1 WHITE PAPER Microsoft Windows (RMS) provides authors and owners the ability to control how they use and distribute their digital content when using rights-enabled applications, including Microsoft Office 2003 and 2003 Professional or the Internet Explorer Plug-in. Windows RMS provides certification, licensing, and publishing services that can be used with clients that are enabled for Windows Rights Management (RM).
2 2 Table of Contents Technology Overview...4 Technology Requirements...4 Technology Components...5 RMS Server...5 RMS Client...6 RM-enabled Applications...6 RM Machine Certificates...6 RM Account Certificates...6 Lock Box...7 Server Licensor Certificates...7 Use License...8 RMS Licensing...8 Tracking Licenses...9 Rights Policy Templates...9 Concepts...9 Creating Content...9 Licensing and Distribution...9 Acquiring Licenses...10 Encryption...10 Server Keys...11 Machine Keys...11
3 3 Client Licensor Keys...11 User Keys...11 Content Keys...12 Publishing and Consumption Workflow...13 Glossary...15 RMS Trial Deployment Checklist...21
4 4 Technology Overview Microsoft Windows (RMS) provides authors and owners the ability to control how they use and distribute their digital content when using rights enabled applications including Microsoft Office 2003 and 2003 Professional or the Internet Explorer Plug-in. Windows RMS provides certification, licensing, and publishing services that can be used with clients that are enabled for Windows Rights Management (RM). Technology Requirements The following information pertains to how RMS can be integrated into an organization s existing infrastructure from the perspective of a pilot implementation. Organizations well suited to employ Windows possess, and are comfortable using, the requisite technologies associated with RMS including: Active Directory Services Internet Information Server with ASP.NET enabled SQL Server 2000 Message Queuing Windows 2003 Server for RMS Server Windows RMS client software Microsoft Office 2003 Internet Explorer IRM plug-in SMS or other software deployment mechanism Group Policy Objects RMS Solution Requirements Hardware Required P3, 800Mhz or better / Recommended P4 1.5Ghz or better Required 256 MB RAM / Recommended 512 MB RAM Required 20 GB disk space / Recommended 40 GB disk space Software Windows Server 2003 Message Queuing included in Server 2003 for logging and AD integration
5 5 IIS 6.0 with ASP.Net enabled Infrastructure Microsoft SQL Server 2000 sp3 or greater Active Directory running Windows 2000 sp3 or greater An RMS-enabled application or browser Updated APIs will be required for Windows clients and will be made available via Microsoft Windows Update. RMS Client Software System Requirements Supported Operating Systems: Windows 2000 Service Pack 3, Windows 98 Second Edition, Windows ME, Windows Server 2003, Windows XP Microsoft Windows 98 Second Edition and Microsoft Windows Millennium Edition require the Active Directory Client Extension, commonly referred to as the DSClient. The DSClient for Windows 95 and Windows 98 is available on any Windows 2000 Server, Advanced Server, or DataCenter CD-ROM. Please reference the Microsoft Knowledge Base Article: Microsoft Windows 98 Second Edition and Microsoft Windows Millennium Edition users without the DSClient installed can still use the Windows Rights Management Client, but the Service Discovery through Active Directory feature will be unavailable. Technology Components RMS Server RMS has a number of dependencies related to infrastructure including, but not limited to, Microsoft Active Directory, Microsoft IIS and Microsoft SQL Server. A full list is provided in the Technology Requirements section of this document. In addition to these dependencies, there is RMS Server software. The RMS 1.0 Server software can be downloaded from Microsoft directly. Since this server component is provided as a premium service for Windows Server, a Windows RMS Client Access License (CAL) is required for each user publishing and/or viewing rights-protected content.
