright SATEC Ltd.

TouchDown for Android Installation and Configuration Guide

USER MANUAL SafeStick

VMware AirWatch Certificate Authentication for EAS with NDES-MSCEP

Admin Table is oftr Caoto ntr e s U ntsser Guide Table of Contents Introduction Accessing the Portal

STAAR Alternate 2 and TELPAS Assessment Management System User s Guide

Overview. Top. Welcome to SysTools MailXaminer

S2 NetBox v4.8 Basic End-User Admin Training

Compliance Manager ZENworks Mobile Management 2.7.x August 2013

Transcription:

Demonstration Instructions Digital Defence Ltd. Secure Mobile Version 10.2.1 19 th July 2010

Table of Contents TABLE OF CONTENTS... 2 1. DEMONSTRATION INSTRUCTIONS... 3 1.1 PREREQUISITES... 3 1.2 PROCEDURE... 3 Solution Center Demonstration Template

1. Demonstration Instructions This will demonstrate the procedures to use the solution. 1.1 Prerequisites Prerequisite Notes 1 1.2 Procedure 1 Install the demo application. If installed by scanning the MSP barcode, the installer file is located in the \Application folder. The Demo application is the Secure Mobile client side of the software with a pre-built Product Encryption Key (PEK) of DEMO-DEMO-DEMO- DEMO. Select OK to reset the device. 2 Reset the device. Select OK and setup the user password. Solution Center Demonstration Template 3

By default, the security setting requires only encrypted storage cards to be used. 3 Encrypt a storage card. Upon insertion of any storage card containing files*, the following message box will be displayed. *Be careful with cards containing large quantities of data, the initial encryption can take anywhere from 1 minute to 2 hours (dependant on processor speed, roughly 3 minutes for every 100MB on 600MHz processor). 4 Encrypting a card. Wait for the files to be encrypted. Open File Explorer to view the Storage Card that has been encrypted. This shows that access to the files is exactly the same as it is without encryption. 5 Using a Storage Card This will also show the generation of the EncRecovery.exe and EncRecovery.bin files. These files are generated (and continually updated) as plain unencrypted files. The EncRecovery.exe file is to be executed if the device has been factory reset. The executable will install Secure Mobile with the last known security policy. Solution Center Demonstration Template 4

5a Using a Storage Card Open the files contained in the Storage Card to show the immediate access to files. The encrypted files are decrypted in real-time as they are accessed. 5b Using a Storage Card Remove the Storage Card from the device and insert the card into a card reader to show that the files are in fact encrypted. 6 Access the Secure Mobile settings. Navigate to the System Settings (or Programs area) on the device and select the Secure Mobile icon. 7 Access the Security Settings Select the Settings icon. Solution Center Demonstration Template 5

8 Setup the Manager Password Select OK and setup the manager password. This password is used to remove access of the Security Settings from the user. i.e the user must have knowledge of the Manager Password in order to access the settings. 9 Setup the Login security policy. Select the Login icon. 9a Setup the Login security policy. Setup the Grace Period. This is the period of time that must elapse before authentication is required to access the device after a power off. Fingerprint authentication is currently not supported for any Motorola devices. Solution Center Demonstration Template 6

Setup the Device Authentication to use LDAP (Active Directory). 9b Setup the Login security policy The username and password credentials can be stored on a remote LDAP server. If the mobile device does not have network connectivity at the time of authentication, the previously used credentials will authenticate the user. 10 Setup the Password security policy. Select the Password icon from the Settings pane. Select suitable values for password rules to describe a requirement for the enforcement of password strength. 11 Setup the Encryption security policy. Select the Encryption icon from the Settings pane. The default setting is to only allow access to cards that are encrypted. Never encrypt forces only unencrypted cards to be used, any encrypted card that is inserted will force the deletion of encrypted files. Can read plain cards will allow plain files to be read only in an encrypted card. A change to the encryption setting is only in effect on newly inserted storage cards. Persistent Storage refers to any onboard persistent storage folder. Solution Center Demonstration Template 7

