DEP/NMS User Manual
Contents
1. 0066 53 8 3 2 Ending GIL GP DUCQUON EE EEEE T NE 58 Ok MANAGING KETS ote i a te at a a ae ee a 59 8 4 1 BACK EUP KON S oire o E r T E aennseehs 60 8 4 2 RESOR ENEY S nea Sens ace tae Oa 6l 8 4 3 Chanine MEPDMR rarr iaa E T EE T AT ERN 65 8 4 4 Mer eine DOCKUDS arrr ensa TUE rT E E ae AAA 69 03s READING DEP INFORMATION prpiiirarat Tonke G 73 6 5 1 Understanding information about Keys ccccccceseccccccceeeeeessceeseaeeseeseeeas 75 8 5 2 Capa ES aropa a a 76 8 33 COUTOS oE T E T T 77 8 5 4 P AVAIICL CTS ice E death Goha A worm ate a aha tomate 78 6 0 PERFORMING DIAGNOSTICS neesii N E NEES 79 8 6 1 Reddine DANOSO S aori aE EERE SO 8 6 2 Testing COMMUNICATION Hardware ccccccccccsenseeeeeeeeececcen a eeeeeeeeeesennaas l 8 6 3 Performing DEP Self TeSt reinir a a E A a 82 8 6 4 Vere Ne KEVINA rrr aa E T T aiiat edeandsecots 83 8 6 5 Reading DEP Alarm Informati n cissie 83 8 7 RESETTING THE DEP PLATFORM OR ITS COMPONENTS cccccccceeeeeeeeeeeeeeeees 85 8 7 1 Managing the backup battery nnooennnnnnnnnnnssnnnnnssseeenssssseressssereesssse SO Odan Resetting Communication to the DEP platforim ccccccccccccseececeeee eens 87 8 7 3 Resetting the DEP Crypto Module CPU 5S 8 7 4 Resetting the DEP Alarm PLOCESSOD ccccccccsseecccceeeeeeeseeeeenaneeeeessenaaes 5S 6265 MANAGING DEP PARAMETERS i iss ccu etescsdattanetueteceis mestiee eres dattaaetu alee 88 6 6 1 Modifying DEP PQVQMeteLS av2. When the capability has been entered you are prompted to load the DMK1 x Load the OME into the DEP Crypto Module by CAM DEF DME becomes SOME and DME 2 remains loaded When you have entered this key the wizard continues with the key backup file to restore Change DMK Wizard l x Select the key backup file to restore itiz a key backup file under OME Open file In the Open dialog box select the file to restore Look in E Data_files de backup dat File name Files of type Dat File dat Cancel While the file is being restored the Keys restore dialog box provides progress information Atos Worldline Technology amp Products Engineering DEP Page 68 139 DEP NMS User Manual 04 04 Classification Public Keys restore a x Restoring a backup of keps from file Backup_7 100 Next the wizard prompts you for the file name for the key backup Change DMK Wizard l i x Select the key backup file to save it willbe a key backup fle under DM E 2 In the Save As dialog box select the name of the backup file File name Save Save as lype Dat File dat Cancel Then the Keys backup dialog box will appear providing progress information on the key backup Keys backup Atos Worldline Technology amp Products Engineering DEP DEP NMS User Manual 04 04 After that the wizard presents the final
3. Ir Platform symbolic name 2 192 168 0 19 cfg Application d keys EJ 192 168 0 19 bi Read DEF Information EARME Lij Modue t Diagnostics Locked BS Module 2 oe p Locked Ge my 192 168 0 20 z DER feceqreters FF 192 168 0 20 BY Module 1 dentine p Locked Ge BS Module 2 Locked Ge BS Module 3 Firmware Upgrade Locked Sc my 192 168 0 22 i Unlocked OFF GFF 197 166 022 BY Module 1 Locked Ge BS Module 2 Locked Ge The DEP Information dialog box appears with the information about the above mentioned items organised on four tab sheets Atos Worldline Technology amp Products Engineering DEP Page 74 139 DEP NMS User Manual 04 04 Classification Public DEP Information Ee x keys Capabilities Counters Parameters 04000000 04000100 4000101 4000102 O400010E 041350000 04130100 041350200 041350300 04130301 04150302 041350400 04130500 041350600 04130700 04150701 041350702 11 nen wo EYBFO4COF 40047 4ES1 BFF 3457C 36619 85F5E46D0F299454F 815641 1 F4FeS9SGEEE4291 W6DS4BESASSSoEE F66 SOCEZES4CS3406EF 7 A25B994F0 1220692 4EED0B1CF22235C 4 Bs6445 FLSBS SFB 7663150 7366346 760401 SF D401F401E072E04196110128C6E6 SS44E SECO 2502 7650401014665 PPPPPEPEPP mm zan irn rn rn ir n r n r n r n r n rn r a r n r s ee nom mm Dh D mm D om OO Oo oo oe Rey ac Total zz Active a Registered fe Deleted 14 Mot registered cancel e _ To
4. Problems information DEP Platform Crypta Module 197 168 0 18 Module 1 Load the Save Keys Capability 197 168 0 18 Module 2 Load the Master Key Remove ontinue While displaying the above information dialog box application is doing background check for state of DEP Crypto Modules enumerated in Problems Information list When one or more DEP Crypto Modules are brought to Ready state Problems Information list and General Information will be updated in the dialog box It is possible to select and remove one or more not ready DEP Crypto Modules from Problems Information list Continue button will be enabled when in Problem Information list all DEP Crypto Modules will be in Ready state To terminate software loading process for all selected DEP Crypto Modules click Cancel Atos Worldline Technology amp Products Engineering DEP Page 63 139 DEP NMS User Manual 04 04 Classification Public Restore keys operation for multiple selected DEP Crypto Modules is possible when all selected DEP Crypto Modules contain DEP Master Keys of the same type and with the same value Otherwise the following warnings will appear and operation will be aborted DEP MS LULULUmUmt S AN Restore is not possible because the selected modules dont contain the same type of DMK To restore the keys supply the name of the backup file in the Open dialog box The filename presented by default is e backup dat if keys are restored f
5. i DEP_NMS and DEP_EM Confirm Installation The installer is ready to install ODEP_NMS and QEP_EM on your computer Click Nest to start the installation Cancel Back Click Next to continue If you want to return to the previous screen press Back or if you want to abort the procedure press Cancel 14 1 3 Installing Once you have confirmed the installation options the actual installation starts The Installing DEP_NMS and DEP EM dialog box will appear A progress bar combined with status information show you how the installation moves on Atos Worldline Technology amp Products Engineering DEP Page 134 139 DEP NMS User Manual 04 04 Classification Public jg DEP_NMS and DEP_EM Installing DEP_NMS and DEP_EM DEP_NMS and DEP_EM ts being installed Please wait a 14 1 4 Installation Complete When all the files and data have been copied the Installation Complete dialog box appears to notify you of a successful installation Click Close to exit the installation procedure To start the DEP NMS and DEP EM applications the installation procedure creates shortcuts on the Desktop and entries in the Windows Start menu 14 2 LICENSE DONGLE INSTALLATION To start the License Dongle installation press the corresponding key in the installation start up window The Welcome dialog box appears from which you can proceed with the installation by clicking Next and following the
6. Atos Worldline Technology amp Products Engineering DEP Page 27 139 DEP NMS User Manual 04 04 Classification Public 6 4 SHOWING HIDING THE TOOLBAR To show or hide the toolbar underneath the menu bar in main window respectively select deselect the Toolbar option in View menu Bile Edit View Dep Platform Dep Crypto Module Tools Help Cr ld a i el elie BAP Platform symbolic name Security Platform status Trace Statistics Unlocked New configuration cfg m Platform sy mobo The table below gives an overview of the icons and their meaning Meaning Create a new configuration Open an existing configuration Save configuration Upon hovering an icon a tooltip displays the name of the function that is behind it At the same time some additional information is provided at the left side of the status bar DEP NMS C Program Files Banksys DEP_NMS and DEP_EM File Edit View Dep Platform Dep Crypto Module Tools Plugins Osha Sma p miZ BAP Platform symb fe config co D i D Ba Getting the status of the selected DEP Crypto Module Atos Worldline Technology amp Products Engineering DEP Page 28 139 DEP NMS User Manual 04 04 Classification Public 7 MANAGING DEP PLATFORMS To obtain information about a DEP Platform or carry out an operation you need to select the DEP Platform from the configuration tree in the main win
7. Configuration settings Value Host messages Pool messages Auto recovery period 0 or 3000 65535 msec Max response time S000 3600000 msec PC Date no application loaded PC Time no application loaded Message selection algorithm 12000 LOO0000 2611212010 15 04 26 First in First out Settings Read only settings Locking Locked by another user Status Good kemar FFFFFFFF Alarm status OK Battery status Connected Serial number 000100001 0F46ECF46 Software active Boot Software book TST BOOT 40l Software alarm ALARM SO m Software cloning CLONING 106 Software application Mone Configuration mode Mone Configuration authority Mone Revs Capabilities Customer ID Save OK Cancel pply 10 2 UPGRADE BANKSYS CRYPTO The Upgrade Banksys Crypto function is used to upgrade the firmware of the Banksys Crypto This chapter describes how to upgrade the firmware to new improved versions Firmware Upgrade operation allows to upgrade the Banksys Crypto on one or more DEP Crypto Modules 10 2 1 Prerequisites e The DEP Crypto Module should be locked e The version of DEP Crypto Module should be DEP PCI V4 e Minimum version of the DEP Platform Software must be VENUS 4 3 0 or higher e The minimum version of the DEP NMS application must be 3 4 0 2 e A DEP Application Software that support ISTD_FW_UPGRADE interface should be loaded on DEP Crypto Module Atos Worldline Technology a
8. File name Save Save as lype Text File txt Cancel By default the status files are saved in the Data_files subfolder with path C Documents and Settings USER Atos Worldline DEP_NMS and DEP_EM for Windows 2000 and Windows XP and c Users USER Atos Worldline DEP_NMS and DEP_EM for Windows Vista and Windows 7 respectively When you have specified the name and location of the file DEP NMS starts copying the trace file from the DEP Platform The Getting trace file dialog box informs you about the progress of the operation Getting trace file A normal trace file after stopping the trace facility has the following layout 000000690 001048576 TRACE CREATED Atos Worldline Technology amp Products Engineering DEP Page 41 139 DEP NMS User Manual 04 04 Classification Public 22 03 2007 13 33 43 348 status snd_host log 01 hst_msg_vers 0x30 serv_addr 0x01 int_msg_nr 0x00 arrival 0768374874 DEParture 0768374924 delta 0000000050 HST_CMD len 000017fe30010000F 0100010000051122334455 HST_RSP len 000006fe3001010000 22 03 2007 13 34 41 272 status snd_host log 01 hst_msg_vers 0x30 serv_addr 0x01 int_msg_nr 0x01 arrival 0768432837 DEParture 0768432848 delta 0000000011 HST_CMD len 000084fe30010000fF0125040000000003012502000e8b012508000018810004398927638200020 6658400038f47 4830003a7 34c0125090001012503000802250200022505000225030001250a000125 000001250b00 HST_RSP len 000015fe30010100f00
9. 04 04 Classification Public Banksys Crypto update report Operation succeed on 0 DEP Modulets Operation Failed on 1 DEP Modulets Operation Failed on Platform 172 24 15 48 Module 1 E STO SEQ ABORTED F20200250 Below is the list of errors which can appear in report dialog box e E STD_SEQ ABORTED This kind of error appears if entered Firmware Certificate value was incorrect e E STD_DATA_INVALID This kind of error returned by an interface if the firmware file was corrupted When multiple DEP Crypto Modules have been selected but not all of them are ready to proceed with the loading operation during the loading process the Banksys Crypto Upgrade dialog box can be expanded to show the status of the failed DEP Crypto Module s To expand the dialog box click the Status gt gt button Banksys Crypto Upgrade E x Loading Firmware File 0001 tst 106 05 hee Atos Worldline Technology amp Products Engineering DEP Page 115 139 DEP NMS User Manual 04 04 Classification Public After resetting the DEP the self test of DEP Crypto Modules is being started If the DEP Crypto Module s will not pass the self test the following error will occur The Following modulets hasthayve not passed the self test eo Platform 172 24 15 48 Modules 1 At the end of loading process to check the version number of currently loaded Banksys Crypto select the Dep Self Test function see paragraph 8 6 3 on pag