6 6 RMS Client The Windows RM client component is a set of application interfaces that can be used to develop RM-enabled applications. RM-enabled application can be used to both publish and consume RM-protected content. Each client computer that is in an RM system must have the Windows RM client component installed. The Windows RM client component is a prerequisite for machine activation, and is required for using RM-enabled applications. RM-enabled Applications RM-enabled applications allow content authors to attach usage rights, in the form of publishing licenses, to files that they create. This allows for control over the way that content is consumed. RM-enabled applications also process the encrypted file information and allow users to consume the content according to the permissions that are defined in the publishing license. Microsoft Office 2003 is an RM-enabled application. There is also an RM Add-on for Internet Explorer. By using the Windows RM client SDK, developers can build RM-enabled applications that license, publish, and consume RM-protected content. RM-enabled applications can be developed for computers that are running Microsoft Windows 98 Second Edition or later. RM Machine Certificates An RM machine certificate identifies a computer or device that is trusted by the Windows RMS system. During the activation process, a computer or device receives an RM machine certificate from the root certification server. This server acts as a proxy to the Microsoft RM Activation Service, which actually issues the certificate. An RM machine certificate contains the public key of the activated computer. It is signed by the private key of the Microsoft RM Activation Service. There is no requirement for computers to be members of an Active Directory domain to receive a machine certificate. RM Account Certificates Organizations must identify the users who are trusted entities in their RM system. To do this, Windows RMS issues RM account certificates that associate user accounts with specific computers. The user's RM account certificate must be included with the request for client licensor certificates and use licenses. A client
7 7 licensor certificate allows an author to publish RM-protected content, such as files and , while offline. A use license allows a user to consume RMprotected content. Each RM account certificate contains the user's public key, which is used to encrypt data that is intended for that user. There are two types of RM account certificates: standard and temporary. The validity period for both types can be specified. Standard certificates have a duration that is specified in days (365 days, by default). Temporary account certificates have a duration that is specified in minutes (15 minutes, by default). Temporary account certificates allow users to temporarily consume content, for example at a kiosk, when they cannot gain access to the computer that they usually use. This prevents another user from consuming the content from this computer at a later time. Lock Box RM Lockboxes reside on client computers. An RM Lockbox is an integral part of identifying a computer or device that is trusted by Windows RMS. A computer or device receives a Lockbox from the Microsoft Activation Service during the same machine-activation process that produces an RM machine certificate. Each Lockbox is built on a hardware identifier, making the Lockbox unique and binding it to a specific computer. A Lockbox contains the private key of the activated computer. Clients that are running on the corporate network submit machine activation requests to the Windows RMS activation proxy service. The activation proxy service acts as an Internet proxy to the Microsoft Activation Service, which issues the Lockbox. There is no requirement for computers to be members of an Active Directory domain to receive a Lockbox. Server Licensor Certificates A server licensor certificate grants to a Windows RMS server the right to issue certificates and licenses. During provisioning, the first root certification server that is in a deployment receives a server licensor certificate from the Microsoft Enrollment Service in a process called enrollment. This certificate contains the public key of the root certification server, and it is signed by the private key of the Enrollment Service. Other servers that are added to the root certification cluster share this certificate. During provisioning, the first licensing server that is in a cluster receives a server licensor certificate from the Windows RMS root certification server or cluster in a
8 8 process that is called sub-enrollment. This certificate contains the public key of the licensing server, and it is signed by the private key of the root certification server or cluster. Other servers that are added to the licensing cluster share this certificate. Client Licensor Certificates A client licensor certificate grants an author permission to publish RM-protected content without being connected to the corporate network. To obtain a client licensor certificate, an author initiates a client enrollment request to the root certification server or to a licensing server from a client computer. The server then returns a client licensor certificate for that computer. A client licensor certificate contains the client licensor public key, along with the client licensor private key that is encrypted by the public key of the author who requested the certificate. It also contains the public key of the server that issued the certificate, which is signed by the private key of the server that issued the certificate. The client licensor private key is used to sign publishing licenses that the author creates. Use License To use RM-protected content, a use license is required. A use license specifies the permissions that a particular user has for the RM-protected content. A use license is issued by the server that issued the corresponding publishing license. Users named in a publishing license receiving RM-protected content, can request a use license. RM-enabled applications use XrML based technology to read, interpret and enforce usage permissions packaged with protected content. A use license contains the symmetric content key for decrypting the content, and it is encrypted with the public key of the user. This ensures that only the requesting user can consume the RM-protected content. A use license is signed by the private key of the server that issues the use license. RMS Licensing Since this server component is provided as a premium service for Windows Server, a Windows RMS Client Access License (CAL) is required for each user who will publish or view rights-protected content. Up to two users may simultaneously access or use the RMS solely for administration of the software without a CAL. For more details on licensing requirements, please review the End User License Agreement when downloading this premium service.