Select the Wipe Device icon from the Settings pane. The lockout user policy is also set in this screen. 12 Setup the Wipe Device security policy. If not docked refers to a connection to a PC. Keep recovery facility. refers to the EncRecovery files. Select the device to lockout the user after 6 failed login attempts to demonstrate how a user can be locked out. 13 Setup the Recovery security policy. Select the Recovery icon from the Settings pane. The Local Recovery refers to the ability to use the PEK* to recover a password. The Mobile Recovery refers to the generation (and update) of the EncRecovery files. *PEK for the demo version is DEMO-DEMO-DEMO-DEMO, without the - characters. 14 Setup the Access. Select the Access icon from the Settings pane. Select the appropriate checkboxes to show how access to comms ports and applications can be denied. Applications can also be denied access to encryption via the Encryption White/Black listing setting. Solution Center Demonstration Template 8

15 Setup the Wi-Fi Access Select the Wi-Fi combo-box to Select. Then select the Edit->WiFi menu to display the list of approved Wi-Fi networks. A Wi-Fi network is defined by its {SSID : MAC Address} pair. Any Wi-Fi network can be defined in this setting by selecting the New menu option from the Wi-Fi Settings screen. 15a Setup the Wi-Fi Access Select the View menu option to switch between the view of Wi-Fi Networks in Range and the list of Approved Wi-Fi Networks. Selecting a Wi-Fi network in the list will toggle the network from being approved to being denied. A green tick icon represents a Wi-Fi network which is on the approved list. 16 Setup the Phone Number Access Select the Phone combo-box to Select. Then select the Edit->Phone menu to display the list of approved Phone Numbers which can be called and received. A special phone number * can be used to represent all phone numbers. Solution Center Demonstration Template 9

16a Setup the Phone Number Access Select the View menu option to switch between the view of Outgoing Calls and the list of Incoming Calls. Selecting a phone number in the list will toggle the network from being approved to being denied. A green tick icon represents a phone number which is on the approved list. 17 Setup the USB Access Select the USB combo-box to Select. Then select the Edit->USB menu to display the list of approved types of USB connections. Note: A PC connection is an RNDIS USB connection type. 17a Setup the USB Access Selecting a type of USB connection will toggle the USB Type from being approved to being denied. A green tick icon represents a USB Type which is on the approved list. Solution Center Demonstration Template 10

Select the Applications combo-box to Black Listed. Then select the Edit->Applications->Black List menu to display the list of applications (.exe files) which are un-approved for execution. 18 Setup the Application Black List Access A Black List refers to System Executable Files (files which are included in the device by default, i.e. they re stored in the ROM). Exe Files in the Black List are those files which are denied access to be executed. A White List refers to Third-Party application files (.exe files). Exe Files in the White List are those files which are approved to be executed. 18a Setup the Application Black List Access Select the View menu option to switch between the view of All System Exe Files and the list of System Exe Files in a specific folder. Selecting an exe file in the list will toggle the file from being approved to being denied. A red cross icon represents an executable file which is on the denied list. The \windows\pword.exe file represents the Office Word application. The \windows\fexplore.exe file represents the File Explorer application. The \windows\rapiclnt.exe file represents the Active Sync application. 18b Setup the Application Black List Access Once the Black List (or White List) has been changed a system reset is required. The Black List can be demonstrated by attempting to execute the file which was selected on the list. In this case attempting to execute the Office->Word application will demonstrate the Black List. Solution Center Demonstration Template 11

18c Setup the Application Black List Access The popup notification window will indicate the application is prohibited from use. 19 Setup the Encryption Black List Access Select the Applications combo-box to Black Listed. Then select the Edit->Applications->Black List Encryption menu to display the list of applications (.exe files) which are un-approved for access to encrypted data. A Black List refers to System Executable Files (files which are included in the device by default, i.e. they re stored in the ROM). Exe Files in the Encryption Black List are those files which are denied access to read and write encrypted data. A White List refers to Third-Party application files (.exe files). Exe Files in the Encryption White List are those files which are approved to read and write encrypted data. 19a Setup the Encryption Black List Access Select the View menu option to switch between the view of All System Exe Files and the list of System Exe Files in a specific folder. Selecting an exe file in the list will toggle the file from being approved to being denied. A red cross icon represents an executable file which is on the denied list. The \windows\pword.exe file represents the Office Word application. The \windows\fexplore.exe file represents the File Explorer application. The \windows\rapiclnt.exe file represents the Active Sync application. Solution Center Demonstration Template 12

19b Setup the Encryption Black List Access The Black List can be demonstrated by attempting to use an encrypted file, or create and write to an encrypted file. In this case attempting to view encrypted files with File Explored will result in the encrypted files being unreadable. 20 Setup the Auto Off policy. Select the Auto Off icon from the Settings pane. Set the time periods to automatically turn off the power / lock the screen. 20a Setup the Auto Off policy. Select the disable menu option from the Auto Off settings screen. A list of installed programs is displayed. Check any program that will disable the Auto Off operation if it is running. Solution Center Demonstration Template 13