10. If you want to stop the statistics utility select the function Stop from the Statistics submenu In the main window of DEP NMS the status of the statistics facility of the selected DEP Platform is switched to Off 7 4 3 Getting the statistics information When you select this function the Statistics dialog box appears presenting a text field with the atest information transferred from the DEP Platform to the DEP NMS Atos Worldline Technology amp Products Engineering DEP Page 45 139 DEP NMS User Manual 04 04 Classification Public Statistics Stat printed O2 11 2004 11 37 31 288ltick 5416298 Stat started 02 11 2004 10 12 17 14 tick 302024 Stat stopped 02 11 2004 11 37 31 238 tick 5416248 Record Time frist 5114224 Protocol error counters Message status counters OResponse Message sent to Host 660065 Message statistics 860065 messages OAverage Command Length 334 O verage Response Length 326 DO 4Average Processing Time usj 1737 O Average Host Transaction Rate fhxfsect 166 The table below gives an overview of the items that appear in the dialog box and their meaning Stat printed Indicates that date and time the report is a generated and written in the zone Defines when the statistics utility has been started Stat stopped Defines when the statistics utility has been stopped if that has been the case Record Time ms Shows the time frame in milliseconds during which the
11. Keys restore report f x Operation Failed on Platform 192 168 0 18 Module 1 Module is Unlocked If after multiple DEP Crypto Modules have been selected some of them fail to become ready to proceed with the key restore operation during the restore process the Keys restore dialog box is enlarged to show the status of the failed module s CT x Restoring a backup of keps from file backup dat Status details Uperation failed on Platform 192 168 0 18 Module 1 Module ts a Atos Worldline Technology amp Products Engineering DEP Page 65 139 DEP NMS User Manual 04 04 Classification Public If there are failed DEP Crypto Modules at the end of keys restore process the Keys restore report dialog appears listing all the successful DEP module s and the failed DEP module s For each failed DEP module there is a status line with failure reason Keys restore report xX Operation succeed on 1 DEP Modules Operation Failed on 1 DEP Modules Operation Failed on Platform 192 168 0 18 Module 1 Module is Unlocked 8 4 3 Changing the DMK To change the DEP Master Key of a set of backed up keys select the Change DMK function from Keys submenu The Change DMK Wizard will start Change DMK Wizard x Welcome to the Change DMK Wizard Let s assume that you hawe taken a backup under DME and you want to translate it into a backup under DME To continue click Hest Cancel The wizard guides
12. Organize Plug Ins atus Tr RSA key Generation GFF GFF dep xp test 16 You can add up to twelve Plug Ins In case of adding an invalid plug in an error box will appear DEP_NMS E xi AN Only links to DEPINMS Plug Ins are allowed Atos Worldline Technology amp Products Engineering DEP Page 127 139 DEP NMS User Manual 04 04 Classification Public 12 2 ORGANISING PLUG INS With the Organize Plug Ins function you can remove the name of plug in s from the list in the Plug Ins menu If you select the function the Organize Plug Ins dialog box will appear To remove the plug in select its name and click the Delete button Organize Plug Ins E X To delete an item select the item and RSA key Generation click Delete R54 KeyImportinkeybable MCR Self Signed Certificate CTAP_CertificateGeneration Delete The plug in will be removed from the list S and DEP _EM Configuration _files securit Tools Plug Ins Help Fa Add Plug In Organize Plug Ins Us Cee RSA key Generation o RS5A_keyImportInkeytable CTAP_CertificateGeneration Remark Removing a plug in from the DEP NMS Plug Ins menu does not imply uninstallation of the plug in 12 3 USING PLUG INS Plug ins are only available if the Hardware license USB dongle is present To start using a plug in select the appropriate DEP Crypto Module and click on the appropriate plug in i
13. Save Save S C Program Files BanksysiDEP_MMS and DEP_EM Configuration files config cfg C Program Files BanksysiDEP_NM5 and DEP_EM Configuration _filesconfigS cfg C Program Files BanksysiDEP_NMS5 and DEP_EM Configuration _filesconfig4 cfg C Program Files BanksysiDEP_NM5 and DEP_EM Configuration _filesconfigs cfg C Program Files BanksysiDEP_NM5 and DEP_EM Configuration _filesconfigz cfg Exit Page 18 139 Classification Public F DEP AMS C Program Files Banksys DEP_NMS and DEP_EM Configuration _files config Ctrl Cerl 0 Ctrl M Gtr The Open dialog box appears with a list of the available DEP NMS configuration files from which you can choose the appropriate one Depending on the size and the complexity of the configuration loading the file may take a few moments The Merge configuration file dialog box displays the progress Merge configuration file Merging Configuration ch x If the chosen file is not a valid DEP NMS configuration file an error message appears saying that the configuration file is corrupted SS s X The file C ConFiguration cfg is corrupted To avoid duplicate platforms in the merged configuration checks will be made in the selected file and duplicate platforms will be eliminated configuration 4 4 CLOSING A FILE You can do so using the Close function from the File menu from the resulting After closure of the current file a new
14. The Backup function lets you to create a secure backup of all the keys loaded into the DEP Crypto Module except the DEP Master Key and other Special Keys Warning You must lock the DEP Crypto Module before executing this operation Backing up keys requires availability of e the CAP_STD_SAVE_KEYS capability e DEP Master Key If that is not the case you will be prompted for action To actually start to backup the keys supply the name of the backup file in the Save As dialog box The filename presented by default is e Backup if status data is saved for the first time e the name of the backup file that was last used if a backup has previously been made Atos Worldline Technology amp Products Engineering DEP Page 61 139 DEP NMS User Manual 04 04 Classification Public If the file already exists DEP NMS requests confirmation to overwrite it Save in E Data fies rer File name backup dat Save as lype Dat File dat Cancel By default the status files are saved in the Data_files subfolder with path C Documents and Settings USER Atos Worldline DEP_NMS and DEP_EM for Windows 2000 and XP and c Users USER Atos Worldline DEP_NMS and DEP_EM for Windows Vista and Windows 7 respectively The Keys backup dialog box will appear indicating the progress of the specified backup operation Keys backup 8 4 2 Restoring keys Restore keys operation allows restorin
15. You can save the status information of the DEP Crypto Modules into a text file Press Save at the bottom of the Module status window In the Save As dialog box that appears supply the name of the destination file The filename presented by default is e ModulesConfiguration txt if status data is saved for the first time e the name of the status file that was last used if status data has already been saved If the file already exists DEP NMS requests confirmation to overwrite it z modulesconfiguration txt Statistics txt Trace txt File name PlatformContiquration ts save az type tet File tet Cancel By default the status files are saved in the Data_files subfolder with path C Documents and Settings USER Atos Worldline DEP_NMS and DEP_EM for Windows 2000 and XP and c Users USER Atos Worldline DEP_NMS and DEP_EM for Windows Vista and Windows 7 respectively Atos Worldline Technology amp Products Engineering DEP Page 50 139 DEP NMS User Manual 04 04 Classification Public File name modulesconfiguration te Save az type tet File tet Cancel 8 1 4 Modifying configuration settings You can modify the configuration parameters that are in the upper part of the window related to the module configuration if the module is in locked mode The table below gives an overview of the parameters their meaning and their default value Parameter Meaning Ho
16. 139 DEP NMS User Manual 04 04 Classification Public Make diagnostics on a DEP Crypto Module Reset a DEP Crypto Module Modifying a DEP application parameter on a DEP Crypto Module Modifying the Real Time Clock of a DEP Crypto Module
17. Atos Worldline Technology amp Products Engineering DEP Page 22 139 DEP NMS User Manual 04 04 Classification Public 5 1 3 Updating the configuration When you have made the proper selections you can report them to the configuration tree on the main window using either of the two buttons OK If search was performed before this updates the configuration information in the main window and closes the dialog box Otherwise detects all DEP Crypto Modules that are present on the platform updates the configuration information in the main window and closes the dialog box e Apply This updates the configuration information in the main window without closing the dialog box This allows to add several platforms in a row If you do not want to update the configuration with the changes you have made click the Cancel button In that case the dialog box closes without performing any changes 5 2 MODIFYING PLATFORM INFORMATION To modify the DEP Platform information that is already in the configuration Modify function in the Platform submenu in Edit menu Also you can select the Se icon or the equivalent function key F8 The Modify platform dialog box appears Modify platform Symbolic name EE EE Name or IF address Jdep_ntpst Fort foon Modue iM Module ZI Module 3l Module 4 Search modules OK Cancel Apply 5 3 DELETING A PLATFORM FROM THE CONFIGURATION To remove a DEP Platform from the current c
18. DEP T6 this field is read only and fixed at a value of 2 Defines the interval in seconds 5 seconds used for sending periodical alive messages Specifies the time interval in 2 minutes minutes of inactivity before alive messages are exchanged When the alive flag is disabled the DEP Platform does not verify whether the host is still connected In case the alive flag is enabled and there is no communication within a time interval of lt Time gt minutes the DEP Platform sends every lt Int gt seconds an alive message to check the availability of the host When the host does not respond the alive message after three retries the DEP Platform breaks off the TCP IP connection so that the host could possibly reconnect to the DEP Platform no lost of connections 7 1 4 5 Application Protocol On this tab sheet you can set the parameters for the application protocol Warning The DEP Platform must be locked for this operation Atos Worldline Technology amp Products Engineering DEP Page 35 139 DEP NMS User Manual 04 04 Classification Public Platform status Read only l X Status Connections Host protocol Application protocol 000 Date Time Event manager Sequence number length 0 15 D Magic number value 16 char HEX max FE Settings Save Restore efaults The following parameters can be set Default value Sequence Number Indicates the number of bytes Length decimal represen
19. DEP_EM for Windows Vista and Windows 7 respectively The default file name that is presented 1s e BackupParameters txt if you back up parameters for the first time e the name of the last used backup file the other times When the DEP parameter backup file already exists DEP NMS prompts you for confirmation to overwrite it Atos Worldline Technology amp Products Engineering DEP Page 94 139 DEP NMS User Manual 04 04 Classification Public C Banksys Setup DEP_MMSiData_ Files BackupParameters txt already exists Do you want to replace it Every DEP parameter backup file is created as an ASCII text file which you can view with any text editor The DEP NMS does not have any built in feature for viewing these files 8 8 5 Restoring parameters The Restore button is to restore the contents of a DEP parameter backup file to the DEP Crypto Module When you select this function you are prompted to specify the name of the backup file from which you want to restore The default file name that is presented 1s e backupparameters txt if you restore parameters for the first time e the name of the last used backup file the other times modulesconfiguration txt Statistics txt Trace txt File name BackupParameters txt Files of type Jest File txt Cancel The input file must be a valid DEP parameter backup file DEP NMS reads the file and verifies the Sha 1 hash at the end of the file and i
