Академический Документы
Профессиональный Документы
Культура Документы
ED2
EP2703830EZ01
ED.1
EP830E
EP2703830EZ01
CLASSIFICATION
USER GUIDE
SECURE MULTILEVEL SYSTEM
16/06/09
1/119
EDITIONS AND MODIFICATIONS
EP2703830EZ01 16/06/09
ED2 2/119
INDEX
1. OBJECT ....................................................................................................................... 8
1.1. DOCUMENT CONTENT ..................................................................................................... 8
4. INSTALLATION.......................................................................................................... 25
5. OPERATION............................................................................................................... 38
5.1. USUAL SYSTEM STARTUP..............................................................................................38
EP2703830EZ01 16/06/09
ED2 3/119
5.2.2.3. Hard Disk Management.............................................................................................54
5.2.4. Events 74
5.2.5. System 82
EP2703830EZ01 16/06/09
ED2 4/119
8.2.1. CD/DVD Management .................................................................................................115
8.2.2. CD Burning..................................................................................................................115
8.6. BLUETOOTH...................................................................................................................117
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
EP2703830EZ01 16/06/09
ED2 5/119
FIGURE INDEX
EP2703830EZ01 16/06/09
ED2 6/119
Figure 42 – Add new user.................................................................................................................69
Figure 43 – Add a new user with EP830E authentication mode.........................................................69
Figure 44 – User Global Parameters.................................................................................................71
Figure 45 – Change authentication parameters window ....................................................................71
Figure 46 – Virtual machine permissions ..........................................................................................73
Figure 47 – Delete User ...................................................................................................................73
Figure 48 – Events ...........................................................................................................................78
Figure 49 – Event sending configuration...........................................................................................79
Figure 50 – Event Export completed.................................................................................................81
Figure 51 – Reaching event storage limit ..........................................................................................82
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
EP2703830EZ01 16/06/09
ED2 7/119
1. OBJECT
This user guide is addressed to every system user and describes the full
permission operation mode, including permissions related to the plain virtual
machine operation functionality as well as permissions related to administration
operations.
This user guide applies to the software version 81.89.90.75 of EP830E and
version 32.88 of EP43).
EP2703830EZ01 16/06/09
ED2 8/119
2. APPLICABLE DOCUMENTS AND REGULATIONS
Do Not Apply
Do Not Apply
EP2703830EZ01 16/06/09
ED2 9/119
3. SYSTEM DESCRIPTION
The application is loaded from the EP43 as the PC boots and allows the
presentation of several virtual machines where the user may load standard
operating systems like Windows or Linux.
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
Each virtual machine has its hard disk or its own independent partition on the
hard disk. When the virtual machine is running, it uses the PC resources without
any information leakage from / to other virtual machines. The system works as if
there were several independent PCs and allows the connection of up to three
independent Ethernet networks.
Main functionalities that the system, and more concretely the EP43 device,
provides are:
EP2703830EZ01 16/06/09
ED2 10/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
The association or pairing set during the installation between the PC and the
EP43 implies that if the EP43 is replaced by another device during the start up
sequence, it will not be possible neither to access the disks of the virtual
1 It is out of the scope of this user guide to describe how to install the operating systems that the
user decides to load on each virtual machine.
EP2703830EZ01 16/06/09
ED2 11/119
machines nor to introduce any kind of software which could attempt against the
security of the system. However, it is possible to use the PC and load programs if
there is available space on the hard disk. The association between EP43 and SD
guarantees that it is not possible to start up the Multilevel System with an SD
belonging to another Multilevel System.
example, first installation and configuration of each virtual machine) and users
related operations (basically, use virtual machines once they have been already
configured).
REMARK
Externally, the EP43 device has the following elements on its top side:
EP2703830EZ01 16/06/09
ED2 12/119
· Graphic monochrome display to inform permanently of device
status.
EP2703830EZ01 16/06/09
ED2 13/119
On the rear side:
Internally:
Different kind of information and symbols shown on the EP43 display, reveal
different states of the device. There are four display areas:
EP2703830EZ01 16/06/09
ED2 14/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
The date, hour and internal temperature are shown at the top left corner.
When the EP43 is at the start up stage, a sequence of numbers from 1 to 5
appears below the hour to indicate de start up progress.
Different information regarding the EP43 is shown at the top right corner.
There are different possible symbols:
SYMBOL MEANING
SD memory inserted
No user authenticated
User authenticated
EP2703830EZ01 16/06/09
ED2 15/119
SYMBOL MEANING
Battery loaded
Loading Battery
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
Low Battery
No Battery
A bigger symbol regarding the general state of the EP43 is shown at the left
down corner.
The symbol used to demarcate the drawing has a meaning about the
severity level of the information:
SYMBOL MEANING
EP2703830EZ01 16/06/09
ED2 16/119
SYMBOL MEANING
is restored to default configuration.
EP2703830EZ01 16/06/09
ED2 17/119
SYMBOL MEANING
The right down corner is used to show messages provided by the EP43
while system operation: i.e. name of the current authenticated user and name of
the virtual machine where this user is working.
3.3. PC DESCRIPTION
· 64 bit processor.
2 Depending on the number of virtual machines to install and the kind of operating systems to be
configured, more or less RAM memory will be required (Windows XP requires a minimum of 512
Mb to run with an acceptable level of performance).
EP2703830EZ01 16/06/09
ED2 18/119
3.4. SD’S GENERATION CENTRE
· The second one is printed with the ID number and also with the
PUK code. This sticker must be kept by the administration user,
who is the only one who must have access to the PUK code.
1. Level 1, low. The software does not ask for any kind of user
confirmation before performing a required action.
o Delete a user.
EP2703830EZ01 16/06/09
ED2 19/119
o Create a partition without having to clean it previously.
o Delete a user.
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
o Modify networks.
This level does not store the “URL” field, located in the windows
“Sending Events” or “Sending Partition”, to prevent a user who
does not know the access password to the remote server from
exporting partitions or events.
Following table shows the different security levels and their features:
Confirmation before importing an image partition from the remote server to a hard
NO YES YES
disk partition with data
EP2703830EZ01 16/06/09
ED2 20/119
ACTIONS LEVEL 1 LEVEL 2 LEVEL 3
Confirmation before attaching /detaching hard disk partitions with data to/from a
NO NO YES
virtual machine
Confirmation before user logging out if any virtual machine is running NO NO YES
Storage of “URL” field in windows “Sending events” or “Sending Partitions” YES YES NO
REMARK
At the highest security level (level 3), partitions are automatically cleaned on
“high security” mode without asking for user confirmation, when they are
reated.