9 9 Tracking Licenses Windows RMS tracks the total number of users that have received RM account certificates from a Windows RMS installation. This number is an approximation of the total number of RM account certificates that have been issued. If the databases have not been updated to delete users who are no longer active, this number will not be correct. Also, if there are users who have been issued multiple licenses in multiple forests, the additional licenses are not included in the number that is shown. Rights Policy Templates Rights policy templates describe a standard set of users, rights, and conditions that can be applied to RM-protected content. When a user applies a rights policy template to a piece of content, the rights that it describes become part of the publishing license. Concepts Creating Content Users who are trusted entities in a Windows RM system can easily create and manage protected files by using applications and tools that incorporate the features of Windows RM technology. In addition, RM-enabled applications can use centrally defined and officially authorized rights policy templates to help users efficiently apply a predefined set of corporate usage policies. RM-enabled applications are developed by Microsoft and other third-party developers to be used with a Windows RMS installation. Licensing and Distribution Certificates that are issued by the servers that are in an RM system identify the trusted entities that can publish and consume RM-protected content. Users who are trusted entities in an RM system can assign usage rights and conditions to content that they author and want to protect. These usage policies specify who can use the content and what they can do with it. Authors can request publishing licenses, which bind the usage policies to the specified content. They can then distribute the content, for example, by sending it to other users who are in their organization, posting it to internal servers for company use, or distributing it to trusted external partners. In a process that is transparent to users, the RM system validates the trusted entities in a publishing licensing request, and then issues a license that contains
10 10 the specified usage rights and conditions for the content. The RM-enabled application then generates electronic keys and uses them to encrypt the content. The encrypted content includes the certificates of the trusted entities. After the content is locked by this mechanism, only the users who are specified in the publishing licenses can unlock and consume that content. Those users must also be trusted entities in the RM system. Acquiring Licenses Users who are trusted entities can consume RM-protected content by using trusted clients. These clients are RM-enabled computers and applications that allow users to view and work with RM-protected content, to preserve that content's integrity, and to enforce usage policies. When users attempt to gain access to RM-protected content, requests are sent to Windows RMS to issue use licenses for the user to consume that content. In a process that is transparent to users, the Windows RMS server, which has the public key that is used to encrypt the content, issues unique use licenses that read, interpret, and enforce the usage rights and conditions that are specified in the publishing license. The RM-enabled application then decrypts the content by using the electronic keys that are from the content and applications, as well as the certificates of the trusted entities. The usage rights and conditions are persistent and can be enforced wherever the content goes. Encryption Protected content is always encrypted. The certificates and licenses that are used by Windows RMS may also contain encrypted content, which can be decrypted only by an appropriate entity. An RM-enabled application uses a content key to encrypt the data. All Windows RMS servers, client computers, and user accounts have a key pair of 1024-bit RSA keys, except for the 512-bit RSA machine key pairs. Windows RMS uses these keys to encrypt the content key that is in publishing and use licenses, and to sign RM certificates and licenses. This process ensures that the server allows access only to authorized users and computers.
11 11 Server Keys A Windows RMS server has a key pair of 1024-bit RSA keys. The server public key is used to encrypt the content key contained in a publishing license so that only the Windows RMS server can retrieve the content key and issue use licenses against that publishing license. The server licensor certificate contains the server public key. The server private key is used to sign all certificates and licenses that are issued by the server. Machine Keys A Windows RMS client computer or device has a key pair of 512-bit RSA keys, called machine keys. The machine public key is used to encrypt an RM account certificate private key. The RM machine certificate contains the machine public key. The RM Lockbox contains the machine private key, which is used to decrypt the RM account certificate to allow the use of the user private key. Client Licensor Keys Authors may acquire client licensor certificates to publish RM-protected content while they are not connected to the Windows RMS-enabled network. A client licensor certificate has a key pair of 1024-bit RSA keys. The Windows RM client component uses the client licensor certificate public key when issuing a publishing license to accomplish the following tasks: Encrypt the symmetric content key. Sign publishing licenses that are issued locally while the user is not connected to the network. User Keys A Windows RMS user has a key pair of 1024-bit RSA keys. The user key pair is stored in the Windows RMS configuration database so that a given user always has the same key pair throughout the Windows RMS system. An RM account certificate contains the user public key. This key is used to encrypt the content key contained in a use license so that only a particular user can consume RM-protected content by using that license. The same RM account certificate also contains the user private key, which is encrypted with a client machine public key. This assures that an RM account certificate can be used only on the computer for which it was issued, but that
12 12 every RM account certificate for a given user will contain the same key pair. The user private key is required to consume any content that has been protected by using Windows RMS. Content Keys When an author publishes RM-protected content, an RM-enabled application creates a symmetric content key and uses it to encrypt the content. Windows RMS supports applications that use Data Encryption Standard (DES) or Advanced Encryption Standard (AES) to create the content key. The content key is included in the publishing license, and the content key is encrypted with the public key of the Windows RMS server that issued the license. When that server receives a request for a use license, it decrypts the content key with the server's private key and then re-encrypts the content key with the user's public key (which it received as part of the request). The content key is then contained in the use license.
