Proxlogon User's Manual Network Providers

Overview ProxLogon is a smart tool of secure authentication for user logon specially designed for Windows® NT/2000/XP operating systems using Contactless Smart Card technology yet keeping the original logon model. The Contactless Smart Card can store all the passwords involved to avoid the hassle of memorizing them and the risk of password being deciphered to further ensure the information security of the system.

How it works Winlogon is a component of the Microsoft® Windows NT®/Windows® 2000/Windows® XP operating system that provides interactive logon support. It is designed around an interactive logon model that consists of three components (as shown in the following illustration): the Winlogon executable program, a Graphical Identification aNd Authentication dynamic-link library (DLL)—referred to as the GINA—and any number of ProxLogon User's Manual network providers. Winlogon handles interface functions that are independent of authentication policy.

Winlogon.EXE GINA Network Network Network (ProxGINA) Provider Provider Provider The GINA is a replaceable DLL component that is loaded by Winlogon. The GINA implements the authentication policy of the interactive logon model, and is expected to perform all identification and authentication user interactions. For example, replacement GINA DLLs can implement smart-card, retinal-scan, or other authentication mechanisms in place of the standard Windows NT/Windows 2000 user name and password authentication.

In other words, ProxGINA is a contactless-card-reader driver based on Microsoft® GINA concept enabling the Windows operating system to accept the User Card issued by ProxLogon for identification and logon operations via the existing Winlogon authentication mechanism.

Features: Mifare® Read/Write Device: z Authentication of a user on a computer via z Read/Write Method: Contact-less his/her card. z Frequency: 13.56MHz z Authentication of a user on a computer via the z Cryptography Algorithm: 3DES (Key Protected) traditional logon/password. z Speed: in 0.5 second. z Hot-Key into lock mode when user was logon. z Interface: PCR310U (USB) / PCR310R (RS232) z Hot-Key privacy protection. z Support Microsoft® Active DirectoryTM Service to System Requirements add a user or delete a user. z Windows® NT 4.0 with SP6a and later z All other functions offered by Microsoft® 's z Windows® 2000 with SP4 and later. original GINA. z Windows® XP with SP1 and later. z Windows® 2003 Server 1 2 Install ProxGINA Quick issue of user’s own card ProxGINA: Prox Graphical Identification aNd Authentication is the core authentication program for ProxGINA has also the function of issuing the card and changing the password.: Contactless Smart Card identification. Note: ProxGINA does not provide un-installation function. Just Step 1: Get a New Card remove the reader PCR310 when it is not required. First of all, get a new card and make sure that Windows is in Logoff Insert ProxLogon CD into CD-ROM to auto-run the installation list. mode. Insert this new card to PCR310 and log on to the system manually by pressing [Alt]+[Ctrl]+[Delete].

Step 2: Start to Issue the Card for Logon User When the manual logon is successful (see left picture), a

message banner pops up to ask if a 1. Plug in PCR310U (USB) Reader and install the USB Driver in the ProxLogon CD. new card is to be issued. Click 2. Install ProxGINA to the workstation and restart the computer. [Yes] to write the user info to the

card. Then user can use this ProxGINA System Requirements: issued card for future logon. Windows® NT 4.0 with SP6 and later (Use PCR310R RS232 only)

Windows® 2000 with SP4 and later.

Windows® XP with SP1 and later.

Windows® 2003 Server Step 3: Change Password Windows provides the function of changing password and ProxGINA is synchronized with it. Therefore, changing the password on Windows will change the password on card too. After Logon, press [Alt]+[Ctrl]+[Delete] and Windows Security banner will pop up. Click [Change Password…] for password change.

3 4 Use the ProxLogon Card on Computers with ProxGINA Step 4: Input New Password Make sure that both ProxGINA program and PCR310 reader have been well installed and connected. Step 1: Welcome to Windows When the user logs on with the If ProxGINA is installed, the card, ProxGINA will auto fill in the computer will auto-scan the Old Password (Current Password). existence of PCR310 during Then input the new password to Windows Startup. If PCR310 is both columns of “New Password” detected, ProxGINA will change the and “Confirm New Password”. Banner from Windows to Click [OK] to change the password; ProxLogon. and the password on card will be changed accordingly.