Three different types of users may operate the Secure Multilevel System
EP830E:
EP2703830EZ01 16/06/09
ED2 21/119
Administration user does not have identification but it does have
authentication; in other words, it does not have an associated
user name. Its authentication code is called PUK (Personal
Unblocking Key).
o System installation
o Set date
o TAMPER recovery.
REMARK
· Default User:
Default User is the initial user of the system once it has been
installed or after default configuration has been loaded. By
default, this user has all the privileges to operate and manage
the system (see Table 2 – Permissions for the different types of
user).
EP2703830EZ01 16/06/09
ED2 22/119
Once authenticated, this user may configure the system:
REMARK
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
REMARK
In order to delete the default user, all privileges this user owns will have to
be previously assigned to another user or distributed among several users
(i.e. one user handles the user management, another user handles the
virtual machines, etc.).
· Authorized Users:
EP2703830EZ01 16/06/09
ED2 23/119
authentication is going to be made through the PC. In case the
authentication is going to be made through the EP43, the
password is numeric and is introduced selecting the digits, which
appear randomly on the display.
REMARK
EP2703830EZ01 16/06/09
ED2 24/119
4. INSTALLATION
4.1. UNPACKING
· Output: 5V 3A
EP2703830EZ01 16/06/09
ED2 25/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
4.2. CONNECTION
The device EP43 needs power supply with voltage of 110 / 220Vca with
50/60 Hz together with an external transformer working at 5V/3A D.C.
In order to proceed with the installation of a Secure Multilevel System, all the
system elements must be connected:
The connections to the different networks where the system is installed use
the zone 3 connectors (see Figure 5). These connections can be fixed once the
system is already installed.
EP2703830EZ01 16/06/09
ED2 26/119
REMARK
When the users of the different virtual machines / networks have different
reliability levels, the Multilevel System must be protected against potential
interchange of the cables connected to the different networks with different
security classification levels.
This protection can be made through the assignment of MAC addresses to
each virtual machine network and programming the switch of each local
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
This PUK code will only be necessary during the first installation, for future
firmware/software updates, to recover the system from a TAMPER situation, to
set date and hour or to set the default configuration settings. The only user who
must know the PUK code is the EP43 administration user.
REMARK
EP2703830EZ01 16/06/09
ED2 27/119
REMARK
In order to install the system, a SD memory with the correct boot software is
necessary. This SD must have been generated in the SD Generation
Centre. In the first installation, the SD will be associated to the EP43 and
the EP43 will be associated to the PC.
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
First of all, access the BIOS of the PC to be associated to the EP43 and
implement the following modifications:
· Configure the PC to only allow the local network boot. This is the
recommended option in the system usage security policy.
REMARK
REMARK
The PC must be reliable and must not have any malicious software in the
BIOS or other storage elements before beginning with the installation of the
system.
EP2703830EZ01 16/06/09
ED2 28/119
4.3.1.2. EP43 – SD Association
The EP43 is delivered from factory with no association with any SD or PC.
The administration user associates the EP43 and a SD (generated in the SD
Generation Centre) as well as the EP43 with the PC.
3. The EP43 administration user must insert the PUK code at this
moment. On the display appears a number, which changes
when the keys up and down are pressed on the EP43 navigation
keyboard. In order to validate each digit, the right key must be
pressed. To confirm the whole input, the central key must be
pressed. Each validated number is shown as an asterisk on the
display. If necessary, each validated digit can be deleted
pressing the left key.
EP2703830EZ01 16/06/09
ED2 29/119
To prevent the PUK code detection by listening the number of
clicks on the EP43 navigation keyboard, following procedure has
been implemented: The initial number appearing on the display,
which will be the starting value to select each PUK digit,
changes randomly, so the number of clicks is different each time
the PUK code is inserted.
REMARK
At the sixth wrong PUK attempt, the system blocks and it is necessary to
wait one hour until it is possible again to try another PUK. On the display
appears a message showing the hour when the system will be operative
again. This situation repeats with another blocking hour if there is another
wrong PUK attempt. And the same again with successive wrong PUK
attempts.
If the system is blocked, the EP43 does not respond to any other TAMPER
situation.
EP2703830EZ01 16/06/09
ED2 30/119
In order to select the different options of this menu, use the up
and down keys. To confirm the selection, press the central key.
device. The blinking cursor points out the digit that is going to
be modified. The value is changed using the up and down
keys and to confirm the digit, press the right key. To confirm
the complete modification, use the central key.
o Salir: (i.e. Quit) To quit the menu and continue with the start
up sequence.
5. At this stage, it is only necessary to set the date and hour. After
that, select “SALIR” (i.e. Quit). The other options are described
in detail in chapter 6.2 Restore Configuration Default Settings).
EP2703830EZ01 16/06/09
ED2 31/119
follows:
First of all, make sure that the PC is switched off and connected to the EP43
through the local network cable. After that, start up the PC, which will boot from
the local network (previously configured in the BIOS). The EP43 device assign an
IP address to the PC and transfers the boot software stored in the SD memory.
With this software the system start up will begin. The start up sequence follows
several stages, shown on the display with the following number sequence:
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
Symbol : At least 1 file has been transferred between EP43 and the PC.
At this moment, the EP43 device identifies that this is the first installation
(pairing) and asks one more time for the PUK code (on the PC screen appears
the message “Introduzca el PUK en el EP43” – i.e. “Insert PUK”). The PUK
code must be inserted with the EP43 keyboard.
After that, the PC must be rebooted and on the EP43 display appear again
Symbol : At least 1 file has been transferred between EP43 and the PC.
Symbol : All the files have been transferred between EP43 and the PC.
EP2703830EZ01 16/06/09
ED2 32/119
Symbol : Waiting for the software boot.
When the start up sequence between the PC and the EP43 is completed, on
the display appears the following information:
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
At the top of this screen, time registered by the PC is shown, while at the
bottom, “Authenticate User” and “Turn Off” buttons.
EP2703830EZ01 16/06/09
ED2 33/119
The number shown at the upper side of the screen represents the EP830E
software version, in other words, software application the runs on the PC; the
number showed on the lower right corner corresponds to the software version that
runs on the EP43.