20. Platforms with the fully secure security level Platform software version 3 x or higher Two keys are present in the Security column F DEP AMS C Program Files Banksys DEP_NMS and DEP _EM Configuration files security clg File Edit wiew Dep Platform Dep Crypto Module Tools Flug Ins Help O id le el lee BAP TP Platform symbolic name Security Platform status Trace Statistics TCP IP address or name Locking E E DOE a Pe ee mJ dep xp test 16 Se Unlocked OFF OFF dep xp test 16 E Module 1 Locked BS Module 2 Locked b 4d dep xp test 15 Unlocked FF CFF 172 24 14 237 E Module 1 Locked b E Module 2 Locked b BS Module 3 Locked b BS Module 4 Unlocked HE t6 print Unlocked on Off 172 24 15 230 E Module 1 Unlocked BY Module 2 Unlocked 11 2 3 Modifying a password The Modify a password function is very similar to the previous one It is used when the password has previously been defined and must be changed In the Modify password dialog box there are three fields one for the current password one for the new password and one to confirm the new password Modify password HCK E x Password New password Confirm new password Restore default password Atos Worldline Technology amp Products Engineering DEP Page 122 139 DEP NMS User Manual 04 04 Classification Public This dialog box also provides the possibility to restore the default password In that cas
21. a selected DEP Crypto Module using the Send a Call function from the Tools menu Warning This function is only available if you have the Hardware Licence USB dongle First select a DEP Crypto Module or a DEP Platform and then click Send a Call If you select a Crypto Module the call is sent to that module only if you select a DEP Platform the call is sent to its pool of Crypto Modules The Send a Call dialog box will appear send a Call to the Selected DEP Crypto Module or Platform P00 x Insert a Call to send without EDP Header This header will be automatically added Call to Send Output Clear input Field Send Connected to 192 168 0 186 Pork number 1000 Module number 1 Response time O sec In the Call to Send field fill in the call and click the Send button to actually transmit the call to the DEP Crypto Modules The reply will appear in the Output field underneath This output box is read only but you can select and copy the content by double clicking in the field The status bar at the bottom of the dialog box contains information about the connection and the response time Send a Call to the Selected DEP Crypto Module or Platform Pool i x Insert a Call to send without EDP Header This header will be automaticaly added Call to Send FFO 1250200080001 2503000501 25040000000003022502000225030001 250000 Output Fid22503000300050004250000 Clear input Field Cancel Connected to
22. below appears with list of actions that user can take to bring DEP Crypto Module s to Ready state For example if some of selected DEP Crypto Modules are not initialized at the good level of authority or don t have CAP_STD_SW_LOAD capability loaded the following problems will occur Checking Modules Status j x General information Number of selected DEP Crypto Moduleisi Number of ready DEP Crypto Modules 0 Number of not ready DEP Crypto Moduletsi 4 Problems information DEP Platform Crypta Module DEP Platform Module 1 Bring to the Customer level DEP Platform Module 2 Bring to the Customer level DEP Platform Module 1 Load the Software Load Capability DEP Platform Module 2 Load the Software Load Capability Remove onhinuve While displaying the above information dialog box application is doing background check for state of DEP Crypto Modules enumerated in Problems Information list When one or more DEP Crypto Modules are brought to Ready state Problems Information list and General Information will be updated in the dialog box It is possible to select and remove one or more not ready modules from Problems Information list Continue button will be enabled when in Problem Information list all DEP Crypto Modules will be in Ready state To terminate software loading process for all selected DEP Crypto Modules click Cancel While loading application software in more than one DEP Crypto Module addi
23. by external parameters 2 1 DEP NMS LITE Starting the DEP NMS without the hardware licence USB dongle launches the Lite version of the application DEP NMS Lite rf n SESE ASIN a Computer Laptop DEP NMS Lite Figure 1 DEP NMS Lite configuration In this Lite version of DEP NMS application there is e noremote C ZAM DEP e limited management capability maximum 5 DEP platforms e no Automatic Refresh e no access to the Plug Ins functionality Atos Worldline Technology amp Products Engineering DEP Page 10 139 DEP NMS User Manual 04 04 Classification Public e no load in parallel functionalities software amp keys e Cloning functionalities allowed for TEST platforms max 5 platforms 2 2 DEP NMS FULL Starting DEP NMS on a standard PC with the hardware licence USB dongle launches the application in the Full version DEP NMS Full x ay i a a lt Computer Laptop DEP NMS Full Figure 2 DEP NMS Full configuration In this version the full functionality is available e remote C ZAM DEP e unlimited DEP Platform management e Automatic Refresh e access to the Plug Ins functionality e full access to load in parallel functionalities software amp keys e full access to the Cloning functionalities Note The possibility to use the C ZAM DEP in remote mode will be available from version 1 4 2 of the C ZAM DEP softw
24. click a DEP Crypto Module in the configuration tree a dialog box appears with the name of the selected module in the title bar Dep parameters Group Tag Name Values System Minimum instance System rdid DEF Name DEP_MAME HERE Maximum instance Em 0rz60000 IPE Min Bits 20 Unit Keyes Slice Type 2 Byte Format Dec Minimum value oO Maximum value 1000 Backup Restore 4dd instance Del instance Note The DEP parameters list always contains all the known DEP parameters by the DEP Crypto Module However DEP parameters are only physically available and used in the DEP Crypto Module if they have a value Value field contains a value The table below gives an overview of the DEP parameters Parameter Meaning Group Indicates the group of parameters to which the current parameter belongs Gives the tag of the current parameter Name Gives the textual description of the current DEP parameter Values Gives the actual value of the DEP parameter Note If you modify the value and do not click Apply or Ok the modified value is not sent to the DEP Crypto Module Minimum instance These parameters respectively give the lower and upper maximum instance borders of the DEP Parameter instances New DEP Parameter instances outside these borders are not allowed Gives additional information on the DEP parameter e g key per slice these units depend on the DEP Atos Worldline Technology amp Produ
25. ee te Pee ED accept the terms in the license agreement Print Tdo not accept the terms in the license agreement Installshield lt Back Cancel Atos Worldline Technology amp Products Engineering DEP Page 136 139 DEP NMS User Manual 04 04 Classification Public 14 2 1 2 Specifying setup type You have to select Complete in order to install all the program features Press Next to continue i Sentinel System Driver Installer 7 5 7 InstallShield Wizard Setup Type Choose the setup type that best suits your needs Please select a setup type All program Features will be installed Requires the most disk space Choose which program Features you want installed and where they Will be installed Recommended For advanced users Installshield lt Back Cancel 14 2 2 Finishing the actual installation When you have provided all the preliminary information you can proceed with the actual installation by pressing Install on the Ready to install the Program dialog box Atos Worldline Technology amp Products Engineering DEP Page 137 139 DEP NMS User Manual 04 04 Classification Public i Sentinel System Driver Installer 7 5 7 InstallShield Wizard Ready to Install the Program The wizard is ready to begin installation Click Install to begin the installation TF you wank to review or change any oF your installation settings click Back
26. instructions on the screen If for any reason you do not want to proceed with the installation press Cancel Atos Worldline Technology amp Products Engineering DEP Page 135 139 DEP NMS User Manual 04 04 Classification Public j Sentinel System Driver Installer 7 5 7 InstallShield Wizard Welcome to the InstallShield Wizard for Sentinel System Driver Installer 7 5 7 The InstallShieldi Rt Wizard will install Sentinel System Driver Installer 7 5 7 on your computer To continue click Next WARMING This program is protected by copyright law and international treaties E Cancel Below is an overview of the different steps in the installation procedure 14 2 1 Performing preliminary steps 14 2 1 1 Accepting license agreement Read and accept the License Agreement and click Next i Sentinel System Driver Installer 7 5 7 InstallShield Wizard License Agreement Please read the Following license agreement carefully This License describes limited rights granted by SafeNet Inc and or one of its subsidiaries such grantor Seller to the Buyer A The term Software as used herein shall mean a program or programs consisting of machine readable logical instruction and tables of information designed as libraries or drivers to work In conjunction with Sellers Sentinel Keys Products Title to all Sotware furnished ta Guyer hereunder shall wees es D el lee Cte ee memme be Dee e ee
27. it beneficial to read these three document e DEP Introduction to DEP e DEP Glossary With respect to the DEP NMS the documents that are of particular interest are the following e DEP EM User Manual e DEP C ZAM DEP User Manual e DEP NT Installation Guide oe DEP Host Interface Protocol There are no references made to the following documents but they could be useful to understand this document e DEP Introduction to DEP e DEP General Architecture e DEP Glossary e DEP T6 Owner s Manual 1 3 CONTACTING ATOS WORLDLINE You can visit Atos Worldline on the World Wide Web to find out about new products and about various other fields of interest URL http www Atos Worldline be For documentation or support on issues related to DEP customers partners resellers and distributors can send an email to the DEP Hotline dephotline atosworldline atosorigin com Atos Worldline Technology amp Products Engineering DEP Page 9 139 DEP NMS User Manual 04 04 Classification Public 2 DEP NMS FIELDS OF APPLICATION The main purpose of the DEP NMS application is to manage a pool of DEP Platforms with several DEP Crypto Modules It is intended for use on PCs with Windows 2000 XP Windows Vista and Windows 7 operating system on it The DEP NMS application has following versions of functioning o lite full e local Note Only one executable exists the difference between the lite full local versions is determined
28. of the response message only available when the log equals 01 As mentioned before the trace file is a cyclic file When the maximum length of the file has been reached the logging continues at the beginning of the file thus overwriting the oldest data in the file Below is a sample of a trace file that has started cycling When the trace facility has been stopped before consulting the trace file the last record could easily be found by searching for the words TRACE DISABLED 22 03 2007 13 59 59 625 status snd_host log 01 hst_msg_vers 0x30 serv_addr 0x01 int_msg_nr 0x35 arrival 0769951171 DEParture 0769951201 delta 0000000030 HST_CMD len 001035fe3001000 F0700000000000000000000000032dEFFOLONNLOO03e8b24afcd6d5fd3613972 d03e4b8e4 bf 54ed12de4af4c0bb102bfba26fd5ab6l1 4b7731ab265bd1 6ceb3b379c80005080877c774 cdd2chd54142f9 ae9d9575bD95ced099be 64 c02bFf203cd6231lbecf902280a316d92226c235dcd7a432F4 d6 lc6aef00e58ba60f6a2dqd5169a34088c9de0fe54f6877qd190c 86128b67e8bb7bd4025de1981laddc0a c2d9a83634de5520ee3af63e908f729ce7fe4cd93ace2959d722e8e599af0fb0256e7dqd47ef4dqd2e085ef ec356cf2b3f739ce666dqd0031fcc3e9c6b767224a6ab01260b448c333db40de272dqd5e05a2795090241e8 3c7b1520c5b6qd862014f1a89185558122a75p8650a844f87cfc05f3d2c6b8b7795786c348ede769b0bp0 86ac24485535qd582c2c96425e258alef102b3ce3b25fdf40425f06ab3d4413ae276dqd538ec4f71b3f32b p 0 38b2269238e19438432d00a7879b7 4bd50579aFd9c926346dda7al3d0afbbc8c95649ad7b009acell 62c47d69fclf119daf09e6876F57b
29. refresh The automatic refresh is active only when it is selected in the General Settings window and if a license hardware USB dongle is present If this feature is active the information in the main window will be automatically updated except for the DEP Platform which is selected or has one of its DEP Crypto Modules selected By default the automatic refresh is activated The refresh intervals defined in the Interval Refresh field This parameter determines the time that the DEP NMS after the last refresh has been done waits before performing again another automatic refresh of all the information viewed in the main window The value must be in the range 10sec 3600sec A default value of 180 sec is foreseen The automatic refresh relies on the get status mechanism If the result is not good for example the DEP Crypto Module is in fatal mode bad connection to the DEP Platform etc the information appears in the main window on the corresponding line of the DEP Platform or DEP Crypto Module concerned Notes 1 The serial numbers of the DEP Crypto Modules are saved in the configuration file if during the refresh a difference appears between the expected value and the value that is read the corresponding line is highlighted 2 A new DEP Crypto Module that is connected to a DEP Platform is not automatically added see Modifying platform information on page 22 11 1 2 Event Manager DEP NMS uses the TCP IP address o
30. results Cloning Process Summary x Serial number of the Master module added Clone 1 Serial number 000 1000010F 484 70F3 Ip address 192 168 0 22 Module number 1 Generaton 2 Clone 2 Serial number 00010000 10FABECF4B Ip address 192 168 0 22 Module number 2 Generation 2 Clone 3 Serial number module added Te addere mm In 120 FAM Save a5 If you want to save the cloning summary as a text file click Save as if you want to close the window click OK Atos Worldline Technology amp Products Engineering DEP Page 104 139 DEP NMS User Manual 04 04 Classification Public 9 8 RESET MASTER CLONE Reset Master Clone function is supposed to be used in unexpected situations if the cloning process should be aborted To interrupt the cloning process right click on any DEP Crypto Module involved in cloning process select the Cloning and then click on the Reset Master Clone option Also you can reset the DEP Crypto Modules from general menu tab Select any DEP Crypto Module involved in cloning process click DEP Crypto Module in the menu tab select Cloning and click on the Reset Master Clone option Using the Reset Master Clone function the Master candidate DEP Crypto Module will keep its initial state and the Clone candidate DEP Crypto Modules will lost all already cloned information Atos Worldline Technology amp Products Engineering DEP Page 105 139 DEP NMS Use
31. stage of the operation Click Finish to complete it The Merge backups function from the Keys submenu allows to merge several key backup files into a DEP Crypto Module The procedure is guided by the same wizard Change DMK Wizard Completing the Change DMK Wizard Please erase capabilities CAP_STO SAVE FEY S and CAP STO CHANGE_DME from the DEP Crypto Module by CAM DEF optional To close this wizard click Finish 8 4 4 Merging backups as changing the DMK The images below show screenshots of the different sequences of the procedure Merge Backups Wizard l e E xj Welcome to the Merge Backups Wizard Let s assume that you have two or more key backup files and that you want to merge them into one DEP Crypto Module To continue click Next Cancel Page 69 139 Classification Public Atos Worldline Technology amp Products Engineering DEP Page 70 139 DEP NMS User Manual 04 04 Classification Public Merge Backups Wizard 3 x Load the DME into the DEF Crypto Module by CAM DEF this will erase all the present application keys If the DMK is not entered the following warning box appears prompting you to do SO Merge Backups Wizard Load the capability CAP_STDO_SAYVE_FEY S into the DEP Crypto Module by CAM DEF As long as the capability has not been entered you cannot go on to the next step The following warning box will appear prompting you to enter the cap
32. with functions that give access to several tests F DEP NMS C 192 168 0 19 cfg Fie Edit View DEF Platform DEF Crypto Module Tools FlugIns Help D hg SEI Status FS Locking d Platform symbolic name E s Application 2 192 168 0 19 cfg Keys HEJ 192 168 0 19 Read DEP Information a ae i Moduet J Diagnostics Read Diagnostics E BH Module 2 Reset Test Communication Hardware HEJ 192 168 0 20 DEP Parameters DEP Self Test BY Module 1 Cloning Verify keymac EH Module 2 OO Bed DEP larm Information Firmware Upgrade BY Module 3 Atos Worldline Technology amp Products Engineering DEP Page 80 139 DEP NMS User Manual 04 04 Classification Public 8 6 1 Reading Diagnostics The function Read Diagnostics gives information on the memory status of the DEP Crypto Module DEP diagnostics Properties Values Critical Boot o000 Critical System o000 Critical 4pplication o000 Problem Application o000 Memory Status oou2 Memory Core OOOBOS40 Memory BigFree OOOO Memory Free OOUOOU00 Memory Frees OOO Memory BigTaken 00000140 Memory Taken OO000F10 Memory Takens 0036 Reserved 1 oo000000 Reserved 2 oo000000 Reserved 3 ooo000000 sve _ The table below give an overview of the various features displayed in the DEP diagnostics window with their meaning only successful application load after successful application load after successful application load lt alloc h
33. you wish to unlock before exiting For more information about locking and unlocking items refer to the section Handling Platform Locking on page 37 Atos Worldline Technology amp Products Engineering DEP Page 15 139 DEP NMS User Manual 04 04 Classification Public Forced Unlock x Platform name Module Forced Unlock r O t print Additionally if you have modified the configuration the application displays a dialog box that prompts you to save the modifications before exiting DEP NMS The properties of the DEP NMS application and the last saved configuration will automatically be used at the next start up except for the version installed on a DEP XP platform Atos Worldline Technology amp Products Engineering DEP Page 16 139 DEP NMS User Manual 04 04 Classification Public 4 HANDLING CONFIGURATION FILES A configuration file contains information about a group of DEP Platforms and DEP Crypto Modules that are to be managed at the same time by DEP NMS Configuration files have an extension CFG DEP NMS can handle only one configuration at the time 4 1 CREATING A NEW FILE To create a configuration file use the New function from the File menu Also you can click the icon or use the equivalent Ct r1 N keyboard shortcut Doing so closes the current configuration if any empties the main window of the application and opens a new empty configuration DEP NMS New configurat
34. 07210400 Perso aid Backup Restore 4dd instance Del instance Cancel Apply A new instance is generated of which you can modify both instance and value Note These newly defined values are only sent to the DEP Crypto Module after you have pressed OK or Apply Atos Worldline Technology amp Products Engineering DEP DEP NMS User Manual 04 04 Page 92 139 Classification Public Dep parameters Group Tag Name Values System OFOO0000 Keymac Slice 1 System OF000100 DEP Name DEP_MAME HERE oo Minimum instance Maximum instance lep lep Iep lep Ilep pin asm asm asm asm asm 07140000 Of 140001 071400 OF 140100 OF 140200 OF LEQOOO O72 10000 OF210100 O72 10200 07210300 07210400 Iep key ID Iep Rey ID Ilep Rey ID lep Sd ID Iep pp Ins IEM3624 Dec Thl Basement aid Sd aid Dec key Use Lim SM Algo Perso aid 400 00 Backup Restore Gddinstance Del instance Umit Type Format Minimum value Maximum value OK Cancel Apply 8 8 3 Deleting a parameter instance You can use the button Del instance to either e delete an instance of a multi instance parameter e erase the value of a mono instance parameter Note In the latter case the DEP will return the corresponding default value if it exists If you press OK or Apply without the capability CAP_STD_SET_PARAM being loaded a warning box appears prompting you to load it DEP N
35. 165 0 19 y Unlocked On OFF 192 168 0 19 BS Module 1 Locked Sood Mok Set OOoooo00 BANKE 58a ES Module 2 Locked 00d Mok Set 00000000 BANK 58a ma 192 168 0 20 3 Unlocked GFF OFF 192 168 0 20 2S Module 1 Locked Sood Not Available FFFFFFFF None BS Module 2 Locked 00d Mot Available FFFFFFFF Mone BS Module 3 Locked aood Not Available FFFFFFFF None E 192 165 0 22 23 Unlocked GFF OFF 192 168 022 E Ses Not Available FFFFFFFF None 000 BS Module 2 Locked Good Mot Set FFFFFFFF None The following fields will be changed e Software this field is cleared e Keymac switches to FFFFFFFF 8 4 MANAGING KEYS The Keys submenu contains the following functions e Backup e Restore e Change DMK e Merge Backups Atos Worldline Technology amp Products Engineering DEP Page 60 139 DEP NMS User Manual 04 04 Classification Public T DEP NMS C 192 168 0 19 cfg Fie Edit View DEP Platform DEP Crypto Module Tools Plugins Help OD co lel EI Status F3 Locking d Ir TCPYIP addr Platform symbolic name Application 192 168 0 19 cfg Backup 192 168 0 19 Read DEP Information Restore LE Modue 1 Diagnostics Ho Change OMK E Module 2 Reset d Merge Backups Lo EJ 192 168 0 20 DEP Parameters e BS Module 1 Aprire 5 La BS Module 2 La BE Module 3 Firmware Upgrade Lo l i m m m Ma a I I I M M m m m 8 4 1 Backing up keys
36. 192 168 0 18 Port number 1000 Module number 1 Response time 3 sec Atos Worldline Technology amp Products Engineering DEP Page 124 139 DEP NMS User Manual 04 04 Classification Public To close the dialog box click Cancel If you do so during the execution of the call the connection with the DEP Crypto Module will be terminated and the dialog box will be closed To clear the Call to Send field click the Clear input field button To send a call to a DEP Crypto Module it must be unlocked If not an error message will appear in the Output field Send a Call to the Selected DEP Crypto Module or Platform Pool g x Insert a Call to send without EDP Header This header will be automaticaly added ee FFO1 250200080001 2503000801 25040000000003022502000225030001 250000 Output The accessed DEP Crypto Module was in the LOCKEDIOFF LINE mode Clear input Field Connected to 197 166 0 18 Port number 1000 Module number 1 Response time 0 sec If an error occurs during the transmission of the call the error message will be translated and showed in the output box Send a Call to the Selected DEP Crypto Module or Platform Pool f x Insert a Call to send without EDP Header This header will be automatically added daad FFO1 250200080001 2503000801 25040000000003022502000225030001 250000 Output The accessed DEP Crypto Module did not return a response within the maximum response time specified Clear inpu
37. 1a4e7423c54258d87c442aceab77ab55448f48b4340e47a48e65828 fd803e383b5eea3 6b25fe29fee23883305alafe7ac380fae85cebfcf8a29Ibaad39999Ffdd856f64e4906 8468e9159c4fddfaa8c9228937Tb3celad3d00eb4d0991F718997ch5deladse943ceeb6f04c5fac0Oldbed9c2 20 7ebec3498e3fclece2cObflbleb78d001lccbc8d575b521748747 Jabb2c6c360d8b21c40Fc839d23a5 07339c4cb76c3b651262b7b2344e23753a20122e91301299c8970eE63F7438232cTcbhalal08636Ff1ldc64 T4 280073027bdc3 bb417b2707915082b97ab62e220692057a01b17da579b22598a410ddeb249ab7efa 5Fd6134669Fc24Ffle36c9027338cbh92ed87F773273d41b4018da9e582248dda0b066d326d325fab9e49 98d60ba92Z26089l1lef2173aceaf3270dd6e3a9b9aaca0dd42076635e007d5eab7098afd7197ec8a3b7c 3 c15b99a95bd4df6a093cf14dc903e61444dqd8b3dqd80de8fd37445b8bac06d18c5e16f92b8f57e36c2acf2 67781fe2a73655736bc4c9349c2b7f3dele3a2fe28cf6921eb4552ce8b49cf37be0693a4e5619d8e8aa 9e6ff053746a39efb2dff05cb2a7c247a1c910bd344ccf242a900c872033c29abda8468efe291ald8ge3 le3ffcelc04dqd98f7ed06fcc47be5e3b567525f06a4b9dadabb9a6163756df42b5e3ac69bd53b41dalef 463 1355dd5706ddalf45lee35b8 52b21d49d05cdd2f1411069c86678cc0c38d4bfd3c7559e50adal0e 961l6alc69b6c9lbba3aa938448edcee9a3b0140543acEcfEdc03188ac2265b12de017c24dal2574611120 8 3601a5214c353d9b527c929eca0cc865feT7b7bfa3521546dd8538d4277 1d4cf 08ada995718e384dc 98674c5a78e9839ba551ebc59231dd653e913dd436ad05982048e780332d1lcdf9If3eb7e202000900010 00200 HST_RSP len 001027fe3001010f0700000000000000000000000032af000100020003e8b24afcda d5fd3613972 d03e4b8e41bf54ed
38. 1l2de4af4c0bbl02bfba26fd5a61f4b7731ab265bd16ceb3b379c80005080877c774 cdd2cbd54142f9ae9d9575p95ced099be64c02bf203cd6231becf902280a316qd92226c235dcdqd7a432f4 d6 lc6aef00e58ba60f6a2qd5169a34088c9de0fe54f6877qd190c 86128b67e8bb7bd4025de1981laddc0a c2d9a83634de5520ee3af63e908f729ce7fe4cd93ace2959d722e8e599af0fb0256e7dqd47ef4dqd2e085ef Atos Worldline Technology amp Products Engineering DEP Page 43 139 DEP NMS User Manual 04 04 Classification Public ec356cf2b3 739ce666d0031Fcc3e9cb6b7 767224ab6ab01260b448c333db40de2720d5e05a2795090241e8 3 c7b1520c5b6d862014F1a89185558122a75bD8650a8 44 F387 cfc05Ff3d2c6b8b7795786c348ede769b0b0 86ac24485535d582c2c96425e258alefl02b3ce3b25fd 40425f06abn3d4413ae27 6d538ec4 71b3 32b 0 38b2269238e19438432d00a7879b7 4bd50579aFfd9c926346dda7al3d0afbbc8c95649ad7b009acell 62c47d69fFfclf119daf09e6876F57b1a4e74230c54258d87c442aceab77ab55448f48b4340e47a48e65828 fd803e383b5eea3 6b25fe29fee23883305alafe7ac380fae85cebfcf8a29baad39999Ffdd856f64e4906 8468e9159c4fddfaa8c9228937Tb3celad3d00eb4d0991F718997ch5delase943ceb6f04c5fac0Oldbed9c2 20 T7ebec3498e3fclece2cO0bflbleb78d001lccbc8d575b521748747 Jabb2c6c360d8b21c40Fc839d23a5 07339c4cb76c3b651262b7b2344e23753a20122e91301299c8970eE63F7438232cTcbhalal08636Ff1ldc64 T4 280073027bdc3 bb417b2707915082b97a62e220692057a01b17da579b22598a410ddeb249ab7efa 5f d6134669fc24Ffle3s6c9027338cbh92ed87 E 773273d41b4018da9e582248dda0b066d326d325fab9e49 98d60ba92Z6089lef2173aeaf3270dd6e3a9b9aa
39. 2 Starting the Banksys Crypto Upgrade ranica 108 11 TOOLS cainin inna a scaeedeseneueces dewccadecseseodenceecs 116 L I GENERAL SETTINGS writs Seuss ceietee a a aa a Seanee 116 VAD A GUTOUUATIC VOT ES die EEEE 117 PED AVERT MONI EP aai E a E cats 117 Lha CZAD F resen cia et este ea sd E E E E 118 F JINIANAGINGPASS WORDS aerer a aa 118 FID24 Understanding security levels scine tnr a a a a 118 liz Entering a PGSSWOlO an T noe cae 120 Frad Mod YME APAS WOTA as E E E E eeae ees 21 11 3 TESTING LAN CONNECTION TO THE HOST ccccesccecsccscescescescescesceecees 122 11 4 SENDING A CALL TO A CRYPTO MODULE ceceeccececcscceccsccsceecesceecees 123 12 WORKING WITH PLUG INS eeeesesecesesecesececececcsecececeseoecseoeocococococococoeceoe 125 Iik ADDING PLUGIN oenn tra latenuanuar ian naentes 125 12 2 ORGANISING PLUG INS onieeieain a a aE 127 2 os USNO Fee INS ear nace esto ea tecavlec bratumonAttoundn aumtataauncnincntsenass 127 13 OBTAINING HELP ranns a sceactaaeiececaccuesds 129 13 1 CONSULTING THE ONLINE HELP ia 129 13 2 OBTAINING INFORMATION ON DEP NMS 0 0 oo ec cece eee eeceeccecceceeceecescesceecees 129 14 ANNEX A INSTALLATION PROCEDURE u cececcccccccccces 131 14 1 DEP NMS AND DEP EM INSTALLATION 0 cceceecescceceeccscescescesceecees 131 1410 1 Selecting the installation Tolder sses ne BAG BAO 132 141 2 Confirming TSI GQHON si Urs seweharanesied Osea iacanben cs vb
40. 225020003003c0001 TRACE DISABLED The first line of every trace file contains the current trace position 000005365 and the maximal length 000008192 of the trace file Both values are presented in bytes They are kept and used for internal management of the trace file especially for the cyclic property of the file When the trace facility wasn t stopped until after capture a trace file has the following layout TRACE CREATED 22 03 2007 13 33 43 348 status snd_host log 01 hst_msg_vers 0x30 serv_addr 0x01 int_msg_nr 0x00 arrival 0768374874 DEParture 0768374924 delta 0000000050 HST_CMD len 000017fe30010000F 0100010000051122334455 HST_RSP len 000006fe3001010000 22 03 2007 13 34 41 272 status snd_host log 01 hst_msg_vers 0x30 serv_addr 0x01 int_msg_nr 0x01 arrival 0768432837 DEParture 0768432848 delta 0000000011 HST_CMD len 000084fe30010000f 0125040000000003012502000e8b012508000018810004398927638200020 6658400038247 48 300038 7 34c0125090001012503000802250200022505000225030001250ea000125 000001250b00 HST_RSP len 000015fe30010100 f00225020003003c0001 The statements TRACE CREATED and TRACE DISABLED refer to the moments when the trace facility was started and stopped respectively Every record contains the information about a specific message exchanged between the host and DEP Platform the date 22 02 2000 and time 14 12 19 988 express the registration date of the trace record status snd_host indicates that the messa
41. 30d HEH If there is no ready DEP Crypto Module left during the loading process to proceed with the load operation the following error box appears and the load process is interrupted Atos Worldline Technology amp Products Engineering DEP DEP NMS User Manual 04 04 Page 57 139 Classification Public SSS t I 6 Loading application File error on selected rodulets There is no ready modules left After pressing the OK button the Application load report dialog appears with the total number of successful and failed DEP module s For each failed DEP module s there is a status line with the failure reason Application load report x Operation succeed on 0 DEP Modules Operation Failed on 1 DEP Modules Operation Failed on Platform a18 Module 2 Module is Unlocked When multiple DEP Crypto Modules have been selected but not all of them are ready to proceed with the loading operation during the loading process the Application load dialog box is expanded to show the status of the failed module s Application load x Loading application file per cc _ 30d HE At the end of the loading process the software certificate is verified If it is not a valid certificate the following error box will appear Q Loading application File error on module 1 of platform Platform symbolic name E_CMD_ERR_ACtFEOSO0F400 If the application was successfully loaded at least on one DEP Crypto Modul
42. 4 If you will try to add to the configuration a DEP Platform with a higher security level this results in security incompatibility The status bar of the Add platform dialog box will display an error message Add platform a x Symbolic name JdeptB print Name or IF address 22414237 Fort hoz Module 1 Module 27 Module ar Module 4 Search modules OF Cancel Apply Security Incompatibility Check the password of the Platform To realise authentication between the DEP NMS and the DEP Platforms select the Authentication function from the Passwords submenu PEP_ AMS and DEP_EM Configuration_files config2 che lodule Tools Flug Ins Help General Settings Passwords Authentication ki Sa orm ska Ping Send a all ked ep xp best 16 It allows you to define or modify the password used for authentication between DEP NMS and the DEP Platform for security The password is permanent if the DEP NMS application is restarted it is saved from this password Atos Worldline Technology amp Products Engineering DEP Page 120 139 DEP NMS User Manual 04 04 Classification Public 11 2 2 Entering a password With the Enter a password function you can provide the initial password needed for the authentication between the DEP NMS and the DEP Platforms that it is to manage Both entities must have the same password In the Enter password dialog box enter the password o
43. Cancel 8 7 RESETTING THE DEP PLATFORM OR ITS COMPONENTS You can use the functions in the Reset submenu to reset different components of the DEP Platform system The functions in the Reset submenu are ranked by increasing order of impact on the hardware of the DEP Platform Warning When the DEP Crypto Module is not in locked mode the following information message box will appear Atos Worldline Technology amp Products Engineering DEP Page 86 139 DEP NMS User Manual 04 04 Classification Public DEP MS xj hy P j The selected DEP Crypto Module is not locked would you like to send this reset command anyway co lel Ge i Status F3 Locking H Application i Ir Platform symbolic name 2 192 168 0 19 cfg Keys d EJ 192 166 0 19 Read DEP Information ia JModuei Diagnostics E Module 2 E Set DEP Battery On HEJ 192 168 0 20 DEP Parameters Set DEP Battery CFF E Module 1 Cloning communication ped ES Module 2 DEP ked E Module 3 Frmwvere Lpgradk DEF Alarm Processor ked EJ 192 168 022 Unlocked OFF 8 7 1 Managing the backup battery 8 7 1 1 Setting the DEP Battery On The Set DEP Battery On function connects the backup battery in the DEP Crypto Module When the battery is connected the DEP Crypto Module can retain memory contents when the main power is turned off Before the battery is actually set on you are prompted for confirmation DEP NMS Aft
44. Click Cancel to exit the wizard Installshield The Installing Sentinel SuperPro dialog box will appear where a progress bar combined with status information show how the installation moves on When all the files and data have been copied the InstallShield Wizard Completed dialog box will appear to notify you of a successful installation j Sentinel System Driver Installer 7 5 7 InstallShield Wizard InstallShield Wizard Completed The InstallShield Wizard has successfully installed Sentinel System Driver Installer 7 5 7 Click Finish to exit the wizard Click Finish to exit the installation procedure The hardware license USB dongle is now available for use Atos Worldline Technology amp Products Engineering DEP Page 138 139 DEP NMS User Manual 04 04 Classification Public 15 ANNEX B FUNCTION KEYS AND SHORTCUTS Opens the help file Gives the status of the selected DEP Platform Gives the status of the selected DEP Crypto Module Opens the audit trail F5 Refreshes all the content of the window applies to the main window globally and to the information on the E connections of a DEP Platform Platform Status Connections Module configuration Platform 16 ANNEX C AUDIT TRAIL OPERATIONS AND EVENTS Open save and save as of a configuration C ZAM DEP actions message from C ZAM DEP to DEP platform 1 DEP Crypto Module 2 Atos Worldline Technology amp Products Engineering DEP Page 139
45. DEP Crypto Modules of the selected DEP Platform However for doing so you must make sure that the DEP Crypto Modules have the capability CAP_STD_SET_RTC activated 7 1 4 7 Event Manager Event Manager tab sheet shows information concerning the event manager that is connected to the DEP Platform Atos Worldline Technology amp Products Engineering DEP Page 37 139 DEP NMS User Manual 04 04 Classification Public Platform status e o x Statys Connections Host protocol Application protocol Date Time Event manager Event Manager Value Name or IF address 172 18 12 90 Port number 1 65535 1002 Connected Connect to the DER EM The DEP Platform uses this information to send events information warning errors to the DEP EM application that will listen to the specified IP address and port If the fields are not filled in or no application is listening the events are kept locally The list of information is the following Parameter Meaning Event Manager name or Gives the address or name of the DEP EM IP address for the selected DEP Platform concerned DEP Platform connected to the DEP Platform To force the DEP Platform to connect to the Event Manager in case it is locked select the option Connect to the DEP EM and click OK or Apply Warning Do not use localhost as the value for the Name of the Event Manager because the information is sent to the platform and will be u
46. EP Platform pto Module Problem 192 168 0 22 Module 1 Unload the Master DMK DES Key Remove om tinue Now you can delete the DMK and continue the cloning process To stop the process and bring the DEP Crypto Modules in their previous status simply click the Cancel button 9 7 2 Customer Administrators authentication on Master and KAWL Checking The Customer Administrators must be authenticated in order to start a cloning process For more detailed information about how to authenticate the customer on Master DEP Crypto Module refer to the document DEP Customer s Security Officer s Guide Atos Worldline Technology amp Products Engineering DEP Page 101 139 DEP NMS User Manual 04 04 Classification Public Checking Modules Status 192 168 0 22 lodule Customer Administrators are not aut 192 168 0 22 Module 2 K_AWL is not loaded STC LE The following dialog is displayed when Customer Administrators are authenticated on the Master but K_AWLs are different or not loaded ch ecking Modules Status SI m E il oT CLE After doing required authentication the Continue button will be enabled Atos Worldline Technology amp Products Engineering DEP Page 102 139 DEP NMS User Manual 04 04 Classification Public Checking Modules Status x General information Number of selected DEP Crypto Module s 2 Number of ready DEP Crypto Module s 2 Number of not ready DEP Crypto M
47. F 172 24 14 237 Module Locked Good FFFFFFFF None None None OOORRODDOOOOONOO0 WD HMociule 2 Liniackad ood FRFFFFFFF None None eT E Module 3 Lintocked Good FRFFFFFF Mon None None EEEE EEEE T E Module 4 Uniocked Good FFFFFFFF None None None O00 OORNRESE391 EE The File menu contains a list of the last five configuration files that have been opened and or edited You can load a configuration file from that list by clicking it F DEP NMS C Program Files Banksys DEP_NMS and DEP _EM Configuration _files co File Edit wiew DEF Platform DEF Crypto Module Tools PlugIns Help Mew Ctrlt h Open Chrl 0 Open amp Merge Ctrl M Close Save Gtrl 5 Save S Program Files BanksysiDEP_NMS and DEP_EM Configuration_Files config6 chg C Program Files Banksys DEP_MMS and DEP_EM Configuration_Files configS cfg C Program Files Banksys 0EP_NMS and DEP_EM Configuration Filescontig4 cfg C Program Files Banksys DEP_MMS and DEP_EM Configuration Files contig3 cfg C Program Files BanksysiDEP_NMS and DEP_EM Configuration_Files confige cfg Exit Figure 7 3 5 EXIT To close the DEP NMS application click on the Exit command in the File menu Before the application actually closes the following operations may have to be performed If the user has locked some platforms or modules you have the opportunity to unlock them The Forced Unlock dialog box appears containing the list of the locked items Select the items that
48. Gives the Iso 10118 hash value on the key CV NORM Gives a check value of type norm on the corresponding key for symetrical keys known by the DEP Application Software else the field is filled in with Atos Worldline Technology amp Products Engineering DEP Page 76 139 DEP NMS User Manual 04 04 Classification Public DEP Information x keys Capabilities Counters Parameters 150 10118 2 Hash 04000000 EYBFO4 _0F 4004774651 B6FFCS46 0 04000100 A i 36619 785F5E46D0F299454F6135411 04000101 et R J PAF os9RGEEE 4251 60 S4BE945550EE O4000102 et R q E66 SOCEZES4ACS3406EF 4256994F 0 040001 0E et A R g 1220692 4EEDUB1CF22235C 4 6364 45 04150000 et R a FLSB33FB66315C 7566348760401 oF 04130100 a R E D401F401E072E04196110126C6E6 041350200 ci R ci S644 ESECOY25D2 6504010614865 041350300 ci R E E T 04130301 ci R E E rr 041350302 ci R B i82erRa oridnennenariadiagaaees 04150400 a z R E E E T 04130500 16 R m E 04130600 16 R cc EET 04130700 16 2 R B i Anaia 04130701 16 R B O rae cee a 04150702 16 R a S gt nai ansann 16 D E zl 4 Keys properties Values Kevlar 1932304F Total ee Active a Registered ae Deleted 14 Mot registered T The bottom part of the tab sheet provides global key information Gives the keymacs on all the keys Total Defines the total number of keys there are available in the list whether active or not r
49. Haachtsesteenweg 1442 1130 Brusse Is Belgium ATOS Worldline DEP Documentation DEP NMS User Manual Version 04 04 Classification Public Atos Worldline Technology amp Products Engineering DEP Page 2 139 DEP NMS User Manual 04 04 Classification Public Version Management Report modification of wizard images Modification in the versioning new disclaimer 03 01 David LHEUREUX 08 03 2007 Adjust to version 2 5 of DEP NMS 03 02 David LHEUREUX 05 04 2007 After internal review Adjust to version 2 7 of DEP NMS 03 03 2007 03 04 Energize Global Services 03 03 2009 Multi aa RE description 03 05 David Lheureux 01 04 2009 Review S description DEP NMS version 3 x 04 01 Anna Papayan 21 12 2010 BIOS Reflash and Banksys Crypto upgrade added 04 02 Anna Papayan 14 01 2011 04 03 Anna Papayan 19 07 2011 Software Cloning support the information only for DEP NMS user is kept Referenced to DEP Software Cloning Guide document E a E Atos Worldline Technology amp Products Engineering DEP Page 3 139 DEP NMS User Manual 04 04 Classification Public CONFIDENTIALITY The information in this document is confidential and shall not be disclosed to any third party in whole or in part without the prior written consent of Atos Worldline S A N V COPYRIGHT The information in this document is subject to change without notice and shall not be construed as a commitment by Atos Worldline S A N
50. LING THE APPLICATION este su seusiec de cccsnitisuetusiedea bed cecouseusten sumewcetsustuvedeubecoeds 12 32 STARTING eaaa a da Neha ca ie et aa dato 12 3 3 PERFORMING INITIAL CONFIGURATION ccccccecececcccccececescscscecesescecececeececs 12 3 4 RESTARTING WITH CONFIGURATION DEFINED cccececececcccscececescscececeseecs 14 Bie VET canteen nites rel ae et lacs eee enol enema lebiea aia leac taht eee ese a e 14 4 HANDLING CONFIGURATION FILES cccescccccccccccccccccccces 16 4 1 CREATING A NEW FILE ccceccccecccecccccescececcsceceececescscesescesescesescesescecsesceees 16 42 OPENING AN EXISTING CONFIGURATION FILE scescecescsceccsceccscecesceceececeees 16 4 3 OPENING AND MERGING FILE cccsceccececcececcecececcecescecescscesescecescecescecesesceses 17 4 4 CLOSING ATI P ered nane dt eee tose OTA E S EE es 18 4 5 SAVING A CONFIGURA TION scott he teeter che Acosta oho teresa tenet 19 5 PROVIDING PLATFORM INFORMATION ccccccccccccccccccccces 20 Jde lt cADDING A PLATFORM kok ieee ie ee ee eee 20 oy ee TQ CHET yine TE platora aE EE TER 20 E Seleen E Cry PIO MOAUICS rora ZI 5 1 3 Updating the configuration yxniss scsiuecisteo cr E cr sueiydeciatss 22 5 2 MODIFYING PLATFORM INFORMATION ccccsceccsceccsceccccecscsceccececescececeeceses 22 5 3 DELETING A PLATFORM FROM THE CONFIGURATION sceccsceccsceccsceceececees 22 54 PLATFORMS ORDER cua
51. MS Sending DEP parameters to DEP error on module 3 of platform Test_Platform OO00F1020010000300050004140300 Missing key or cap In addition to that the first wrong parameter is displayed in red and bold the following parameter that has not yet been sent to DEP are in red only Atos Worldline Technology amp Products Engineering DEP Page 93 139 DEP NMS User Manual 04 04 Classification Public Values System 07000000 kKeymac Slice 1 Minimum instance System OFO00100 DEP Name DEP NAME HERE Maximum instance 07140000 Iep Key ID 400 Unit 7l40001 Iep Key ID 300 Type 07140100 Iep Sd ID E Format 7i40z200 Iep App Ins Minimum value OF1E0000 IBM3624 Dec Thl Maximum value 07210000 Basement aid 07210100 5d aid 07210200 Dec key Use Lim 07210300 5M Algo 07210400 Perso aid Backup Restore Add instance Del instance Cancel Apply 8 8 4 Backing up parameters The Backup button stores the parameter values available in the DEP Crypto Module into a backup file on the DEP NMS When this function is executed a Save As dialog box appears where you have to supply the name of the backup file File name BackupParameters tel Save as Ippe Jest File txt Cancel By default the backup file is stored in the Data_files subfolder with path C Documents and Settings USER Atos Worldline DEP_NMS and DEP_EM for Windows 2000 and Windows XP and c Users USER Atos Worldline DEP_NMS and
52. Mone The following fields will be updated e Software displays the name and version number of the application loaded e Keymac initialized with OO 00 00 OO e Mode e Authority e Serial Number displays the serial number of the DEP Crypto Module 8 3 2 Ending an application Select the End function from the Application submenu or click the A icon on the toolbar to stop application software on the DEP Crypto Module Atos Worldline Technology amp Products Engineering DEP Page 59 139 DEP NMS User Manual 04 04 Classification Public Warning You must lock the DEP Crypto Module before executing this Operation Ending the application software on DEP Crypto Module can only be done if e there is a application software already loaded on DEP Crypto Module e the CAP_STD_SW_LOAD capability is available in the DEP Crypto Module If not a warning box will appear This last condition is no more available for DEP Application Software released from April 24 2008 You are prompted for confirmation before the application is actually stopped Once the application is stopped the information concerning the selected DEP Crypto Module in the main window is updated T DEP NMS C 192 166 0 15 chg File Edit wiew DEF Platform DEP Crypto Module Tools PlugIns Help Lane ae pie REAP Platform symbolic name i Platform s Trace Stat TCP IP addr j Status Cloning Status Software 2 192 168 0 19 cfg m4 192
53. S and DEP_EM Configuration_Files config6 chg C Program Files Banksys DEP_MMS and DEP_EM Configuration_FilesconfigS cfg C Program Files Banksys 0EP_NMS and DEP_EM Configuration_Filesconfig4 cfg C Program Files Banksys DEP_ NMS and DEP_EM Configuration _filesconfig3 cfg Program Files Banksys DEP_NMS and DEP_EM Configuration Files configz chg Exit The Open dialog box appears with a list of the available DEP NMS configuration files from which you can choose the appropriate one If you have modified the current configuration you will be prompted to save the changes before the new configuration opens Depending on the size and the complexity of the configuration loading the file may take a few moments Progress is shown on the Open configuration file message box Open configuration file If the chosen file is not a valid DEP NMS configuration file an error box appears to inform that the configuration file is corrupted DEP NMS x The file D T estConfig4 ctg i corrupted 4 3 OPENING AND MERGING FILE The DEP NMS application allows to open and merge the configuration files To open and merge a configuration file use the Open amp Merge function from the File menu or use the equivalent Ct r1 M keyboard shortcut Atos Worldline Technology amp Products Engineering DEP DEP NMS User Manual 04 04 File Edit View DEP Platform DEP Crypto Module Tools PlugIns Help New Open Open amp Merge Close
54. Upgrade Banksys Crypto operation consists of checking the following conditions e ifthe version of DEP Crypto Module is DEP PCI V4 e ifthe Application Software is loaded in DEP Crypto Module e if the loaded DEP Application Software supports the Banksys Crypto upgrade functionality check the availability of ISTD_FW_UPDATE interface in DEP Application software e if the CAP_ STD _FW_UPDATE capability is loaded in the DEP Crypto Module For detailed information on how to load the capability refer to the DEP C ZAM DEP User Manual e if the DEP Crypto Module s is upgraded to CUST authority level If one of those conditions is not fulfilled an information dialog box see below will appear with the list of actions that user should take to bring the DEP Crypto Modules to Ready state For example if some of the selected DEP Crypto Modules don t have CAP_STD_FW_UPDATE capability loaded or the loaded Application Software doesn t support the Banksys Crypto upgrade functionality the following problems will occur Atos Worldline Technology amp Products Engineering DEP Page 112 139 DEP NMS User Manual 04 04 Classification Public Checking Modules Status x General information Mumber of selected DEP Crypto Modules 2 Number of ready DEP Crypto Modulets 0 Mumber of not ready DEP Crypto Modulefsi 2 Problems information DEP Platform Crypto Module Problem 197 168 0 19 Module 1 COP STO Fw UPDATE capability is n
55. V The content of this document including but not limited to trademarks designs logos text images 1s the property of Atos Worldline S A N V and is protected by the Belgian Act of 30 06 1994 related to author s right and by the other applicable Acts The contents of this document must not be reproduced in any form whatsoever by or on behalf of third parties without the prior written consent of Atos Worldline S A N V Except with respect to the limited license to download and print certain material from this document for non commercial and personal use only nothing contained in this document shall grant any license or right to use any of Atos Worldline S A N V s proprietary material LEGAL DISCLAIMER While Atos Worldline S A N V has made every attempt to ensure that the information contained in this document is correct Atos Worldline S A N V does not provide any legal or commercial warranty on the document that is described in this specification The technology is thus provided as is without warranties of any kind expressed or implied included those of merchantability and fitness for a particular purpose Atos Worldline S A N V does not warrant or assume any legal liability or responsibility for the accuracy completeness or usefulness of any information product or process disclosed To the fullest extent permitted under applicable law neither Atos Worldline S A N V nor its affiliates directors employees an
56. _msg_nr 0x01 arrival 0768432837 departure 0768432848 delta 0000000011 HST_CMD len 000084 HST_RSP len 000015 TRACE DISABLED 7 4 MANAGING STATISTICS The DEP Platform can record statistics about the messages exchanged between the DEP Platform and the hosts Atos Worldline Technology amp Products Engineering DEP Page 44 139 DEP NMS User Manual 04 04 Classification Public If you want to use this feature you have to manually start the utility as it is disabled by default yE DEP NMS C Program Files Banksys DEP_NMS and DEP_EM Co File Edit View Dep Platform Dep Crypto Module Tools Plugins Help Dae eo Status FZ BAP Platform symbolic Locking d Platform status Trace Statistics config cfg Trace m E BS Module 1 Stop 8 Module 2 set Statistics 4 dep t print Le Unlocked On GFF BS Module i The Statistics menu contains the following functions e Start e Stop e Get Statistics Before you can consult the statistics a statistics report must be written on the DEP Platform first 7 4 1 Starting the statistics utility Use the function Start when you want to include all the messages exchanged between DEP NT and hosts in the statistics Only messages exchanged after the start of the utility are included in the statistics In the main window of DEP NMS the status of the statistics facility of the selected DEP Platform is switched to On 7 4 2 Stop the statistics utility
