Seagate ST500LM020 Guia do Utilizador descarregar pdf (Página 61)

Self-Encrypting Drive Management | Wave Systems Corp.  2012

ESC 2.9.5 Client Manual

Smart Card to SED - Auto-enrollment and Auto-provisioning

A policy may be set remotely by the ERAS Administrator that will automatically enroll the smart card to

the drive. The enrollment will occur after the user signs onto Windows with a valid smart card. In

addition, the user may or may not need to be provisioned to the drive by ERAS – this is also determined

remotely by policy. An example use case could be:

1. The IT staff deliver an unlocked but managed computer and a valid smart card to the end user

2. The end user turns on the computer, but does not need to unlock the drive

3. The end user uses the smart card to sign-on to Windows

4. The policies set remotely by the administrator automatically enroll the smart card, and then lock

the drive

5. The end user shuts down the computer, the computer is now locked

6. The user boots the computer, and must use their smart card and pin to unlock the drive

Hibernate and Sleep/Standby

Windows does not natively support sleep/standby (S3) on an SED. When Windows enters

Sleep/Standby, the SED is powered down and cannot resume. For the best security, Wave recommends

the usage of Hibernate instead. Upon resume from Hibernate, authentication will be required.

ESC includes a feature to enable Windows to resume from Sleep/Standby even when the SED is locked.

This feature is only enabled if the following conditions are met:

• The computer is running Windows 7

• S3 drivers are installed. These are installed by ESC unless omitted

• The Enable S3 support for SED policy, that ships with ERAS, is set.

If using the Sleep/Standby feature on the SED, authentication will not be

required on resume from Sleep/Standby. Using Hibernation instead will

enhance security and require authentication.

1 2 ... 56 57 58 59 60 61 62 63

Sem comentários

Seagate ST500LM020 Guia do Utilizador Página 61