Along this user guide, EP43 firmware is referenced. This corresponds to part
of the software application that runs on the EP43 and it is identified by the first
digit of the software version that runs on the EP43.
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
The EP43 has a sticker with the system version number. This number is
associated to the succession of version numbers shown on the screen.
REMARK
Once the start screen appears (Figure 10), log in as Default User clicking
with the mouse on the option “Autenticar usuario” (i.e. “Authenticate User”).
REMARK
After first installation or after loading the configuration default settings, the
default language is Spanish.
EP2703830EZ01 16/06/09
ED2 34/119
Figure 11 – Identification window (User Name)
Insert the Default user name, ADMIN, and select “Aceptar” (i.e. “Accept”).
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
After the first installation or after loading the configuration default settings,
once the Default User has correctly logged in, the system detects the hard disk
and asks for confirmation to install it.
Select “Aceptar” (i.e. Accept) and introduce the name to be assigned to the
hard disk in the next window:
EP2703830EZ01 16/06/09
ED2 35/119
Figure 14 - Assign Name to the Hard Disk
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
Once this hard disk installation has been completed, it is possible to proceed
with the system control and administration operations (see 5.2 System Control
and administration Operations): creation of hard disk partition to be assigned to
each virtual machine, creating of the virtual machines and attachment of the PC
resources to each virtual machine.
REMARK
REMARK
To the successful EP43 replacement, without losing the PC hard disk data,
EP2703830EZ01 16/06/09
ED2 36/119
it is essential to keep the values of the fields described in chapter 5.2.2.3 -
Hard Disk Management. It will also be necessary to use a level 2 or 1 SD
and after the system recovery replace it with a level 3 SD.
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
EP2703830EZ01 16/06/09
ED2 37/119
5. OPERATION
TAMPER Recovery.
To start up the system, the EP43 device must be connected to power supply
and the SD memory must be inserted in the EP43 (see Figure 4). Start up the
PC. The message interchange between the EP43 and the PC will start, the PC
authenticity is checked and the startup software stored in the SD is transferred to
the PC and executed.
EP2703830EZ01 16/06/09
ED2 38/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
REMARK
The system startup does not progress if the SD is not the one previously
associated. To use a non associated SD, it is necessary to associate the
EP43 and the new SD.
The system startup does not progress if the PC is not the one previously
associated. To use a non associated PC, it is necessary to associate the
EP43 and the new PC.
When the startup has finished, at the bottom of the PC screen two menu
options appear:
· Authenticate User
· Turn Off
EP2703830EZ01 16/06/09
ED2 39/119
Figure 16 – Identification window (user name)
If it is the first login after the initial installation, when no user has been
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
created yet, the default user (ADMIN) must be inserted in the identification
screen.
If it is a usual login after an ordinary startup, the default user can be inserted
in the identification as well as any other authorized user.
If the user name is correct the system will ask for the password.
If it is the first login after the initial installation, when no user has been
created yet, the default user password must be introduced in the
authentication window: ‘0000000000000000’ (16 zeros).
EP2703830EZ01 16/06/09
ED2 40/119
B. If the user has been configured to authenticate using the EP43
navigation keyboard (“EP830E authentication mode”), the following
window appears on the external PC monitor. The system waits for the
user to insert the password through the EP43 navigation keyboard:
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
In order to insert the password from the EP43, use the Navigation
keyboard. A number appears on the EP43 display. This number
changes when up or down keys are pressed. To validate a single
character right key must be pressed, to validate the complete value,
press central key. For each validated character an asterisk is showed.
To delete a single character, press left key.
REMARK
REMARK
After the sixth wrong user password insertion, an error message appears
and the system gets into a TAMPER situation. To recover the system from
this situation, the administration user, who knows the PUK code, must
EP2703830EZ01 16/06/09
ED2 41/119
follow the procedure described in chapter 6.4 - TAMPER Recovery.
If the password is correct, the system options that the user has permissions
to see, appear at the bottom of the screen. The virtual machines that the user has
permissions to see appear on the screen indicating their state. This screen is
called in this manual “Control and Administration screen”.
REMARK
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
If it is the first login after the initial installation, at the bottom of the Control
and Administration screen, all the operations will be available, since the
default user has full permission. No virtual machines will appear, since none
has been created yet.
REMARK
Any other start up sequence different from the described sequence, is not a
correct Multilevel System startup. Contact your system administration to
EP2703830EZ01 16/06/09
ED2 42/119
detect the reason for the incorrect startup.
inconsistence, at the end of the startup sequence, the system waits for a user with
system recovery permissions to accept or refuse the inconsistencies detected.
EP2703830EZ01 16/06/09
ED2 43/119
Figure 21 – Hard Disk not detected
Selecting Accept, the hard disk unit is deleted from the system.
Otherwise, the system keeps the reference but the system does
not complete the startup.
REMARK
For security reasons, only users with system recovery permissions can
EP2703830EZ01 16/06/09
ED2 44/119
approve system inconsistencies.
REMARK
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
The system startup does not progress if the SD or the PC are not the ones
previously associated or if the TPM detects any modification in the
hardware configuration.
This kind of operations allows both the system resources configuration and
management and the event log monitorisation. These Operations are accessible
from the Control and Administration screen and are available or not depending on
the user permissions. A full permission user will be able to access:
· Add Machine
· Resources Management
· Users management
· Events
· System
· Turn Off
EP2703830EZ01 16/06/09
ED2 45/119
user.
Selection the option Add Machine on the bottom side of the screen, the
system request the available parameters to assign to the new virtual machine.
The following window appears:
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
Define a name for the new virtual machine. After selecting Accept, a new
window appears where a colour must be selected. This colour will identify the
machine colouring the banner that appears at the top of the virtual machine in full
screen.
REMARK
For security reasons, the system does not permit the creation of virtual
machines with the same name in order to avoid the user confusion.
The system does make a distinction between capital and small letters when
checking that two virtual machines do not have identical names.
EP2703830EZ01 16/06/09
ED2 46/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
Once the colour has been chosen, select Accept. The virtual machine will be
automatically created.
REMARK
For security reasons, the system does not permit the creation of virtual
machines with the same colour in order to avoid the user confusion among
machines with different security classification levels.
EP2703830EZ01 16/06/09
ED2 47/119
image “Closed” indicates that the machine is stopped.
In this menu option the PC resources (RAM memory, Hard Disk, Networks)
can be managed in order to assign them to the created virtual machines.
This is the first operation to perform the first time the multilevel system is
installed with a PC or when it is required to modify the virtual machines
configuration.
· Memory
· Networks
If the PC has more the one hard disk, additional sections with the name for
these additional hard disks will appear.
In the section Memory, the user may create RAM memory segments to
assign later to the virtual machines.
At the top of the window appears the total RAM memory (in Megabytes)
installed in the PC.
EP2703830EZ01 16/06/09
ED2 48/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
EP2703830EZ01 16/06/09
ED2 49/119
taking into account the other segments; that is, the limit is set by
the total memory installed in the PC (taking off about 350
Megabytes used by the Multilevel System application). The
available memory for each segment is represented by the green
colour (see previous figure).
Non available memory (brown stripe on the bottom side of the bars)
represent the addition of the maximum memory values assigned to the other
segments; that is, the addition of every maximum value but the maximum value of
the selected segment. This stripe has several meanings depending on where it is
located:
· If the stripe not only appears in the green zone but also in the
blue zone of the segment, it means that in case that the
machines using the other segments are running, the machine
using the selected segment will not run at the maximum memory
value, but at its minimum memory value.
· If the stripe not only appears in the green and blue zones, but
also in the yellow zone of the segment, it means that in case that
the machines using the other segments are running, the
machine using the selected segment will not have enough
available memory to start up, since the memory available is
under its minimum memory value.
· Add
EP2703830EZ01 16/06/09
ED2 50/119
· Delete
· Accept
· Cancel
· Quit
In order to create a new memory segment, select Add. A new colour bar
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
appears and the columns on the right indicate the default minimum and maximum
values of 256 Mb and 512 Mb.
REMARK
At the highest security level (level 3), the system asks for user confirmation
EP2703830EZ01 16/06/09
ED2 51/119
before modifying the memory segments.
REMARK
The local networks that can be used with the Multilevel System are the ones
provided by the EP43 device through the three network connectors of the
following figure (connectors 3) - labelled as 1 to 3) and called virtual networks:
In the section Networks, the user may configure the virtual and physical
networks:
EP2703830EZ01 16/06/09
ED2 52/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
In this window the virtual and physical networks are listed. The MAC
assigned by default to each of the virtual networks is the MAC of the network
board installed in the PC and connected to the port “PC” of the EP43. The fact
that the three virtual networks have the same MAC, forces that each of the must
be connected to a different physical network. However, it is possible to program
the application software in the SD so that the MAC addresses can be modified.
This programming option is described in the SD Generation Centre user guide.
The system can emulate three types of network boards. One of them must
be selected in the field “Emulation”. The available network board emulations are:
· Novell NE2000.
· Realtek RTL8139.
The default emulation “Realtek RTL8139” is valid for the most usual
operating systems (Windows XP, Windows VISTA, Fedora…).
To accept the data presented in the screen, select “Accept”. The option
“Cancel” does not save changes and “Quit” quits the window.
REMARK
EP2703830EZ01 16/06/09
ED2 53/119
At the highest security level (level 3), the system asks for user confirmation
before modifying the networks.
In the section identified by the name of the hard disk (assigned during the
first installation) the user can define the partitions to be used in each virtual
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
machine.
When clicking on New partition, the system will select the first not used
sector on the hard disk as the initial sector. The partition size will be limited by the
gap existing till the beginning of an existing partition or till the end of the hard disk.
Once the fields “initial sector” and “size” have been defined, select “Create”
in order to generate the partition. The following window appears:
EP2703830EZ01 16/06/09
ED2 54/119
Figure 30 – Create New Partition
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
Introduce the partition’s name in this window and select whether it will be
encrypted on the hard disk or not ticking the option Encrypt.
REMARK
The security policy of the equipment usage must consider whether the
existence of non encrypted partitions is permitted or not. At the highest
security level (level 3) of the application, does not permit the creation of non
encrypted partitions.
In case the option Encrypt is selected, the field Key becomes writable.
Insert the key to encrypt the partition on the hard disk (each partition can be
encrypted with a different key).
REMARK
Once the partition is created, the key will not be visible any more.
EP2703830EZ01 16/06/09
ED2 55/119
Therefore, it is necessary to write it down and keep it in a safe location in
case it is necessary for future system recoveries.
At levels 1 (low) and 2 (medium) the option Clean must be selected (x) if it
is required that the partition is cleaned before being created.
REMARK
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
At the highest security level (level 3), the partition is automatically cleaned
before being created without asking for user confirmation.
If the cleaning is cancelled, the partition will not be created, since the
cleaning has not been completed.
In this window the partition can be selected as first startup partition ticking
the option “Select as first startup partition”. This option is used when several
partitions are assigned to one virtual machine. The virtual machine will boot from
the partition selected as first startup partition. This is a no static option; that is, it
can be modified after the partition has been created.
After having selected the partition settings, select “Accept”. The partition is
created and the initial and final sectors together with the size appear on the
partition list. On the colour bar, on the top side of the window, appears blue-
coloured the hard disk zone assigned to the partition and green-coloured the free
zones.
EP2703830EZ01 16/06/09
ED2 56/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
REMARK
· initial sector and size (or final sector) of each hard disk partition,
EP2703830EZ01 16/06/09
ED2 57/119
this application level. The system recovery will only be possible with an
application of level 2 or 1. Once the system is recovered, the SD can be
replaced with a level 3 SD if required.
·
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
EP2703830EZ01 16/06/09
ED2 58/119
The export parameters are:
ftp://user:password@host/filename
Example: ftp://user:password@10.22.0.2/pub/filename
REMARK
At the highest security level application (level 3), the field “URL” is not
saved in the profile in order to prevent any user who does not know the
access password to the server from exporting partitions.
EP2703830EZ01 16/06/09
ED2 59/119
transportation. The hard disk partitions are encrypted on
the PC hard disk with a key generated when the partition
is created. However, when exporting a partition, it is sent
to the server encrypted with a transmission key. Thereby
it is possible to import a partition to another Multilevel
System where the destination hard disk partition may be
encrypted with another hard disk encryption key. This
way, the exported partition is compatible with every
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
EP2703830EZ01 16/06/09
ED2 60/119
completed:
REMARK
Before importing the partition, make sure that the user who imports the
partition has the necessary permissions in the server to download the file.
EP2703830EZ01 16/06/09
ED2 61/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
EP2703830EZ01 16/06/09
ED2 62/119
is working as a virtual network.
ftp://user:password@host/filename
Example: ftp://user:password@10.22.0.2/pub/filename
REMARK
At the highest security level application (level 3), the field “URL” is not
saved in the profile in order to prevent any user who does not know the
access password to the server from importing partitions.
EP2703830EZ01 16/06/09
ED2 63/119
Figure 36 – Partition Import Progress
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
REMARK
Applications with level 2 (medium) and 3 (high) ask for user confirmation
before importing a partition into a destination hard disk partition with data.
If the destination partition is smaller than the file with the partition
to be imported, the system warns the user about it and asks for
his confirmation to resize it to an appropriate value:
EP2703830EZ01 16/06/09
ED2 64/119
Figure 38 – Not enough space message
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
REMARK
The destination partition will be resized always that there is free space
where to be expanded; that is, always that it is not limited by adjacent
partitions.
If the destination partition is larger than the file with the partition
to be imported, the system warns the user about it and asks for
his confirmation to resize it to an appropriate value:
EP2703830EZ01 16/06/09
ED2 65/119
REMARK
real size required for the usual operation of the virtual machine (e. g. 40
GB). Select the option “Do not resize” when the system warns of the waste
of space. When the import completes, there will be free space on the
partition. This free space can be integrated in the partition system of the
operating system using like “Partition Magic”.
o Initial Sector
o Final Sector
o Size
REMARK
The partition’s name and encryption key (if it is encrypted) can not be
modified. To make this kind of changes, the partition must be deleted and
created again.
EP2703830EZ01 16/06/09
ED2 66/119
with 0, after that, with 1 and finally with random value). Any data
stored in the partition will be lost. Press “Accept” to start the
partition cleaning. A window showing the cleaning progress
appears on the screen:
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
REMARK
High security cleaning can need a lot of time to be performed and, in any
case, more than the normal cleaning option.
EP2703830EZ01 16/06/09
ED2 67/119
all the information will be lost when the virtual machine is
turned off.
REMARK
The information will only be erased if the virtual machine is turned off, not if
it is only rebooted.
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
EP2703830EZ01 16/06/09
ED2 68/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
In order to add a new user, insert the new user’s name and
select the authentication mode ticking one of the following
options: PC (through the PC monitor and keyboard) or EP830E
(through the EP43 display and navigation keyboard).
EP2703830EZ01 16/06/09
ED2 69/119
confirm it. In order to generate a random password, select the
digits that appear on the EP43 display, since they appear
randomly.
REMARK
Every new user is created with all the permissions disabled by default. An
authorised user must modify the new user’s profile to assign the appropriate
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
permissions.
To access a user’s profile, select this user from the user list
(Figure 41), double-click on the user or press the button
“Modify”. In the user information window there are different
sections: one section refers to the global parameters and the
rest refer to the specific permissions related to each existing
virtual machine.
EP2703830EZ01 16/06/09
ED2 70/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
EP2703830EZ01 16/06/09
ED2 71/119
The old password will be required to change the
authentication mode and it will be inserted using the
appropriate authentication mode.
EP2703830EZ01 16/06/09
ED2 72/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
REMARK
Only the highest security level (level 3) asks for user confirmation before
modifying another user’s parameters.
EP2703830EZ01 16/06/09
ED2 73/119
REMARK
The lowest security level (level 1) does not ask for user confirmation before
deleting a user.
5.2.4. Events
The multilevel system registers during its operation every event considered
important to the system security. The events can be classified in three groups:
Information Event
Warning Event
Error Event
Information Event
· Communications established.
EP2703830EZ01 16/06/09
ED2 74/119
· User “user name” starting options modified.
· PUK ok.
Warning Events
EP2703830EZ01 16/06/09
ED2 75/119
· Cdrom resources configuration modified.
“machine name”.
· PUK error.
· Date-time modified.
Error Events
· Tamper: R button.
EP2703830EZ01 16/06/09
ED2 76/119
· Tamper: Battery.
· SW failure (“number”).
In the menu Events, the system event log appears. Each event is
described with a symbol that indicates its importance, the date and a description.
The events are automatically generated and stored in the system. However,
the storage of some events is not immediately stored as it is produced; the
system waits for an event of another type to happen in order to store them. This is
the case of the warning events generated when a virtual machine configuration is
modified. They are stored when the virtual machine starts up or when the menu
Events is selected.
EP2703830EZ01 16/06/09
ED2 77/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
Figure 48 – Events
Clicking on the option “Send”, all the events that were not still stored, are
REMARK
While this symbol appears on the EP43 display (while the events are
being saved in the SD), the SD card must not be removed, since it could be
damaged.
After that, it is possible to send a file with the event log to a remote server.
When this option is selected, the following window appears:
EP2703830EZ01 16/06/09
ED2 78/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
This window is similar to the partition export window and the parameters to
be inserted are similar:
NOTA
Event sending profiles are different from the profiles defined for partition
export/import. If it is required to have the same profiles to send the event
log and to export/import partitions, it is necessary to define them in both
windows: Send Events and Export Partition (or Import Partition).
EP2703830EZ01 16/06/09
ED2 79/119
· Source Network: Local network (EP43 port) that the system will
use to send the event log. This port must have connection to the
server’s network where the event log is going to be sent to.
ftp://user:password@host/filename
Example: ftp://user:password@10.22.0.2/pub/filename
REMARK
At the highest security level application (level 3), the field “URL” is not
saved in the profile in order to prevent any user who does not know the
access password to the server from sending events.
EP2703830EZ01 16/06/09
ED2 80/119
following window appears when the export has successfully
completed:
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
REMARK
During the normal operation of the Multilevel System, the events generated
in the system are periodically stored in the SD (if it is inserted). This operation is
REMARK
While this symbol appears on the EP43 display (while the events are
being saved in the SD), the SD card must not be removed, since it could be
damaged.