57. ability Merge Backups Wizard Select the first key backup file to restore it is a backup file under DME Open file Atos Worldline Technology amp Products Engineering DEP Page 71 139 DEP NMS User Manual 04 04 Classification Public When you press the Open file button the Open dialog box will appear where you have to select the appropriate file Backup 2 dat New Backup dat File name Backup_1 dat Files of type Dat File dat Cancel When the file has been restored you are prompted to load the CAP_STD_MERGE_BACKUP capability Merge Backups Wizard E a x Load the capability LAF_STO_MERGE_BACKUF into the DEF Crypto Module by CAAM DEP If it is not entered a warning box appears prompting you to do so Merge Backups Wizard Select a key backup file to merge it it a backup file under OME Open file Atos Worldline Technology amp Products Engineering DEP Page 72 139 DEP NMS User Manual 04 04 Classification Public File name Backup_2 dat Files of type Dat File dat Cancel If you want to merge additional backup files you need to repeat this step for each file that you want to merge Merge Backups Wizard e x Repeat the preceeding operation if vou want to merge ather backup files into the DEP Crypto Module Finally the wizard prompts you to erase the capabilities that you used to carry out the merge Click Finis
58. aded a check value over the cryptographic keys Keymac is also verified When you select this function one of the two dialog boxes appears with the following information DEP self test Properties Values DES chip model RSA chip model Mainboard model Actual key MAT Reference KeyMac Current problem DEP self test PIIMENB PoCiod PIINENB PLC201 02 4 DEP PCI 19 32 30 4F 19 32 30 4F Mone Froperties Values Cryptographic chip model Family version Hardware wersion Micro code version FIFO version Mainboard model Actual key MAC Reference KeyMac Current problem Banksys Crypto ogg 0064 0011 42 09 DEP PCI Mok available Nok available Mone e DES Chip mode Indicates the type of the DES chip available RSA Chip model Gives the type of the RSA chip available Cryptographic chip model Gives the type of the cryptographic chip and all the version information family hardware micro code FIFO Main Board model Indicates the release of the main board Actual KeyMAC Represents the current cryptographic check value Atos Worldline Technology amp Products Engineering DEP Page 83 139 DEP NMS User Manual 04 04 Classification Public Reference KeyMAC Is calculated automatically after a key has been loaded Current Problems Gives a text description of the current problem if any The Save button allows you to store the information in a file In the Save As dialog
59. and click on the Unset Master option Atos Worldline Technology amp Products Engineering DEP Page 97 139 DEP NMS User Manual 04 04 Classification Public DEP NMS C 192 168 0 19 cfg File Edit View DEP Platform DEP Crypto Module Tools PlugIns Help lard ol eel wie SB RAP P Platform symbolic name i Platforms Trace Statistics TCPYIP addr j Statys 2 192 168 0 19 cfg my 192 168 0 19 Unlocked On OFF 192 166 0 19 E Module 1 Locked Good Mot Set _jModuie2 F3 E 192 166 0 20 y Unlocked Lacking p 20 IBY 192 166 0 22 Unlocked Application p 22 keys Read DEP Information Diagnostics Reset DEP Parameters Fi U 4 3 Unset Master irmware rade ms Reset Master iglane Set as Clone Unset alone Start Gloning Process Unselect All After the Master is unset the Cloning Status will turn into Not Set The background of the DEP Crypto Module line returns to the DEP Crypto Module line usual colour 9 4 SETTING AS CLONE To set a DEP Crypto Module as a Clone candidate right click on appropriate DEP Crypto Module or if you want to set several DEP Crypto Modules as Clone candidates in the same time press Ctrl or Shift and hold it while selecting appropriate DEP Crypto Modules and then right click on any DEP Crypto Module choose Cloning and then click on the Set as Clone option Also you can set the DEP Crypto Modules as Clone from general menu Select the DEP Crypto Modules yo
60. ard Windows events the window presents the logging of e actions on the DEP NMS itself DEP_NMS Log e any kind of warnings errors alarms that occurred DEP_NMS_EM Log alo xi Atin yew e Om ef 2 ge Tree DEP_NMS Log 2 447 event s a Event Viewer Local t Application Log Error 2 11 2004 13 36 35 DEP_NMS None 3 N A PC DPO262 Security Log Error 2 11 2004 13 36 33 DEP_NMS None 3 N A PC DP0262 8 System Log 4 Information 2 11 2004 13 36 02 DEP_NMS None 1 N A PC DP0262 DEP_NMS Log 4 information 2 11 2004 13 35 48 DEP_NMS None 1 NJA PC DP0262 1 DEP_NMS_EM Log A information 2 11 2004 13 35 48 DEP_NMS None 1 NJA PC DP0262 D information 2 11 2004 13 35 48 DEP_NMS None 1 NJA PC DP0262 A information 2 11 2004 13 35 48 DEP_NMS None i N A PC DPO262 2 11 2004 13 35 48 In the Event Viewer Local tree there are two entries related to DEP NMS e DEP NMS Log which refers to the events that remain on the PC where the DEP NMS application is running e DEP_NMS_EM Log which refers to the events that are to be transmitted via TCP IP to the PC where the DEP EM application is running For every event the following bits of information are recorded in the event log file of the PC where the DEP NMS application is running e date and time of the event or the operation e source of the event or the operation DEP NMS e type of the event information warning error e description short explanation of the event
61. are 2 3 DEP NMS LOCAL When the DEP NMS application is started on a DEP XP platform the local platform is automatically detected and appears in the platform list on the general window Atos Worldline Technology amp Products Engineering DEP Page 11 139 DEP NMS User Manual 04 04 Classification Public DEP NMS Local DEP XP Platform 3 Fie Edt View Dep Platform Dep Crypto Module Toots Plog Ins Help Soh e s eip ew AP o Platform symbolic name Seauwity Platform stabus Trace Statistics TCP IP address or nae New configuration SHEJ Local DEP JYP Platform RG 127 0 0 1 EF Modu 1 E Module 2 Unlocked On Off Figure 3 This version has limited functionality to avoid performance deterioration of the DEP platform The limitations are the following e Only the local platform can be managed e The commands in the File except Exit and Edit menus are disabled DEP NMS Local DEP P Platform DEP NMS Local DEP XP Platform File Edit view DEP Platform DEP Crypto Module Te File Edit View DEP Platform DEP Crypto Module Hew Cort E dd F7 Open Chita lt lt lt lt lt ijodify FE Open amp Merge Ctrl M reiia symbolic na Delete Del Platform ste Glose IE a Unlocked WA Local DEP Order Unlocked Save Ch 5 HM na da oa Save S Exit Figure 4 Atos Worldline Technology amp Products En
62. at was actually detected e general information about the alarm board in the bottom part of the sheet Hardware gives the identification and version of the hardware alarm board Software gives the name and the release version of the alarm software Max Length of the event file gives the maximum length of the event log list The Event Log tab sheet contains a sequential overview of the alarm events that have been detected with the type of alarm all events are listed sequentially Atos Worldline Technology amp Products Engineering DEP Page 85 139 DEP NMS User Manual 04 04 Classification Public Alarm Information E x Counters Event log Event 1 Main Power Off Event 2 Main Power On Event 3 Main Power Off Event 4 Main Power Off Event 5 Main Power On Event 6 Main Power Off Event 3 Main Power On Event 8 Main Power Off Event 9 Main Power On Event 10 Main Power OFF Event 11 Main Power On Event 12 Main Power OFF Event 13 Main Power On Event 14 Main Power OFF Event 15 Main Power On Event 16 Main Power OFF Event 1 Main Power OFF Save Cancel Apply The Save button allows you to store the information in a file In the Save As dialog box you have to supply the name of the file E zjx Gave in E Data files e o B DEPInfo txt modulesconfiguration txt Statistics txt Trace txt File name ReadAlarminto tet save az type ftt File tet
63. atus window and supply the name of the destination file in the Save As dialog box The filename presented by default 1s e PlatformConfiguration txt if status data is saved for the first time e the name of the status file that was last used if status data has already been saved 2 modulesconfiguration txt Statistics txt Trace txt File name Platform Configuration ts Save as type tet File txt Cancel If the file already exists DEP NMS requests confirmation to overwrite it By default the status files are saved in the Data_files subfolder with path C Documents and Settings USER Atos Worldline DEP_NMS and DEP_EM for Windows 2000 and Windows XP and c Users USER Atos Worldline DEP_NMS and DEP_EM for Windows Vista and Windows 7 respectively 7 1 4 Modifying parameters In addition to presenting the status information the Platform status window also lets you change certain parameters Depending on the button that you press the application behaves in a different way e OK all data are updated for the selected DEP platform and the dialog box closes e Apply all data are updated for the selected platform but the dialog box does not close e Cancel data are not modified and the dialog box closes Atos Worldline Technology amp Products Engineering DEP Page 31 139 DEP NMS User Manual 04 04 Classification Public Remark When the platform is unlocked it is not
64. box you have to specify the name of the file x cave in Data_files de FE ci Ee DEPInfo tt modulesconfiguration txt Statistics txt Trace byxt File name Deps eliT est tel Save as type tet File txt Cancel 8 6 4 Verifying the Keymac The function Verify Keymac allows you to verify the Keymac of the DEP Crypto Module The Keymac is evaluated and compared with the Reference Keymac An information box reports the result of the verification DEP NMS 8 6 5 Reading DEP Alarm Information The function Read DEP Alarm Information from the Diagnostics submenu reports the status of the alarm processor and the logging information related to it When you have selected this function the Alarm Information dialog box appears Atos Worldline Technology amp Products Engineering DEP Page 84 139 DEP NMS User Manual 04 04 Classification Public Alarm Information x Counters Event log Intrusion T Mo Removal 0 Mo Temperature T Mo PIC 0 MHo RAM 0 MHo Motion T MHo Battery T MD cc OFF 17 MHO Spuriogs T MD Properties values Hardware P89CSIRCFH Software ALARM 2 2c Max Length of the Event file 128 Save Cancel Apply The Counters tab sheet consists of two parts e alist of possible alarms in the top part of the sheet It presents the name of the alarm the number of times the alarm was detected by the alarm processor and the type of alarm th
65. c348ede769b0b0 86ac24485535q582c2c96425e258alef102b3ce3b25fqdf40425f06ab3d4413ae276q538ec4f71b3f32b 0 3862269238e19438432d00a7879b74bd50579aFfd9c926346dda7al3d0afbbc8c95649ad7b009acell 62c47d69fclf119daf09e6876F 57b1a4e7423c54258d87c442aceab77ab55448F48b4340e47a48e65828 fd803e383b5eea3 6b25fe29fee23883305alafel7ac380fae85ceb6fcf8a2I9baad3 9999Fdd856f64e4906 8468e9159c4fddfaa8c922893 7b3eelad3d00eb4d0991f718997chdeladbe943ee6f04c5fac0ldbed9c2 20 7ebec3498e3fclece2c0bflibleb78d001lccbc8d575b521748747 Jaeb2c 6c360d8b21c40fc839d23a5 d7339c4cb76c3b651262b7b2344e23753a20122e91301299c897T0e63 F743 8232cTcboalval08636f1dco64 74 28007302 7bdc3fbb4176b2707915082b97a62e220692057a01b17da579b22598a410ddeb249ab efa 5 d6134669fc24f1e36c9027338cb92ed87 773273d41b4018da9e582248dda0b066d326d325fab9e49 98do60ba9260891lef2173aeaf3270ddb6e3a9b9aacaN0dd42076635e007d5eab7098afd7197ec8a3b7cf3 cl5b99a95bd4dfea093cf14dc903e61444d8b3d80de8fd37445b8bac06d18chelb6f92b8FE57e36c2Zacf2 67781f e2a73655736bc4 The tracing is allowed only when CAP_STD_TRACE capability is activated in the DEP Crypto Module s of the DEP In this case the trace file looks as follows 000000690 001048576 TRACE CREATED 22 03 2007 13 33 43 348 status snd_host log 00 hst_msg_vers 0x30 serv_addr 0x01 int_msg_nr 0x00 arrival 0768374874 departure 0768374924 delta 0000000050 HST_CMD len 000017 HST_RSP len 000006 22 03 2007 13 34 41 272 status snd_host log 00 hst_msg_vers 0x30 serv_addr 0x01 int
66. ca0dd42076635e007d5eab7098afd7197ec8a3b7c 3 c15b99a95bd4df6a093cf14dc903e61444dqd8b3dqd80de8fd37445b8bac06d18c5e16f92b8f57e36c2acf2 67781fe2a73655736bc4c9349c2b7f3dele3a2fe28cf6921eb4552ce8b49cf37be0693a4e5619d8e8aa 9e6ff053746a39efb2dff05cb2a7c247a1c910bd344ccf242a900c872033c29abda8468efe291ald8ge3 l1e3ffcelc04dqd98f7ed06fcc47be5e3b567525f06a4b9dadabb9a6163756df42b5e3ac69bd53b41dalef 463 1355dd5706ddalf45lee35b8 52b21d49d05cdd2f1411069c86678cc0c38d4bfd3c7559e50ada0e 961l6alc69b6c9lbba3aa938448edcee9a3b0140543acEcfEdc03188ac2265b12de017c24dal2574611120 8 3601a5214c353d9b527c929eca0cc865feT7bi bfa3521546dd8538d4277f1d4cf08ada995718e384dc 98674c5a78e9839ba551ebc59231dd653e913dd436ad05982048e780332d1lcdf9If3eb7e2 TRACE DISABLED 258 183 status snd_host log 01 hst_msg_vers 0x30 serv_addr 0x01 int_msg_nr 0x3d arrival 0769949719 DEParture 0769949759 delta 0000000040 HST_CMD len 001035fe3001000 0500000000000000000000000032 f 5 0100010003e8b24afcd d5fd3613972 d03e4b8e41bf54ed12de4af4c0bb102bfba26fd5a61f4b7731ab265bd1l6ceb3b379c80005080877c774 cdd2cbd54142f9ae9d9575b95ced099be64c02bf203cd6231becf902280a316q92226c235dcd7a432f4 d6lc6aef00e58ba60f6a2dqd5169a34088c9de0fe54f6877q190cf86128b67e8bb7bd4025de1981addc0a c2d9a83634de5520ee3af63e908f729ce7fe4cd93ace2959dqd722e8e599af0fb 0256e7dqd47ef4d2e085ef ec356cf2b3f739ce666qd0031fcc3e9c6b767224a6ab01260b448c333db40de272qd5e05a2795090241e8 3c7b1520c5b6d862014f1a89185558122a75b8650a844 87cfc05f3d2c6b8b7795786