Note: If the card is of Random password, change the password Step 2: Log on to Windows is not allowed by the system. Insert a ProxLogon card to PCR310 ProxLogon card and ProxGINA will log on to will load the Windows operating system relevant logon automatically. info for you automatically.

Step 3: Lock the computer After logon, click the Hot-Key on PCR310 to force your computer into lock mode. You can remove the ProxLogon card yet remain all tasks in

Windows.

Step 4: Unlock the computer Inserting Click the Hot-Key again to unlock ProxLogon card the computer if the card is not will unlock the removed; or insert the card to system PCR310 reader again to unlock the automatically. computer if the card has been removed.

5 6 ProxLogon Maximum Security Settings Step 5: Log off Windows Setting the ProxLogon actions for “Logon Action” , “Card Remove” and “Hot-Key” . Windows starts executing User It takes a while Logoff when ProxLogon card is to finish relevant Step 1: Open Control Panel and removed from PCR310 reader. operations for run the “ProxGINA Settings” Logoff. applet

Step 6: End Open Control Panel and After Logoff, Banner of Welcome to Double-Click the “ProxGINA Windows pops up. Settings” Icon.

Remark: For WindowsXP, you need to switch to “Classic View” mode.

Remarks:

1. PCR310 Hot-Key is a speedy key to lock the computer. After logon, simply click the Hot-Key to enter the

lock mode.

2. PCR310 Hot-Key can be also used as a Privacy Key to instantly hide the monitor screen to protect your

privacy.

3. Removing the ProxLogon card from PCR310 reader will log off Windows automatically. If you

just want to leave your computer temporarily, click the PCR310 Hot-Key first to enter the lock Step 2: Setting the “Logon mode and then take the ProxLogon card away with you, this will put the computer in lock mode Action” and you may insert the card to unlock the computer when you come back.

4. When PCR310 Reader is not connected with computer, the logon operation is like the original manual 1. Logon with card or keyboard one. 2. Logon with card only 5. Microsoft® Windows will ask you when any tasks not ready to save before logoff user. 3. Logon with keyboard only

If select “Logon with card only”, the

Windows system is accepted card

input only.

7 8 Summary: Step 3: Setting the “Card Remove” Action 1. Hot-Key and Card Remove/Insert Actions Table:

Actions When card is removed then System Hot-Key Press Card Remove Card Insert 1. Logoff User Mode 2. Shutdown System Log Off Logon, If card on the No Reaction Logon 3. Ask Me reader.

Log On Optional: Optional : No Reaction

1. Lock System 1. Logoff User

2. Suspend System 2. Shutdown

3. Ask Me Remark: Lock Unlock, If card on reader. No Reaction Unlock If select “Ask Me”, Windows will show the “Shut Down Windows” to 2. Lock or Suspend is keeping all tasks in system, all tasks will resume when Unlock or Wakeup system. ask you “What do you want the 3. When Logoff or Shutdown, system will close all tasks and in the mean time system will ask user whether compute to do?” when card is to save running task data or not. removed.

You can select as below : 1.Log off User : Log off current user 2.Shut down : Shut down the computer 3.Reset : Reboot the computer 4.Stand by : Go to sleep and keep all tasks in memory. 5.Hibernating : Go to sleep and keep all tasks in disk then power off.

Step 4: Setting the “Hot-Key” Action

When Hot-Key press then 1. Lock System 2. Suspend System

If select “Suspend System”, the Windows system will lock and sleep when Hot-Key is pressed.

9 10

PROMAG® GIGA-TMS INC. http://www.gigatms.com.tw mailto:[email protected] TEL : +886-2-26954214 FAX : +886-2-26954213 Office: 8F, No. 31,Lane 169, Kang-Ning St.,Hsi-Chih, Taipei, Taiwan