20b Setup the Auto Off policy. Select the New menu option from the Programs List screen (from the Auto Off settings). Enter the name of an executable file that will be added to the list of installed programs. This executable file does not need to currently exist on the device. 20c Setup the Auto Off policy. Return to the Programs List screen to view the executable file that was just entered. This executable file needs to be checked in order for it to be added to the list of programs that will disable the Auto Off operation. 21 View License information. Select the License icon from the Settings pane. The current license can be viewed. By default, a trial license is installed to last for 30 days. Solution Center Demonstration Template 14

21a Update License information. Select the License->Renew menu option from the License Key Information screen. A new 20-character license key must be entered to update the expiration date. If a bad license key is entered, there is no change to the expiration date. 22 Security Settings Enforcement Press OK from the Settings pane to get back to the User Settings pane. 22a Security Settings Enforcement Select the Settings icon from the User Settings pane. The Manager Password is now required in order to access the security settings. This ensures that users cannot change the security policy unless they know the Manager Password. Solution Center Demonstration Template 15

23 Demo the settings available to the user. Select OK from the Settings pane to return to the user settings pane. Select the Set User Details icon from the User Settings pane. 24 Set the User Password. The User password and enrolled fingerprints (if applicable) can be edited via this User Setting. Select the Set User Password icon to change the User Password. Change the user password to another value. 24a Set the User Password To demonstrate password strength enforcement, try entering a New password that does not conform to the Password Rules entered in the Password settings screen. Solution Center Demonstration Template 16

25 View the Last Login details. Select the Last Login icon from the User Settings pane. View the previous login details. Select the Login Skins icon from the User Settings pane. 26 Set a new Login Skin. The drop down list should be disabled if the Login Settings does not allow the user to change the Login Skin. Try changing the Login Skin to show how to change the Login Screen. 27 View the Storage Encryption Status. Select the Storage Status icon from the User Settings pane. Select the appropriate Storage folder to view its encryption status and file space details. Solution Center Demonstration Template 17

Insert an encrypted Storage Card into a card reader and copy some files to it. This will create a card with encrypted and unencrypted (plain) files. Re-insert the Storage Card into the mobile device and try to access one of the plain files. 28 Demo the enforcement of encrypted cards. If a plain file is copied to a location on the SD Card while the SD card is inserted in the Secure Mobile protected mobile device, then the file is automatically copied (created) as an encrypted file. You will not be prompted to encrypt the file. This is assuming the encryption status of the SD Card is encrypted. If an encrypted folder is viewed that contains any plain files, then those plain files will be requested to be encrypted. It is not necessary to encrypt the files at this stage. If the encryption setting is to allow the user to choose, then a plain file will still be usable. However the plain files are still requested to be encrypted. 28a Demo the enforcement of encrypted cards. Wait for the encryption to complete. Turn off the device. 29 Fail a user login. Make sure enough time has elapsed for a Login Screen to be shown (i.e. more time than the Grace Period). Enter the wrong user password. Then enter the correct user password. Solution Center Demonstration Template 18

Make sure a value has been set to lockout the user after x number of failed login attempts (via the Wipe Device settings screen). 30 Lockout the user. Power off the device to make sure the user is requested to authenticate to regain access to the device. Enter the wrong password x number of times. After x-1 times, the user is requested to enter unlock to continue. (this is to stop the event of multiple accidental incorrect password entry) 30a Lockout the user. Enter unlock as the password. After entering unlock as the password, the user then has one more attempt left before the device will be locked. 30b Lockout the user. Enter a wrong password to lockout the user. Now try entering the correct password, the device remains locked! Solution Center Demonstration Template 19

Enter help as the password. The Challenge Response screen is displayed to determine if access should be granted to set a new password. 31 Recover the user password. A Response Code can be generated from the Password Recovery Management Suite tool (run on a PC). If the Local User Recovery checkbox has been checked in the Recovery settings screen, then the PEK can be entered as the Response Code. In the case of the demo installation, the PEK code is DEMO-DEMO- DEMO-DEMO (without the - characters). 32 Recover the user password. Select No to gain access to the device without changing the old password. Select Yes to set a new password. Access the device will be granted directly after setting the new password. Solution Center Demonstration Template 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback