DigitalPersona Pro Enterprise



Similar documents
DigitalPersona Pro. Password Manager. Version 5.x. Application Guide

Administrator Guide. DigitalPersona Pro. for Active Directory. Version 4.0

DigitalPersona, Inc. Altus AUTH SDK. Version 1.1. Developer Guide

DigitalPersona Pro Enterprise

DigitalPersona. Password Manager Pro. Version 5.0. Administrator Guide

Two-factor authentication Free portable encryption for USB drive Hardware disk encryption Face recognition logon

VMware AlwaysOn Point of Care Desktop. with Indigo Identityware software for Fast Access & Strong Authentication with Roaming Desktops

DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication

One Touch for Windows SDK Java Edition

DigitalPersona. Password Manager. Version 5.x. Application Guide

DriveLock and Windows 7

Smart Card Two Factor Authentication

General Hardware Requirements Workstation Requirements Application / Database Server Requirements Storage Requirements...

Infor Web UI Sizing and Deployment for a Thin Client Solution

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

FileMaker Pro 13. Using a Remote Desktop Connection with FileMaker Pro 13

Windows BitLocker Drive Encryption Step-by-Step Guide

Maximize your Remote Desktop Services

FileMaker Pro 12. Using a Remote Desktop Connection with FileMaker Pro 12

IBM Client Security Solutions. Client Security User's Guide

Check Point FDE integration with Digipass Key devices

NETWRIX IDENTITY MANAGEMENT SUITE

Windows Embedded Compact 7: RemoteFX and Remote Experience Thin Client Integration

Remote Desktop solutions. CAS genesisworld with Remote Desktop solutions

Two-Factor Authentication

A Guide to New Features in Propalms OneGate 4.0

Technical Certificates Overview

ViPNet ThinClient 3.3. Quick Start

High Availability Setup Guide

USING GENIE REMOTELY

BlackShield ID Agent for Terminal Services Web and Remote Desktop Web

Xcalibur Global Version 1.2 Installation Guide Document Version 3.0

DriveLock and Windows 8

RSA Authentication Agent 7.2 for Microsoft Windows Installation and Administration Guide

Dell SonicWALL SRA 7.5 Citrix Access

Strong Authentication for Microsoft TS Web / RD Web

New Security Features

Oracle Enterprise Manager. Description. Versions Supported

RSA Authentication Agent 7.1 for Microsoft Windows Installation and Administration Guide

XyLoc Windows7 Client Release Notes

HP ProtectTools. Getting Started

Citrix Access on SonicWALL SSL VPN

Oracle Enterprise Single Sign-on Logon Manager. Installation and Setup Guide Release E

Oracle Enterprise Manager. Description. Versions Supported. Prerequisites

StarWind iscsi SAN Software: Tape Drives Using StarWind and Symantec Backup Exec

Quick Install Guide - Safe AutoLogon For First-time Users - Installing and Running the Software. Published: February 2013 Software version: 5.

Sophos SafeGuard Disk Encryption, Sophos SafeGuard Easy Demo guide

Implementing and Managing Microsoft Desktop Virtualization en

Chapter 1, OneSign Authentication Methods Chapter 2, Two-Factor Authentication in OneSign Chapter 3, Emergency Access Privileges

DigitalPersona, Inc. Creating the authentication infrastructure for a digital world.

Proof of Concept Guide

CRYPTOLogon Agent. for Windows Domain Logon Authentication. Deployment Guide. Copyright , CRYPTOCard Corporation, All Rights Reserved.

Agent Configuration Guide

BlackBerry Web Desktop Manager. Version: 5.0 Service Pack: 4. User Guide

Microsoft and Citrix: Joint Virtual Desktop Infrastructure (VDI) Offering

DigitalPersona Privacy Manager Pro

Preparing Your Network for an MDsuite Installation

CMB 207 1I Citrix XenApp and XenDesktop Fast Track

A Nemaris Company. Formal Privacy & Security Assessment For Surgimap version and higher

Printing and Imaging Support on HP Compaq Thin Clients

ACER ProShield. Table of Contents

Connection Broker Managing User Connections to Workstations and Blades, OpenStack Clouds, VDI, and More

Networking Best Practices Guide. Version 6.5

Oracle Virtual Desktop Client. Release Notes for Release 3.2

BlackBerry Enterprise Server. BlackBerry Administration Service Roles and Permissions Version: 5.0 Service Pack: 4.

Windows Server ,500-user pooled VDI deployment guide

Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009

2XApplication Server XG v10.1

Symantec Backup Exec TM 11d for Windows Servers. Quick Installation Guide

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

SC-T35/SC-T45/SC-T46/SC-T47 ViewSonic Device Manager User Guide

Citrix XenDesktop Administrator s Guide. Citrix XenDesktop 3.0 Citrix XenDesktop

Quick Start Guide. For Thick and/or Thin Client Environments. Released: February 2012

How To Use A Citrix Netscaler Thin Client V (Windows) With A Citirix Vpn Desktop (Windows 10) With An Ipad Or Ipad (Windows 8) With Vpn

2X ApplicationServer & LoadBalancer & VirtualDesktopServer Manual

Citrix XenApp 6 Fundamentals Edition for Windows Server 2008 R2 Administrator's Guide

Oracle Enterprise Manager

DigitalPersona Pro Server for Active Directory v4.x Quick Start Installation Guide

White paper December IBM Tivoli Access Manager for Enterprise Single Sign-On: An overview

DIGIPASS CertiID. Getting Started 3.1.0

Implementing and Managing Microsoft Desktop Virtualization

VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide

How to Configure NetScaler Gateway 10.5 to use with StoreFront 2.6 and XenDesktop 7.6.

Oracle Virtual Desktop Client for Android. Release Notes for Release 1.2

2X ApplicationServer & LoadBalancer Manual

Configuration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Internet Information Services (IIS)

VERITAS Backup Exec TM 10.0 for Windows Servers

Citrix Desktop Virtualization Fast Track

Entrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.

BES10 Self-Service. Version: User Guide

Omniquad Exchange Archiving

Integrated Citrix Servers

NetIQ Advanced Authentication Framework

VMware Virtual Desktop Manager User Authentication Guide

HELP DOCUMENTATION E-SSOM INSTALLATION GUIDE

Table Of Contents. - Microsoft Windows - WINDOWS XP - IMPLEMENTING & SUPPORTING MICROSOFT WINDOWS XP PROFESSIONAL...10

Transcription:

DigitalPersona Pro Enterprise Version 5.3 Frequently Asked Questions

2012 DigitalPersona, Inc. All Rights Reserved. All intellectual property rights in the DigitalPersona software, firmware, hardware and documentation included with or described in this guide are owned by DigitalPersona or its suppliers and are protected by United States copyright laws, other applicable copyright laws, and international treaty provisions. DigitalPersona and its suppliers retain all rights not expressly granted. U.are.U and DigitalPersona are trademarks of DigitalPersona, Inc. registered in the United States and other countries. Windows, Windows Server 2003/2008, Windows Vista, Windows 7 and Windows XP are registered trademarks of Microsoft Corporation. All other trademarks are the property of their respective owners. This DigitalPersona Pro Enterprise FAQ and the software it describes are furnished under license as set forth in the License Agreement screen that is shown during the installation process. Except as permitted by such license, no part of this document may be reproduced, stored, transmitted and translated, in any form and by any means, without the prior written consent of DigitalPersona. The contents of this document are furnished for informational use only and are subject to change without notice. Any mention of third-party companies and products is for demonstration purposes only and constitutes neither an endorsement nor a recommendation. DigitalPersona assumes no responsibility with regard to the performance or use of these third-party products. DigitalPersona makes every effort to ensure the accuracy of its documentation and assumes no responsibility or liability for any errors or inaccuracies that may appear in it. Feedback Although the information in this guide has been thoroughly reviewed and tested, we welcome your feedback on any errors, omissions, or suggestions for future improvements. Please contact us at TechSupport@digitalpersona.com or DigitalPersona, Inc. 720 Bay Road Suite 100 Redwood City, CA 94063 USA Document Revised: 5/13/2012 (5.3.3) DigitalPersona Pro Enterprise FAQ v5.3 Page 2

Contents Introduction... 4 Do DigitalPersona Enterprise Products Store Fingerprints?... 4 Where are DigitalPersona Enterprise Fingerprint Templates Stored?... 4 How does DigitalPersona Pro Enterprise Licensing Work?... 5 What is the Pro Enterprise License Activation Manager?... 5 How are DigitalPersona Pro Enterprise Licenses Activated?... 5 What is a DigitalPersona Pro Enterprise Server (user) License and why do I need it?... 6 What is a DigitalPersona Pro Enterprise Workstation License and why do I need it?... 6 What is DigitalPersona Pro Kiosk?... 6 What is a DigitalPersona Pro ID Server?... 7 How do Password Manager and Password Manager Pro differ?... 7 Can I use Password Manager Pro to create templates on a Pro Kiosk client?... 7 What devices/factors can DigitalPersona Pro Enterprise use to authenticate users?... 8 Which 3 rd Party Fingerprint Readers are Supported by DigitalPersona Pro Enterprise?... 9 Does DigitalPersona Pro Enterprise support IOS, Android, Windows Mobile or Linux clients?... 9 How can I use my fingerprints in a remote session?... 9 What is USB Virtualization and is it Supported?... 9 Which Web Browsers are Supported by DigitalPersona Pro Enterprise?... 10 With which Citrix products is DigitalPersona Enterprise officially compatible?... 11 What is the best way to contact DigitalPersona Technical Support?... 11 DigitalPersona Pro Enterprise FAQ v5.3 Page 3

DigitalPersona Pro Enterprise FAQ Introduction This document provides the administrator with answers to frequently asked questions regarding the DigitalPersona Pro Enterprise 5.3 release. If you are in need of product information pertaining to earlier DigitalPersona Pro Enterprise releases, please consult the reference section of the DigitalPersona website at http://www.digitalpersona.com/support/reference-material/pro-upgrade-notes/. Do DigitalPersona Enterprise Products Store Fingerprints? No, DigitalPersona Enterprise software never stores fingerprint images. DigitalPersona software creates a fingerprint template - which is a highly compressed and digitally encoded mathematical representation of fingerprint features. The fingerprint template is created when a user enrolls a finger and it is stored in an encrypted fashion. When the user later touches the fingerprint reader to authenticate, a newly captured template is created and compared to the previously 'enrolled' template. If there is a match, the authentication is successful. Templates are created with a proprietary algorithm that works much like a password 'hash' algorithm. It is a one-way conversion (i.e. fingerprint image fingerprint template) that cannot be reversed. This means that fingerprint templates cannot be used to recreate the fingerprint image. It should also be noted that only enrolled fingerprint templates are stored. Where are DigitalPersona Enterprise Fingerprint Templates Stored? DigitalPersona fingerprint templates are stored for reference in the fingerprint Data Storage Subsystem. Each fingerprint template is associated with the user who enrolls their finger. Fingerprint Templates may be stored within a fingerprint Capture Device, on a portable medium such as a smart card, in a local database on a DigitalPersona Pro Enterprise client or DigitalPersona Pro Enterprise FAQ v5.3 Page 4

in Active Directory on a DigitalPersona Pro Enterprise 5.3 Server. When DigitalPersona Pro Enterprise workstation is working in standalone mode, fingerprint templates are hashed and stored in the registry. In a DigitalPersona Pro Enterprise 5.3 Server deployment, fingerprints are stored centrally in Active Directory to facilitate user roaming. How does DigitalPersona Pro Enterprise Licensing Work? The DigitalPersona Pro package you purchased may require that you activate a license for one or more of the modules that are part of DigitalPersona Pro Enterprise. Each module will require its own unique license key and each module will require activation. After completing your purchase, you should have received from DigitalPersona or from a DigitalPersona authorized reseller all of the license activation keys required to activate the modules that will comprise your DigitalPersona Pro Enterprise deployment. Client, Server (user) and feature licenses may be distributed through Active Directory (as opposed to manually inputting each module license on each client) using the License Activation Manager, however the actual activation will be initiated by the module itself and therefore each client PC where the module is installed will require internet access. What is the Pro Enterprise License Activation Manager? The DigitalPersona Enterprise License Activation Manager is a component of the DigitalPersona Enterprise Administration Tools suite. The DigitalPersona Enterprise License Activation Manager is used to input Pro Server (user), Pro Client (computer) and feature licenses into Active Directory for distribution via Group Policy to DigitalPersona Enterprise modules for activation. How are DigitalPersona Pro Enterprise Licenses Activated? DigitalPersona Enterprise modules can acquire licenses from Active Directory or they can be inputted manually via the About Dialog box on the computer where they are installed. Once the module has acquired the license information, the module will then attempt to activate the license. When activating a license, the module will require access to URL: https://solo.digitalpersona.com. If the module attempting to activate its license does not have access to this URL, activation will fail. DigitalPersona Pro Enterprise FAQ v5.3 Page 5

What is a DigitalPersona Pro Enterprise Server (user) License and why do I need it? Once activated, the DigitalPersona Pro Server (user) license allows users to store fingerprints and other credential data in Active Directory. Storing user fingerprints and other credential data in centrally Active Directory allows users to roam from one DigitalPersona client to another. What is a DigitalPersona Pro Enterprise Workstation License and why do I need it? Whether manually entered or acquired via group policy, DigitalPersona Pro Enterprise clients must be activated to enable DigitalPersona client functionality. Once activated, the DigitalPersona Pro client license allows users to enroll fingerprints, create and manage personal logons, interact with licensed DigitalPersona servers and much more. What is DigitalPersona Pro Kiosk? DigitalPersona Pro Kiosk for Enterprise is a client application specifically designed for environments where users need fast, convenient and secure multi-factor application authentication installed on Windows clients that are shared by multiple users. Examples of such scenarios would be time clocks, shared nurse s stations in hospitals and bank teller workstations. After a user has been authenticated by Active Directory (using a fingerprint, smart card or Windows Password), the DigitalPersona Pro Kiosk client logs on to Windows using a predefined shared Windows account. This shared Kiosk account must be created specifically for Kiosk use. The Kiosk shared account and its credentials are then detailed in Active Directory and distributed to Kiosk clients via group policy. DigitalPersona Pro Kiosk client requires the use of DigitalPersona ID Server. DigitalPersona ID Server is activated via Group Policy. For additional information, please consult the DigitalPersona Pro Administrator s Guide. DigitalPersona Pro Enterprise FAQ v5.3 Page 6

What is a DigitalPersona Pro ID Server? Activated via Group Policy, DigitalPersona Pro ID Server uses the Biometric Authentication service to quickly identify and authenticate users. DigitalPersona Pro ID Server performs quick user identification by loading enrolled fingerprint templates stored in Active Directory into RAM at regular intervals and when a user attempts to authenticate, DigitalPersona Pro ID Server quickly compares the fingerprint templates in RAM to those of the user attempting to authenticate. If a match is found, the user is authenticated. How do Password Manager and Password Manager Pro differ? Password Manager is a security application included with Pro Enterprise clients that allows users to create their own personal logons for programs and websites, in addition to using managed logons created through the Password Manager Pro application. Password Manager personal logons are managed and stored on the PC where they are created and do not roam. Furthermore, users must backup and restore their own Password Manager personal logons. Password Manager Pro is an optional management application that plugs into the Administrative Console of compatible Enterprise workstation clients to enable the creation, administration and management of logons for password-protected software programs and websites. Administrators use the Password Manager Pro application to create managed logons by specifying information for program and website logon screens. The logon screen requirements are then saved in the form of a template. The location of these templates and their use are governed by settings specified in Group Policy. Can I use Password Manager Pro to create templates on a Pro Kiosk client? The Password Manager Pro application allows Administrators to create managed logons for Pro Enterprise clients including DigitalPersona Pro Kiosk for Enterprise. Due to the nature of the shared Windows logon for DigitalPersona Pro Enterprise Kiosk, you must use DigitalPersona Pro Enterprise Workstation client to create managed logons using Password Manager Pro. DigitalPersona Pro Enterprise FAQ v5.3 Page 7

What devices/factors can DigitalPersona Pro Enterprise use to authenticate users? DigitalPersona Pro for Enterprise can use a wide variety of devices and factors to authenticate users including: Supported Primary credentials include: Fingerprints Smart Cards and Contactless Cards Windows Passwords Facial Recognition NOTE: While Facial Recognition is a Primary credential, it cannot be the sole factor used in a Windows logon authentication policy. If Facial Recognition is a factor available in your Windows logon authentication policy, an alternate Primary credential must be available as well. DigitalPersona Pro for Enterprise also supports Secondary credentials. Secondary credentials are authentication factors that must be paired with a primary credential (see list above). Supported Secondary credentials include: Proximity Cards PIN Bluetooth DigitalPersona Pro Enterprise can also use a combination of these authentication methodologies to provide increased security. Furthermore, DigitalPersona clients can be configured to require one set of credentials for Windows logon and a separate set of credentials for Session logons. Session logons use Password Manager and Password Manager Pro logons to facilitate authentication for Windows programs and websites. NOTE: Bluetooth credentials and Facial Recognition scenes are not stored centrally in Active Directory. Therefore, Bluetooth credentials and Facial Recognition scenes must be enrolled on each client PC where they will be used. DigitalPersona Pro Enterprise FAQ v5.3 Page 8

Which 3 rd Party Fingerprint Readers are Supported by DigitalPersona Pro Enterprise? DigitalPersona Pro Enterprise clients support a variety of 3 rd party readers manufacturers include: Authentec Broadcom USH Validity UPEK For information regarding compatibility of specific reader models, please contact your DigitalPersona account representative. Does DigitalPersona Pro Enterprise support IOS, Android, Windows Mobile or Linux clients? At this time, DigitalPersona Pro Enterprise does not support IOS, Android clients, Windows Mobile or Linux. Please consult your DigitalPersona Account Manager or DigitalPersona authorized reseller for future developments in this area. How can I use my fingerprints in a remote session? Activated by Group Policy, Fingerprint Data Redirection is a DigitalPersona Pro Enterprise client feature that allows a fingerprint scanned by fingerprint reader connected to a host to be used in Remote Desktop\ Terminal Services Session or with supported Citrix products. Fingerprint Data Redirection requires that DigitalPersona Enterprise client be installed on both the host and remote PC. It should also be noted that Zero clients and SSL VPN are not supported. What is USB Virtualization and is it Supported? Regretfully, at this writing, USB Virtualization is not supported by DigitalPersona fingerprint readers. With regard to DigitalPersona Enterprise products, USB Virtualization (often called USB pass through) typically refers to an advanced form of hardware virtualization used in conjunction with virtual desktop infrastructure (VDI) hosted thin client computers. (cont) DigitalPersona Pro Enterprise FAQ v5.3 Page 9

Rather than directly interacting with a Windows host computer via a keyboard, mouse and monitor connected to it, VDI allows a user to interact with a host computer over a network connection (such as a LAN, Wireless LAN or even the Internet) using a thin client. Typically, the host computer in this scenario is a server computer capable of hosting multiple virtual machines at the same time for multiple users. Along with the keyboard, mouse and monitor, VDI supports the virtualization of other USB connected devices such as flash drives, USB printers, USB software dongles, webcams, etc. Again, at this writing, USB Virtualization is not supported by DigitalPersona fingerprint readers. Which Web Browsers are Supported by DigitalPersona Pro Enterprise? Pro client to Supported Web Browser Table Supported in version IE 9 IE 8 IE 7 IE 6 Chrome (v18) FF9 to 12 FF5 to 8 FF3.6 to 4 5.3.0 X X X X X X X - 5.2.x X X X X - - X X 5.1.x X X X X - - - X 5.0.1 - X X X - - - X 5.0.0 - X X X - - - - 4.4.0 and higher - X X X - - - - 4.3.0 and higher - - X X - - - - Prior to 4.3.0 - - X X - - - - DigitalPersona Pro Enterprise FAQ v5.3 Page 10

With which Citrix products is DigitalPersona Enterprise officially compatible? Using the Fingerprint Data Redirection feature, DigitalPersona Pro Enterprise provides support for contactless cards, proximity cards as well as fingerprints in sessions hosted by compatible Citrix products. Using Fingerprint Data Redirection, once a remote session has been established using a compatible Citrix client, DigitalPersona client can redirect fingerprint or card data captured by the local host to the remote Citrix session. This also includes support for locking and unlocking the remote Citrix session. Pro Supported in version Citrix Online Plugin/ ICA client Citrix Receiver XenApp/Presentation Server XenDesktop 5.3.0 11, 12 3.1.0, 3.2.0 6.5.0 NO 5.2.x Unofficially Supported Unofficially Supported Unofficially Supported NO 5.1.x Unofficially Supported Unofficially Supported Unofficially Supported NO 5.0.1 Unofficially Supported Unofficially Supported Unofficially Supported NO 5.0.0 Unofficially Supported Unofficially Supported Unofficially Supported NO 4.4.0 and higher 10,11 NO 4.x NO 4.3.0 and higher 10,11 NO 4.x NO Prior to 4.3.0 NO NO NO NO Note: While Citrix products were Unofficially Supported in earlier Pro Enterprise releases, anecdotal evidence of compatibility has been provided. While customers may have successfully deployed DigitalPersona for authentication of Citrix hosted applications, DigitalPersona will not offer support for Citrix related bugs or unexpected behaviors reported against releases preceding Pro Enterprise 5.3. What is the best way to contact DigitalPersona Technical Support? You can reach DigitalPersona s Technical Support department by completing a support request form at http://www.digitalpersona.com/support/overview/. Technical Support requires an active Maintenance and Support subscription (M&S). If you are in need of M&S, please contact sales@digitalpersona.com for information & pricing for our Maintenance & Support plans. DigitalPersona Pro Enterprise FAQ v5.3 Page 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information