13 13 Publishing and Consumption Workflow SQL Server Active Directory 1. Author receives a client licensor certificate (CLC) the first time he/she protects information. RMS Server 2. Author defines a set of usage rights and rules for the file; Application creates a Publishing License and encrypts the file. 3. Author distributes file. 2 1 Information Author The Recipient 4. Recipient clicks file to open it, and the application calls to the RMS server to validate the user and issue a Use License. 5. Application renders file and enforces rights.
15 Glossary Account certification - The process that associates user accounts with key pairs. Account certification service A Windows RMS Web service that creates and distributes RM account certificates. Activation proxy service A Windows RMS Web service that forwards machine activation requests to the Microsoft Activation service, which returns a custom-generated RM Lockbox and a matching RM machine certificate unique to the specific computer. The activation proxy service then forwards these items back to the requesting client. Administration service - A Windows RMS Web service that hosts the Administration Web site, allows the management of Windows RMS, and updates the configuration database for the cluster. Application manifest - An XML document that describes the modules of an associated RM-enabled application and what may run in the application environment. Any application that runs with the RM client component must provide a manifest at run time. Attribute - A name-value data pair. Binding - The mechanism that exercises rights in an RM system, where the RM client component validates the conditions of a use license against the rights that are being requested. If these conditions are met, the rights are granted. Certificate - A signed statement that associates an identity with a pair of electronic keys that can be used to encrypt and sign digital information. Client enrollment - The process of creating the client licensor certificate. This certificate enables the user's computer or device to create publishing licenses that will be honored by a licensing server. Client licensor certificate - The certificate created by a Windows RMS server and placed on Windows RM client computers. The certificate enables users to publish protected content offline without being connected to the Windows RMenabled network. Condition - A set of specified constraints and parameters that are part of the rights group bundled into a publishing license. These are enforced at the time of consumption.
16 16 Configuration database - The database containing Windows RM configuration information for a server or cluster. Consuming content - Exercising usage rights to a piece of protected content. Content key - The key used to both encrypt and decrypt protected content during publishing and consumption. This is also known as symmetric key. Content owner - The person or organization that controls access to protected content. Decrypt - To convert encrypted content back into its original form. DRMRemote service - A Windows RMS Web service that exposes services through.net Remoting, which is used for communication between different Windows RMS servers. Encrypt - To encode (scramble) information in such a way that it is unreadable to all but those individuals possessing the key to the code. Enrollment - The process by which the root certification server obtains a server licensor certificate signed by the Microsoft root of trust. Enrollment request - A request sent by the root certification server to the Microsoft Enrollment Service for a server licensor certificate. Exclusion - The process used to deny a use license to a client based on exclusion policy. Exclusion list - The list of principals that are to be denied licenses by the Windows RMS licensing service. Exclusion policy - Settings in the Windows RMS configuration database that control the manner in which exclusion is applied in the organization. Extensible Rights Markup Language - The XML-based specification for licenses documents that specify the RM policy applied to protected content. License - Data that specifies the RM policy applied to protected content. Licensing cluster - One or more servers running the Windows RMS licensing and publishing services outside of the root certification cluster. These servers use a common database and connection URL, and should be deployed behind either a software or hardware load balancer.
17 17 Licensing server - A server running the Windows RMS licensing and publishing services outside of the root certification cluster. Licensing service - A Windows RMS Web service that issues use licenses. Logging service - A Windows RMS listener service that transfers logged data from the message queue to the logging database for the Windows RMS server or cluster. Machine activation - The process of obtaining a unique RM Lockbox for a computer. Manifest - The signed XML document that identifies the libraries or programs that can, cannot, and may be loaded into the application's processing space. Microsoft Activation Service - A Microsoft-hosted Web service that issues RM machine certificates and RM Lockboxes in response to RM client requests. Microsoft Enrollment Service - A Microsoft-hosted Web service that issues a server licensor certificate to the root certification server in a Windows RMS deployment. Pre-certification - A feature of the Windows RMS certification service that allows an RMS server to request an RM account certificate on behalf of a user. RM account certificates obtained using pre-certification contain only the user's public key. Principal - An entity (such as a user, group, or protected content manager) that has an established role in the Windows RM security scheme, and to which objects can be secured. Private key - The secret half of a public/private key pair used in cryptography. Private keys are typically used to digitally sign a message or to decrypt a message that has been encrypted with the corresponding public key. Provision - To configure a Windows RMS server to work in an organization. Public key - The non-secret half of a public/private key pair used in cryptography. Public keys are typically used to encrypt sessions, files, and messages, which are then decrypted using the corresponding private key. Public key cryptography - A method of cryptography in which two different keys are used: a public key for encrypting data and a private key for decrypting data. Public key cryptography is also called asymmetric cryptography.
