Manualshelf

Specifications

ManualsBrandsMcafee ManualsOtherOFFICE 3.1
101102103104105106107108109110
Tokens
| 105
Also, for smart cards with certificates, you may want to try the Generic PKI token
module available. Please see information below.
With certificates (PKI)
If user digital certificates are used for authentication, it requires the use of a Endpoint
Encryption Connector that imports the user certificates to the Endpoint Encryption
database from an external certificate repository and associates them with each
Endpoint Encryption user accordingly. Observe, as a side note, that the user group
containing the users must be a non-controlled group and with the password token
selected in order for the Connector to successfully set the user certificate as the token
to use. For more information about setting up Connectors and importing user digital
certificates, please consult the Endpoint Encryption Manager Administration Guide.
When properly configured, the users can use the certificates on the supported smart
card to authenticate to Endpoint Encryption for Files and Folders.
Without certificates
The smart card authentication tokens can also be used without digital certificates. If
so, each card must pass a Endpoint Encryption Manager for proper configuration. Also,
each user must be set to use the corresponding smart card for authentication.
Generic PKI token
The last added token support to Endpoint Encryption for Files and Folders is the
Generic PKI token module. The aim of this is to make the Endpoint Encryption for Files
and Folders (and Management Centre) logon independent of whatever smart card is
used, i.e. any smart card with a valid certificate can be used without any dedicated
scripts or driver files.
However, the following criteria must all be met in order to have the Generic PKI token
working:
Microsoft compliance
The certificates used together with the Generic PKI token need to be Microsoft
compliant. Microsoft compliant certificates can be used for e.g. Windows smart card
logon. If the certificate is not Microsoft compliant it will not work with the Generic PKI
token.
Certificates in Endpoint Encryption database
The certificates must also be imported into the Endpoint Encryption database and
assigned to each Endpoint Encryption user that will use the Generic PKI token as the
authentication token to use. For certificate import from MS Active Directory, the