When event log comes closer to the internal storage limit (500 events), a
warning message is shown asking the user to insert the SD in the EP43 in order
to make the event transfer to the SD and get some free space in the EP43. Select
“Accept” to continue:
EP2703830EZ01 16/06/09
ED2 81/119
Figure 51 – Reaching event storage limit
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
Once the user inserts the SD and selects “Accept”, a message informing
about the event storage in the SD appears:
In case the SD is not inserted before the event storage limit is exceeded, the
event log is overwritten and the EP43 will get into a TAMPER situation and in the
REMARK
5.2.5. System
This option allows the user to select the screen resolution and the
EP2703830EZ01 16/06/09
ED2 82/119
application language:
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
Select “Accept” to save the changes. The system needs to restart to apply
the changes.
REMARK
It is recommended that the user turns off the virtual machines before
unauthenticating.
EP2703830EZ01 16/06/09
ED2 83/119
Security level 3 asks for user confirmation before unauthenticating the user
in case there are running virtual machines.
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
REMARK
Security level 3 asks for user confirmation before turning off the system in
case there are running virtual machines.
The system will switch off and on the PC screen appear the messages:
“Interfaz de control desconectado” (this message disappears after a very short
period of time, so it is possible that it is not visible) and “Terminando la ejecución”.
REMARK
It is recommended to always turn off the system correctly (first of all, turning
off the running virtual machines and after that, selection the turn off menu).
Following this procedure, the RAM memory assigned to each virtual
machine is correctly reseted.
EP2703830EZ01 16/06/09
ED2 84/119
5.3. VIRTUAL MACHINE OPERATION
The following figure shows an example of a stopped virtual machine and the
description of each operation:
If the user has permissions to see a virtual machine but he does not have
permissions to execute or modify it, the virtual machine appears as in the
following figure:
EP2703830EZ01 16/06/09
ED2 85/119
If a virtual machine is running, an image of what it is being executing is
shown inside the square (this window is not refreshed in real time, though the
frequency is enough to have a representative image of the performance of the
operating system).
Status of the virtual machine is displayed with a blue symbol at the top right
corner of the square:
Machine information. This symbol (top left corner) is only enable if the
virtual machine is running.
Play – Start virtual machine. This symbol is enabled whether the virtual
machine is stopped or paused.
Pause virtual machine. This symbol is only enabled when the virtual
machine is running.
Delete virtual machine. This symbol is only enabled when the virtual
machine is stopped.
EP2703830EZ01 16/06/09
ED2 86/119
5.3.1. Machine Information
Information:
Clicking on the symbol (Play), the virtual machine starts up. The
application assigns the CPU resources that have been configured and the
EP2703830EZ01 16/06/09
ED2 87/119
machine boots from the boot unit configured in the section “General
Configuration” (network, hard disk or CDROM). If the machine boots from the
hard disk, the installed operating system starts.
REMARK
If the application detects that the virtual machine that is trying to start up
does not have any RAM memory segment assigned, or that there is not
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
The virtual machine must be turned off following the appropriate operating
system procedure; then, pressing the stop button will no be necessary.
This option suspends the machine so that there are no CPU resources
assigned to it.
EP2703830EZ01 16/06/09
ED2 88/119
different tabs, although only one of them is accessible, depending on virtual
machine status.
REMARK
EP2703830EZ01 16/06/09
ED2 89/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
1. Machine name
2. Startup unit: The machine will boot from the network (if a
network is assigned), from CD (if the CDROM unit is assigned)
or from hard disk (if any partition is assigned).
EP2703830EZ01 16/06/09
ED2 90/119
recommended to be assigned to those virtual machines running
operating systems such as Windows 2000 or Windows 2000
Server.
REMARK
Security level 3 asks for user confirmation before attach/detach hard disk
partitions with data to/from a virtual machine.
EP2703830EZ01 16/06/09
ED2 91/119
6. Memory: Selection of the RAM memory segment to be assigned
to the virtual machine from a list of available segments. When a
segment is assigned to a virtual machine, it will not be available
to the rest. Only one memory segment can be assigned to a
virtual machine.
REMARK
EP2703830EZ01 16/06/09
ED2 92/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
In the left column the removable devices connect to the system are listed.
Selecting one of them and clicking it is added to the right column, where the
devices attached to the virtual machine are listed. When a removable device is
assigned to a virtual machine, it will not be available for the rest until it is detached
or the machine is stopped. Click on the button to detach the device. It will be
removed from the list on the right and will be available again for all the virtual
machines.
EP2703830EZ01 16/06/09
ED2 93/119
If the USB memory is inserted when virtual machine “MACHINE1” is not
started, it will be available for its assignment to any other virtual machine. For
example, on accessing Removable Devices tab of virtual machine “MACHINE2”,
the USB memory would appear in the column on the left (Non Attached Devices)
with the symbol to indicate that, although it is configured as a permanent
attached device to another virtual machine, it can be temporally attached to
“MACHINE2”.
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
The Smartcard lector appears in the left column (non attached devices) as
an available removable device. This device refers to the Smartcard lector in the
EP43. If it is attached to a virtual machine, it can be used from the operating
system of the virtual machine as an external USB smartcard lector. In order to use
this lector properly, it will be necessary to install in the operating system of the
virtual machine the specific drivers of the smartcard to be used.
EP2703830EZ01 16/06/09
ED2 94/119
Figure 60 – Confirmation before saving changes
WARNING
This option deletes the virtual machine. When the virtual machine is deleted,
its associated resources (memory segment, partition…) are available again.
Deleting a virtual machine does not imply the loss of the user data or the
operating system, since the hard disk partition is not modified; it is simply not
assigned to that virtual machine any more…
At level 2 (medium) and 3 (high) the system asks for user confirmation:
EP2703830EZ01 16/06/09
ED2 95/119
REMARK
At level 1 (low) the system does not ask for user confirmation before
deleting the virtual machine.
To enter a virtual machine; that is, to see the machine in full screen mode,
just click with the mouse on the square that represents the virtual machine.
EP2703830EZ01 16/06/09
ED2 96/119
6. ADMINISTRATION USER OPERATIONS
The administration user is the user who knows the system PUK code. The
authentication with the PUK code enables following operations:
· System installation
· TAMPER recovery
In this chapter it is also described the correct procedure to break the EP43-
PC association. This operation will be required if, for maintenance reasons, it is
necessary to reuse an EP43 device with a different PC. In this case, the
information of the former Multilevel System remaining in the EP43 should be
deleted.
The EP43 date and hour settings must be configured in the first installation
procedure. In case these settings need to be modified, the administration user is
required, since it is necessary to cause a TAMPER situation to modify them. The
procedure is described as follows:
1. Turn off the Multilevel System, clicking on the menu “Turn Off”.
3. Press the central key on the EP43. The PUK code is requested
on the EP43 display.
EP2703830EZ01 16/06/09
ED2 97/119
4. Insert the PUK code. If it is correct, the EP43 display menu
appears:
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
6. Modify the date and hour taking into account the following
indications: The blinking cursor points out the digit that is going
to be modified. The value is changed using the up and down
keys and to confirm the digit, press the right key. To confirm the
complete modification, use the central key.
7. Once the date and hour modification has been confirmed, the
EP43 display menu is shown again.
8. Select the option “Salir” (i.e. “Quit”). The normal system start
up sequence takes place with the new date/hour (on the display
EP2703830EZ01 16/06/09
ED2 98/119
The procedure is described as follows:
1. Turn off the Multilevel System, clicking on the menu “Turn Off”.
3. Press the central key on the EP43. The PUK code is requested
on the EP43 display.
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
the symbol .
EP2703830EZ01 16/06/09
ED2 99/119
REMARK
The load of the configuration default settings implies the loss of all the
information regarding the system configuration; that is, the partitions
geometry and encryption keys, RAM memory segments, virtual machines,
users…
However, the load of the configuration default settings does not imply the
hard disk partitions cleaning (formatting) in the PC. If the partitions
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
geometry (initial and final sectors) and encryption keys are known (see
chapter 5.2.2.3 Hard Disk Management), it will be possible to get back the
operating systems in the PC. This will be possible if the system recovery is
done with a level 2 or 1 SD.
If the system recovery is done with a level 3 SD, the data are lost at the
moment of creating the partitions, since with this security level, the cleaning
of the partition is done automatically before creating it without asking for
user confirmation.
The Secure Multilevel System update may involve two operations: the
system software update (EP830E application whose number version appears on
the top side of the screen) and the EP43 firmware update (whose version number
appears on the bottom left side of the screen).
EP2703830EZ01 16/06/09
ED2 100/119
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
EP2703830EZ01 16/06/09
ED2 101/119
7. After that, the following menu appears on the EP43 display:
o “Aplicación no válida”
o “Tarjeta inválida”
o “Extraiga tarjeta”.
That is:
o “Remove SD card”.
10. Remove SD. On the display appear the EP43 boot version and
the message “Esperando módulo de carga” (i.e. “Waiting for
EP2703830EZ01 16/06/09
ED2 102/119
load module”).
11. Insert the special SD card with the firmware update. Following
messages are shown:
That is:
13. Remove the firmware SD and insert the SD with the new
software version.
14. Press the central key in the EP43 keyboard. The PUK code is
required.
15. Insert the PUK code of the new SD. If the PUK code is correct
the following message sequence appears:
That is:
o “SD unattached”
REMARK
EP2703830EZ01 16/06/09
ED2 103/119
SD to cancel”), the message says:
That is:
This can happen with some software versions if the firmware has been
updated but not the SD. In this case, if the administration user decides to
attach the SD, the EP43 configuration will be lost (the same effect as
restoring the configuration default settings). Thereby it is indeed
recommended to have a system configuration backup (partition initial and
final sectors and the hard disk encryption keys).
16. Press the zeroization button (press R). The EP43 display menu
appears on the display.
17. Select the option “Salir” (i.e. “Quit”). The normal system start
up sequence takes place with the new firmware and software
EP2703830EZ01 16/06/09
ED2 104/119
3. Press the zeroization button (press R).
o “Aplicación no válida”
o “Tarjeta inválida”
o “Extraiga tarjeta”.
That is:
EP2703830EZ01 16/06/09
ED2 105/119
o “Not valid SD card”
o “Remove SD card”.
9. Remove SD. On the display appear the EP43 boot version and
the message “Esperando módulo de carga” (i.e. “Waiting for
load module”).
10. Insert the special SD card with the firmware update. Following
ALL RIGHTS RESERVED. IT’S NOT ALLOW ANY REPRODUCTION OF THIS DOCUMENT WITHOUT WRITTEN AGREEMENT OF EPICOM,S.A
That is:
12. Remove the firmware SD and insert again the same SD used
before the firmware update.
13. Press the central key in the EP43 keyboard. The PUK code is
required.
14. Insert the PUK code. If the PUK code is correct the EP43 display
menu appears on the display.
15. Select the option “Salir” (i.e. “Quit”). The normal system start
up sequence takes place with the new firmware version (on the
EP2703830EZ01 16/06/09
ED2 106/119
6.3.3. EP830E Software update (only software)
7. Insert the new SD card with the new software version. As this
9. Press the central key in the EP43 keyboard. The PUK code is
required.
10. Insert the PUK code of the new SD. If the PUK code is correct
the following message sequence is shown:
That is:
o “SD unattached”
EP2703830EZ01 16/06/09
ED2 107/119
REMARK
That is:
This can happen with some software versions if the firmware has been
updated but not the SD. In this case, if the administration user decides to
attach the SD, the EP43 configuration will be lost (the same effect as
restoring the configuration default settings). Thereby it is indeed
recommended to have a system configuration backup (partition initial and
final sectors and the hard disk encryption keys).
11. Press the zeroization button (press R). The EP43 display menu
appears on the display.
12. Select the option “Salir” (i.e. “Quit”). The normal system start
up sequence takes place with the new software versions (on the
In case the system gets into a TAMPER state because of the detection of
any irregular situation, the EP43 administration user, who is the only one who
EP2703830EZ01 16/06/09
ED2 108/119
knows the PUK code, must be informed so that the TAMPER situation cause can
be evaluated and the security implications can be checked.
This operation must also be performed by the EP43 administration user. The
procedure is described as follows:
EP2703830EZ01 16/06/09
ED2 109/119
7. PERMISSIONS
EP43 Default
Authorized
Administration User
User
User (ADMIN)
MANAGEMENT
Create/delete NO YES YES/NO
View
GLOBAL PARAMETERS
NO YES YES/NO
EP2703830EZ01 16/06/09
ED2 110/119
7.2. RELATION AMONG PERMISSIONS AND DESCRIPTION
TODOS LOS DERECHOS RESERVADOS. NO SE PERMITE SIN AUTORIZACIÓN ESCRITA DE EPICOM LA CESIÓN O
REPRODUCCIÓN TOTAL O PARCIAL DE ESTE DOCUMENTO, NI EL USO Y COMUNICACIÓN DE SU CONTENIDO.