18 18 Publishing license - The license created when publishing the content that allows a user to request a use license. This is also known as issuance license. Publishing service - A Windows RMS service that signs publishing licenses and issues client licensor certificates. Revocation - A process by which entities are listed as having invalid licenses. Revocation list - An XrML-based document that lists the certificates and licenses that have been revoked by the issuer. Right - An action permitted to specified users for content protected by Windows RM technology. These rights can be further constrained by using conditions. Rights management - A technology that provides persistent protection to digital data using encryption, certificates, and authentication. Authorized recipients or users must acquire a license in order to consume the protected files, according to the rights, or business rules, set by the content owner. Rights policy template - Describes a standard set of users, rights, and conditions that can be applied to RM-protected content. When a user applies a rights policy template to a piece of content, the rights and conditions it describes become part of the publishing license. RM account certificate - The certificate that uses the machine certificate from RM activation to bind user accounts to specific computers or groups of computers. The certificate's components are used to enable consumers to use protected content. This is also known as a group identity certificate (GIC). RM activation - The process of placing an RM Lockbox on an end-user's computer. This can only be provided by the RM activation service and is essential when using the Windows RM technology. This is also known as activation. RM client component - A set of RM APIs that each client computer in an RM system must install. It is a prerequisite for machine activation, and is required for using RM-enabled applications. RM Lockbox - The software module responsible for authenticating the valid use of protected content and protecting trusted software processing from modification and observation. This is also known as a secure repository.
19 19 RM machine certificate - The certificate placed on an end-user's computer during RM activation. This certificate is used to create RM account certificates required for end users to publish and consume protected content. RM-enabled application - An application that has been extended by using the Windows RM client SDK to allow users to specify the rights attached to content that they create. RM-enabled computer - A computer that has the RM client component installed and has undergone RM machine activation so that it can process content protected by Windows RMS. RM-protected content - Digital information that is protected by Windows RM technology. Root certification cluster - One or more servers in a Windows RMS deployment running administration, enrollment, account certification, activation proxy, licensing, and publishing services. These servers use a common database and connection URL, and should be deployed behind either a software or hardware load balancer. There can only be one root certification cluster per Active Directory forest. Root certification server - The primary server in a Windows RMS deployment running administration, enrollment, account certification, activation proxy, licensing, and publishing services. There can only be one root certification server per Active Directory forest. Root of trust - A trusted entity that provides the basis for the certificates in the certificate trust list (CTL). All the certificate providers and the ultimate user must trust the destination. Security ID - A numeric value that identifies a user or group. For each access control entry (ACE), a SID exists that identifies the user or group for whom access is allowed, denied, or audited. Server licensor certificate - The certificate that establishes the credentials of the RMS server, making it a valid certification and licensing service, and enabling it to run. Server service - A Windows RMS Web service that allows another service to request a server licensor certificate and the service location URL.
20 20 Service connection point (SCP) - An Active Directory object that references the root certification cluster URL of a Windows RMS deployment. The client component uses this information to locate Windows RMS services. Signature - Data that results when content authors or owners of a message, file, or other digitally encoded information bind their identity to the information. Sub-enrollment - Part of the provisioning process for a licensing server, by which the licensing server obtains a server licensor certificate from the root certification cluster. Sub-enrollment request - A request sent by a licensing server to the root certification cluster for a server licensor certificate. Sub-enrollment service - A Windows RMS Web service on the root certification server that responds to requests for server licensor certificates that are submitted by licensing servers during provisioning. Super user - A member of the super user group. Super user group - An administratively defined user group for each Windows RMS cluster that will be granted owner licenses by the Windows RMS server when opening content published by that server. Use license - The license that enables end users to consume protected content. This is also known as an end-user license (EUL). Windows RM Certification Service - A Microsoft-hosted Web service that issues RM account certificates to users based on their Microsoft.NET Passport credentials.
Installing Windows Rights Management Services with Service Pack 2 Step-by- Step Guide Microsoft Corporation Published: October 2006 Author: Brian Lich Editor: Carolyn Eller Abstract This step-by-step guide
Overview of Active Directory Rights Management Services with Windows Server 2008 R2 Student Manual Module 3: Active Directory Rights Management Clients and Information Rights Management on Desktop Applications
MOSS Information Rights Management Ashish Bahuguna firstname.lastname@example.org Active Directory Rights Management Services integration (AD RMS) Agenda AD RMS Overview AD RMS Architecture Components MOSS
1 Installation Guide Release Management for Visual Studio 2013 This document is provided as-is. Information and views expressed in this document, including URL and other Internet Web site references, may
Version 4.0, Rev. 1 Contents Software and Hardware Prerequisites Guide... 2 anterradatacenter Version selection... 2 Required Software Components... 2 Sage 300 Construction and Real Estate ODBC... 2 Pervasive
PC Business Banking Technical Requirements For PC Business Banking Version 7.0 March 2007 Application Overview PC Business Banking (PCBB) is Bank of New Zealand s banking platform for large business/corporate
Ciphire Mail Technical Introduction Abstract Ciphire Mail is cryptographic software providing email encryption and digital signatures. The Ciphire Mail client resides on the user's computer between the
1 Contents Introduction... 4 Foxit PDF Security Suite Environments... 5 Enforce AD RMS Policies for PDF documents in SharePoint Environments... 5 Enforce AD RMS Policies for PDF documents in Exchange Environments...
Overview of Active Directory Rights Management Services with Windows Server 2008 R2 Student Manual Module 5: Information Rights Management on Server Applications Information in this document, including
Enabling SSL and Client Certificates on the SAP J2EE Engine Angel Dichev RIG, SAP Labs SAP AG 1 Learning Objectives As a result of this session, you will be able to: Understand the different SAP J2EE Engine
SAP Single Sign-On 2.0 SP04 Document Version: 1.0-2014-10-28 PUBLIC Secure Login for SAP Single Sign-On Implementation Guide Table of Contents 1 What Is Secure Login?....8 1.1 System Overview.... 8 1.1.1
Deploying Active Directory Rights Management Services at Microsoft Technical White Paper Published: December 2011 The following content may no longer reflect Microsoft s current position or infrastructure.
NTP Software File Auditor for Windows Edition An NTP Software Installation Guide Abstract This guide provides a short introduction to installation and initial configuration of NTP Software File Auditor
Entrust Managed Services PKI Auto-enrollment Server 7.0 Installation and Configuration Guide Document issue: 1.0 Date of Issue: July 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark
1 Table of Contents Introduction... 4 System and Hardware Requirements... 4 Supported Operating Systems... 4 Microsoft SQL Server... 4 Microsoft.NET Framework 4.0... 4 Microsoft Internet Information Services
TANDBERG MANAGEMENT SUITE 10.0 Installation Manual Getting Started D12786 Rev.16 This document is not to be reproduced in whole or in part without permission in writing from: Contents INTRODUCTION 3 REQUIREMENTS
BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0 Service Pack: 2 Feature and Technical Overview Published: 2010-06-16 SWDT305802-1108946-0615123042-001 Contents 1 Overview: BlackBerry Enterprise
Xerox DocuShare Security Features Security White Paper Xerox DocuShare Security Features Businesses are increasingly concerned with protecting the security of their networks. Any application added to a
Interworks Interworks Cloud Platform Installation Guide Published: March, 2014 This document contains information proprietary to Interworks and its receipt or possession does not convey any rights to reproduce,
The purpose of this document is to guide you through the installation and configuration of a new ShipGear installation. Following is an overview of sections in this document: Section A Installing ShipGear
Course 50403B: Implementing Active Directory Rights Management Services with Exchange and SharePoint Course Details Course Outline Module 1: Why Rights Management? This module provides an overview of Microsoft
RAP as a Service for Team Foundation Server Prerequisites Download the latest prerequisites from: http://www.microsoft.com/en-us/download/details.aspx?id=34698 Last modified: Sept 23, 2015 Internet connectivity
Mediasite EX server deployment guide 2008 Sonic Foundry, Inc. All rights reserved. No part of this document may be copied and/or redistributed without the consent of Sonic Foundry, Inc. Additional copies
Copyright 2004-2015 Foxit Software Incorporated. All Rights Reserved. No part of this document can be reproduced, transferred, distributed or stored in any format without the prior written permission of
The Dot Net Factory AD Self-Service Suite for Active Directory Version 3.6 The Dot Net Factory, LLC. 2005-2011. All rights reserved. This guide contains proprietary information, which is protected by copyright.
Wise Package Studio Getting Started Guide Legal Notice The software described in this document is furnished under a license agreement and may be used only in accordance with the terms of the agreement.
1 (11) Paperiton DMS Document Management System System Requirements Release: 2012/04 2012-04-16 2 (11) 1. This document describes the technical system requirements for Paperiton DMS Document Management
Kaseya 2 Kaseya Server Setup Installation guide Version 7.0 English September 4, 2014 Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept
DIRECTORY PASSWORD V1.2 Quick Start Guide Directory Password is a self-service password reset / account unlock tool that is an optional add-on for Directory Update v2.5. Directory Update must be installed
PROPALMS VDI Version 2.1 Quick Start Guide for Parallels Virtuozzo Rev. 1.1 Published: JULY-2011 1999-2011 Propalms Ltd. All rights reserved. The information contained in this document represents the current
NETWRIX IDENTITY MANAGEMENT SUITE FEATURES AND REQUIREMENTS Product Version: 3.3 February 2013. Legal Notice The information in this publication is furnished for information use only, and does not constitute
HSLAB Print Logger 5 Installation Guide NOTE: Information and screen shots in this document are related to the Print Logger EE edition. In different editions some features may be not available. See editions
FMCS SINGLE SIGN ON Overview and Installation Guide November 2014 SSO-MNL-v3.0 CONTENTS Introduction... 3 About Single Sign On... 3 Application Architecture... 4 Implementation Checklist... 5 Component...
3D SECURE We have seen merchants reduce fraud by up to 95% when integrating to 3D Secure... System Overview This document is intended for merchant and developers that want to gain a high level overview
Page 1 of 72 Features - SharePoint Server idataagent TABLE OF CONTENTS OVERVIEW SYSTEM REQUIREMENTS - SHAREPOINT SERVER IDATAAGENT INSTALLATION Install the SharePoint Server idataagent BACKUP DATA - SHAREPOINT
Configuring Security Features of Session Recording Summary This article provides information about the security features of Citrix Session Recording and outlines the process of configuring Session Recording
ESXi 4.1 Embedded vcenter Server 4.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent
Symantec Backup Exec 2010 R2 Quick Installation Guide 20047221 The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement.
Pearl Echo Installation Checklist Use this checklist to enter critical installation and setup information that will be required to install Pearl Echo in your network. For detailed deployment instructions
Contents AD RMS Windows Server 2008 to Windows Server 2008 R2 Migration and Upgrade Guide... 2 About this guide... 2 Preparing for the migration or upgrade of an AD RMS cluster... 2 Checklist: Preparing
Getting Started Guide for Symantec On-Demand Protection for Outlook Web Access 3.0 PN: 12199694 Getting Started Guide for Symantec On-Demand Protection for Outlook Web Access 3.0 The software described
Server Installation Procedure - Load Balanced Environment 1. Introduction This document explains a step-by-step procedure in case BackupAgent BV performs an installation of the BackupAgent Server Software
DIRECTORY PASSWORD V1.0 Quick Start Guide Directory Password is a self-service password reset / account unlock tool that is an optional add-on for Directory Update v2.0. Using Directory Password involves
Security Watch Deploying EFS: Part 1 John Morello By now, everyone has heard reports about personal or sensitive data being lost because of laptop theft or misplacement. Laptops go missing on a regular
NETWRIX CHANGE NOTIFIER FOR SQL SERVER QUICK-START GUIDE Product Version: 2.6.194 February 2014. Legal Notice The information in this publication is furnished for information use only, and does not constitute
2011 AdRem Software, Inc. This document is written by AdRem Software and represents the views and opinions of AdRem Software regarding its content, as of the date the document was issued. The information
Installing and Configuring WhatsUp Gold This guide provides information about installing and configuring WhatsUp Gold v14.2, including instructions on how to run the WhatsUp web interface through an Internet
AIMS Installation and Licensing Guide Version 9 2603 Camino Ramon Suite 110 San Ramon, CA 94583 Toll Free: 800-609-8610 Direct: 925-217-5170 FAX: 925-217-0853 Email: email@example.com Limited Warranty
Configuration Guide Lepide Exchange Recovery Manager Lepide Software Private Limited, All Rights Reserved This User Guide and documentation is copyright of Lepide Software Private Limited, with all rights
Microsoft SQL Server Integration Guide Document Information Document Part Number 007-011108-001 (Rev J) Release Date August 2013 Trademarks All intellectual property is protected by copyright. All trademarks
Installing and Administering VMware vsphere Update Manager Update 1 vsphere Update Manager 5.1 This document supports the version of each product listed and supports all subsequent versions until the document
Websense Content Gateway HTTPS Configuration web security data security email security Support Webinars 2010 Websense, Inc. All rights reserved. Webinar Presenter Title: Sr. Tech Support Specialist Cisco
etoken for Windows Smartcard Logon Lesson 9 April 2004 etoken Certification Course Smartcard Logon Overview Windows 2000/2003 Enterprise Server built-in feature Smartcard logon requires issuing a personal
HP ProtectTools Embedded Security Guide Document Part Number: 364876-001 May 2004 This guide provides instructions for using the software that allows you to configure settings for the HP ProtectTools Embedded
Page 1 of 208 User Guide - Exchange Database idataagent TABLE OF CONTENTS OVERVIEW Introduction Key Features Add-On Components Customized Features for Your Exchange Version Terminology SYSTEM REQUIREMENTS
OutDisk 4.0 FTP FTP for Email Users using Microsoft Windows and/or Microsoft Outlook 5/1/2012 2012 Encryptomatic LLC www.encryptomatic.com Contents What is OutDisk?... 3 OutDisk Requirements... 3 How Does
SAFETICA INSIGHT INSTALLATION MANUAL SAFETICA INSIGHT INSTALLATION MANUAL for Safetica Insight version 6.1.2 Author: Safetica Technologies s.r.o. Safetica Insight was developed by Safetica Technologies
System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure
Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical
KOFAX Capture 8 Installation Guide 10300627-000 Rev A 1994-2008 Kofax Image Products, Inc., 16245 Laguna Canyon Road, Irvine, California 92618, U.S.A. All rights reserved. Use is subject to license terms.