Global Permissions
Linked
Number Permission Description Comments
Permissions
- A user cannot remove this permission
1 See all machines - View all virtual machines. - from its own profile (because it is linked
to the permission "Modify User").
- The permissions 14 to 18 related to a
- Access to the button “Add Machine”. virtual machine are automatically
2 Add/delete machines -
- Delete virtual machine. assigned to the user who has created
General this machine.
- There must be at least one user with
- Access to the Resources management menu
this permission.
and all its sections.
- With only this permission the recovery
3 System recovery - System recovery: Create and configure the 7, 8, 9, 10
of the system user list is not allowed (it is
PC resources (partitions, memory segments
not allowed the creation and modification
and networks).
of other users).
1 Always that the user has permissions to see the virtual machines.
2 Basic user parameters: Screensaver, User Name, Authentication mode, Password.
EP2703830ZZ01 16/06/09
ED2 111/119
Global Permissions
Linked
Number Permission Description Comments
TODOS LOS DERECHOS RESERVADOS. NO SE PERMITE SIN AUTORIZACIÓN ESCRITA DE EPICOM LA CESIÓN O
REPRODUCCIÓN TOTAL O PARCIAL DE ESTE DOCUMENTO, NI EL USO Y COMUNICACIÓN DE SU CONTENIDO.
Permissions
3 "Hard Disk Name " refers to the name assigned to the PC hard disk in the first installation.
4 Permission conditioned to the access to the configuration of the virtual machines (permission 15 Modify).
5 Permission conditioned to the permission attach/detach removables to/from this virtual machine.
EP2703830ZZ01 16/06/09
ED2 112/119
TODOS LOS DERECHOS RESERVADOS. NO SE PERMITE SIN AUTORIZACIÓN ESCRITA DE EPICOM LA CESIÓN O
REPRODUCCIÓN TOTAL O PARCIAL DE ESTE DOCUMENTO, NI EL USO Y COMUNICACIÓN DE SU CONTENIDO.
Global Permissions
Linked
Number Permission Description Comments
Permissions
- View the virtual machine. With only this
14 View permission, it is not possible to start it up or -
modify it.
- Access to the section "General Configuration"
in the window "Virtual Machine Configuration ".
- Modification of the basic parameters of the
Machine 15 Modify virtual machine6. 14
- Attach/detach Devices (CDROM, partitions,
memory segments, networks) of the virtual
machine7.
- Enables the buttons "play", "stop" and "pause"
16 Execute 14
of the virtual machine.
- Access to the section "Removable Devices" in
Attached the window "virtual Machine Configuration ".
17 Attach/detach Removables 14, 16
Devices - Attach/detach removable devices to/from the
virtual machine.
EP2703830ZZ01 16/06/09
ED2 113/119
Global Permissions
Linked
Number Permission Description Comments
TODOS LOS DERECHOS RESERVADOS. NO SE PERMITE SIN AUTORIZACIÓN ESCRITA DE EPICOM LA CESIÓN O
REPRODUCCIÓN TOTAL O PARCIAL DE ESTE DOCUMENTO, NI EL USO Y COMUNICACIÓN DE SU CONTENIDO.
Permissions
- Access the section "General Configuration" of
the window "Virtual Machine Configuration ".
18 Attach/detach Devices - Attach/detach devices (CDROM, partitions, 14, 15
memory segments, networks) of the virtual
8
machine .
- Automatic starting of the virtual machine when
19 Start the user authenticates, without needing to start 14, 16
it manually.
Session - Automatic starting of the virtual machine when
Starting the user authenticates, without needing to start
This option can only be selected in
20 Select it manually. 14, 16, 19
one of the virtual machines.
- Visualization of the virtual machine in full
screen.
· A user with no permissions in the window “User Information” has only privileges to change its basic
parameters: screensaver, user name, authentication mode and password.
EP2703830ZZ01 16/06/09
ED2 114/119
8. FUNTIONALITY INFORMATION
The Multilevel System does not support neither audio nor microphones.
To change CDs in the same virtual machine it is not necessary to stop the
virtual machine, as in a normal computer.
REMARK
REMARK
8.2.2. CD Burning
The Multilevel System does not support CD burning; neither through the PC
EP2703830ZZ01 16/06/09
ED2 115/119
internal CD lector nor through an external USB CD lector.
8.3. MISCELLANEOUS
8.4. PC MODELS
EP2703830ZZ01 16/06/09
ED2 116/119
8.5. USB STORAGE DEVICES MANAGEMENT
The Multilevel System emulates USB memories version 1.1. USB memories
version 2.0 are emulated with version 1.1.
· Close any directory where the files in the USB memory appear.
If these steps are not followed, it is possible that the changes done in the
memory are not correctly saved.
8.6. BLUETOOTH
EP2703830ZZ01 16/06/09
ED2 117/119
9. TECHNICAL SPECIFICATIONS
· Desktop device
· Dimensions:
o Maximum Height 46 mm
TODOS LOS DERECHOS RESERVADOS. NO SE PERMITE SIN AUTORIZACIÓN ESCRITA DE EPICOM LA CESIÓN O
REPRODUCCIÓN TOTAL O PARCIAL DE ESTE DOCUMENTO, NI EL USO Y COMUNICACIÓN DE SU CONTENIDO.
o Minimum Height 32 mm
· Package dimensions:
· Battery:
o Code: BLLI063448+pc.
o Voltage: 3.7V
o Capacity: 900mAh
o Weight: 30g
EP2703830ZZ01 16/06/09
ED2 118/119
9.2. DEVICE PROTECTIONS
· The system access is protected with the PUK secret code (from
6 to 16 characters). As an additional protection mechanism
against brute force exploration of its value, the device is
deactivated for an hour after 6 wrong PUK insertion attempts.
This situation repeats with another blocking hour if there is
another wrong PUK attempt. And the same again with
successive wrong PUK attempts.
TODOS LOS DERECHOS RESERVADOS. NO SE PERMITE SIN AUTORIZACIÓN ESCRITA DE EPICOM LA CESIÓN O
REPRODUCCIÓN TOTAL O PARCIAL DE ESTE DOCUMENTO, NI EL USO Y COMUNICACIÓN DE SU CONTENIDO.
EP2703830ZZ01 16/06/09
ED2 119/119