Information Rights Management in Office for Mac 2011 Deployment Guide Information in this document, including URL and other Internet Web site references, is subject to change without notice. Content in
NSi Mobile Installation Guide Version 6.2 Revision History Version Date 1.0 October 2, 2012 2.0 September 18, 2013 2 CONTENTS TABLE OF CONTENTS PREFACE... 5 Purpose of this Document... 5 Version Compatibility...
7.x Upgrade Instructions 2015 Table of Contents INTRODUCTION...2 SYSTEM REQUIREMENTS FOR SURESYNC 7...2 CONSIDERATIONS BEFORE UPGRADING...3 TERMINOLOGY CHANGES... 4 Relation Renamed to Job... 4 SPIAgent
QUESTION 1 Your network contains the following: 20 Hyper-V hosts 100 virtual machines 2,000 client computers You need to recommend an update infrastructure design to meet the following requirements: Deploy
LabStats Tel: 877-299-6241 255 B St, Suite 201 Fax: 208-473-2989 Idaho Falls, ID 83402 LabStats 5 System Requirements Server Component Virtual Servers: There is a limit to the resources available to virtual
SOLARWINDS ORION Patch Manager Evaluation Guide About SolarWinds SolarWinds, Inc. develops and markets an array of network management, monitoring, and discovery tools to meet the diverse requirements of
IBM i Security Digital Certificate Manager 7.1 IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in Notices,
Agency Pre Migration Tasks This document is to be provided to the agency and will be reviewed during the Migration Technical Kickoff meeting between the ICS Technical Team and the agency. Network: Required
Core Protection for Virtual Machines 1 Comprehensive Threat Protection for Virtual Environments. Installation Guide e Endpoint Security Trend Micro Incorporated reserves the right to make changes to this
INSTALLING SQL SERVER 2008 EXPRESS ADVANCED EDITION FOR REDHORSE CRM This article will walk you thru the installation of SQL Server 2008 Express Advanced Edition. Step 1: Download SQL Server 2008 Express
Installation and Deployment Help Documentation This document was auto-created from web content and is subject to change at any time. Copyright (c) 2016 SmarterTools Inc. Installation and Deployment SmarterStats
App Orchestration 2.0 Configuring NetScaler Load Balancing and NetScaler Gateway for App Orchestration Prepared by: Christian Paez Version: 1.0 Last Updated: December 13, 2013 2013 Citrix Systems, Inc.
IBM Campaign Version-independent Integration with IBM Engage Version 1 Release 3 April 8, 2016 Integration Guide IBM Note Before using this information and the product it supports, read the information
This document is provided to you by ABC E BUSINESS, Microsoft Dynamics Preferred partner. System Requirements NAV 2016 Page 1 System Requirements NAV 2016 Microsoft Dynamics NAV Windows Client Requirements
NETWRIX EVENT LOG MANAGER QUICK-START GUIDE FOR THE ENTERPRISE EDITION Product Version: 4.0 July/2012. Legal Notice The information in this publication is furnished for information use only, and does not
BlackBerry Enterprise Server Express for Microsoft Exchange Version: 5.0 Service Pack: 1 Installation and Configuration Guide Published: 2010-03-17 SWD-984521-0317024918-001 Contents 1 Overview: BlackBerry