67. ction from open until close Received Total number of messages received via the connection from open until close Start time Start date time of connection Atos Worldline Technology amp Products Engineering DEP Page 32 139 DEP NMS User Manual 04 04 Classification Public End time End date time of connection this information is only present for old connections open connections have the symbol printed Remarks 1 The connections shown are only those for the host not the one or those opened by DEP NMS 2 If the platform works in PDP this will lead to an empty list With the Refresh button or with the corresponding function key F5 you can perform a manual refresh of the contents of the lists 7 1 4 2 Host Protocol On the Host protocol tab sheet you can define the host protocol and set its parameters used for communication between the hosts and the DEP Platform Warning The DEP Platform must be locked for this operation Two different protocols are available e PDP e TCP IP Refer to the section below for detailed information about both protocols Platform status Read only se X Application protocol Date Time Event manager Status Connections Host protocol TCP Name resolving Alive ra Application message type LSBFirst Application message length D4 Fort number 1 65535 1000 Int 5 3600 sec 5 Time 2 120 min z Communicatio
68. cts Engineering DEP Page 90 139 DEP NMS User Manual 04 04 Classification Public parameter and are defined in the application software Identifies the type of the DEP parameter Identifies a one byte DEP parameter and should be entered as two characters in the Value field 00 FF or 00 99 depending on the format and the allowed value interval Identifies a two byte DEP parameter and should be entered as four characters in the Value field 0000 FFFF or 0000 9999 depending on the format and the allowed value interval Identifies a four byte DEP parameter and should be entered as eight characters in the Value field 00000000 FFFFFFFF or 00000000 99999999 depending on the format HEX DEC and the allowed value interval Identifies a DEP parameter as an array with an even number of nibbles hexa decimal digits 0 F or 0 9 depending on the format the length of the array depends on the VL VL property Identifies a DEP Parameter as a text string of ASCII characters the length of the text depends on the VL VL property Format Identifies the required format of the DEP parameter during introduction of the value NONE The format is not applicable for DEP parameters of type string DEC The DEP Parameter should be entered as a decimal value 0 9 HEX DEP Parameter should be entered as a hexadecimal value 0 F If you have performed an operation on any of the parameters modify add an instance you can proceed in diffe
69. d agents shall be liable to any party for any damages that might result from the use of the technology as described in this document including without limitation direct indirect incidental special consequential and punitive damages lost profits JURISDICTION AND APPLICABLE LAW These terms shall be governed by and construed in accordance with the laws of Belgium You irrevocably consent to the jurisdiction of the courts located in Brussels for any action arising from or related to the use of this document sa Atos Worldline nv Chauss e de Haecht 1442 Haachtsesteenweg B 1130 Bruxelles Brussel Belgium RPM RPR Bruxelles Brussel TVA BTW BE 0418 547 872 Atos Worldline Technology amp Products Engineering DEP Page 4 139 TABLE OF CONTENTS MENGE UC BN aca esdiscic scaricare deta ceca sasecetedcaaaiot succes ce NEA 1 1 SCOPE OF THE DOCUMEN T aniria a A 8 Meo RELATED DOCUMENTATION ocesctote cn tohetcietee eons O 8 1 3 CONTACTING ATOS WORLDLINE cccescscecccceccececcscecscsccescsceseececescecescececes 8 2 DEP NMS FIELDS OF APPLICA TION cccecscccccccccccccccccccccscces 9 Fm Weems ey A 64 Feo ad id bt erent nee cece onan Saves Ee eTT Oe tee ne TCA Se mtn ae eee ee a Ome 9 Dee NOE INVES BE teres tect a at estes tise ean etaantamee a ecas cement 10 Dds DEP NMS LOCA rocna an cw sara see esate ead ese sieeteeeoeeets 10 3 SGETEENG S PAR DED oneri aaa aaa EE aAa Sini 12 3 1 INSTAL
70. dow To select the DEP Platform click on the line with appropriate DEP Platform The functions that you can apply to a platform can be accessed in any of the following ways e via the DEP platform menu e via the context menu that opens when you right click the platform e via an icon on the toolbar e via a shortcut key refer to ANNEX B Function keys and shortcuts on page 138 In the table presented on the DEP NMS main window the information related to the DEP platforms is in the columns entitled e Security e Platform status e Trace e Statistics e TCP IP address or name 7 1 HANDLING PLATFORM STATUS INFORMATION 7 1 1 Requesting status information To open the DEP Platform s status information dialog box select the appropriate DEP Platform and choose Status item from DEP Platform menu or press the F2 function key The Platform Status window appears comprising multiple tab sheets each providing information and or parameters related to a specific aspect Atos Worldline Technology amp Products Engineering DEP Page 29 139 DEP NMS User Manual 04 04 Classification Public Platform status Read only Application protocal Date Time Event manager Status Connections Host protocol Mame localhost Symbolic name Local DEP P Platform Address 127 0 0 1 Port 1001 Status Unlocked Trace GFF Statistics GFF Total opened connections D Total messages sent ble Total messages received 6713 Number of
71. e s status information dialog box select the appropriate DEP Crypto Module and choose Status item from DEP Crypto Module menu or press the F3 function key The Module Status window appears presenting a tab sheet for each managed DEP Crypto Module Module status Read only X Module 1 Module 2 Host messages W Pool messages W Auto recovery period 0 or 3000 65535 msec 15000 Max response time 5000 3600000 msec 5010 PC Date date not yet set 03 10 2005 PC Time hime nok yet set 09 13 12 Message selection algorithm First in f First out Defaults Read only settings Locking Unlocked Statys Good Keymac Fes_9144 Alarm status OK Battery status Connected Serial number 000100000812C848EF Software active Application Software boot DEP_BOOT 12c Software alarm ALARM 2 2c Software application EMVeO00 224 Configuration mode Test Configuration authority Customer Keys 6 Capabilities 10 Customer ID O00 01 Save OK Cancel Apply Atos Worldline Technology amp Products Engineering DEP Page 48 139 DEP NMS User Manual 04 04 Classification Public 8 1 2 Interpreting module status information The Module Status window contains the Configuration settings and Read only settings of DEP Crypto Module The table below gives an overview of the read only settings and their meanings Indicates whether the DEP Crypto Module is locked locked by another user or unlocked Indicat
72. e successfully it starts automatically Atos Worldline Technology amp Products Engineering DEP Page 58 139 DEP NMS User Manual 04 04 Classification Public Application load Cancel If a DEP Crypto Module fails during the loading process the Application load report dialog will appear showing the total successful and failed DEP Crypto Module s For each failed DEP module there is status line with failure reason Application load report q x Operation succeed on 1 DEF Modules Operation Failed on 1 DEP Modules Operation Failed on Platform al8 Module 2 Module is Unlocked In the DEP NMS main window information concerning the selected DEP Crypto Module s is automatically refreshed AE DEP NMS C 192 168 0 19 cfg File Edit wiew DEF Platform DEF Crypto Module Tools PlugIns Help Daehn a ee Sip BSAAP P Platform symbolic name i Platform s Trace Stat TCP IP addr j Status Cloning Status Software 192 165 0 19 cfg m4 192 168 0 19 9 Unlocked On OFF 192 168 0 19 Moas A O CS Teod ES Module 2 Locked Good Mot Set oooooo0o BANK 58a my 192 165 0 20 Unlocked GFF GFF 192 168 0 20 ES Module 1 Locked Good Not Available FFFFFFFF Mone BS Module 2 Locked Good Not Available FFFFFFFF Mone ES Module 3 Locked Good Not Available FFFFFFFF Mone my 192 165 0 22 Unlocked GFF OFF 192 166 0 22 ES Module 1 Locked Good Not Available FFFFFFFF None BS Module 2 Locked Good Mot Sek FFFFFFFF
73. e you only have to fill in the current password Modify password HCK x Password a Rt i he th New password Confirm new password 11 3 TESTING LAN CONNECTION TO THE HOST If you want to test the LAN connection between the DEP Platform and its hosts select the Ping function from the Tools menu The Packet Internet Groper Ping dialog box will appear Enter the IP address or the host name in JP address or name field and click Ping to start the test Packet Internet Groper Ping a E x IP address or name ae The feedback and the outcome of the test appear in the status bar at the bottom of the box The screenshots below illustrate the kind of information that can be appear in the status bar Packet Internet Groper Ping a X IP address or name 172 18 12 176 i Cancel Platform dep ont pst is pinging machine 172 18 12 176 Packet Internet Groper Ping IP address or name 172 168 155 63 i Cancel Reply OK Atos Worldline Technology amp Products Engineering DEP Page 123 139 DEP NMS User Manual 04 04 Classification Public Packet Internet Groper Ping E e x IP address or name 172 18 11 31 Cancel Reply WOT OK Be aware that this host may be on another network than the one of the PC where the DEP NMS application is running via the gateway 11 4 SENDING A CALL TO A CRYPTO MODULE From within DEP NMS you can send a specific call to
74. e 82 Atos Worldline Technology amp Products Engineering DEP Page 116 139 DEP NMS User Manual 04 04 Classification Public 11 TOOLS The Tools menu contains following items General Settings Passwords Ping Send a Call 5 DEP AMS and DEP_EM Configuration_files pto Module Tools Flug Ins Help A ae ia General Settings Passwords b Platform ska CPF address Ping Send a Gall Unlocked ep xp test 1 11 1 GENERAL SETTINGS To establish the automatic refresh event manager and C ZAM DEP connection settings select the General Settings item from Tools menu The following dialog box will appear General Settings x Automatic refresh Active v Interval refresh 60 10 sec 3600 sec Event Manager IP Address or Name 1 2 18 14 90 Port i002 1 65535 C ZAMI DEP Active Port com l x Not initialized Cancel Apply It presents 3 groups of settings related to e Automatic refresh e Event Manager e C ZAM DEP The data are stored in the file DEP_NMS INT The dialog box presents three buttons Atos Worldline Technology amp Products Engineering DEP Page 117 139 DEP NMS User Manual 04 04 Classification Public e Cancel configuration is not modification and the window is closed e Apply updates the properties of the DEP NMS without closing the window e OK updates the properties of the DEP NMS and closes the window 11 1 1 Automatic
75. e or more DEP Crypto Modules Operation can be done on each DEP Crypto Module sequentially or on different DEP Crypto Modules of one or several DEP Platforms simultaneously Select the Load function from the Application submenu or click the 53 icon on the toolbar to load dedicated Application Software in selected DEP Crypto Module s Warnings You must lock the DEP Crypto Module s before executing this operation Simultaneous Application load operation for multiple selected DEP Crypto Modules is possible on DEP Platform software with version 4 0 0 or higher Otherwise the following error box will appear DEP NMS xi X DEF Flatform Software non compatible the version 4 0 0 or higher need to be installed Loading of application software in more than one DEP Crypto Modules is only available if you have the Hardware Licence USB dongle Atos Worldline Technology amp Products Engineering DEP Page 54 139 DEP NMS User Manual 04 04 Classification Public The first phase of the Load operation consist of checking the three following conditions e Is the boot active The Crypto Module s status should read Software active Boot e Is the DEP Crypto Module s upgraded to CUST level e Is the CAP_STD_SW_LOAD capability loaded in the DEP Crypto Module For detailed information on how to load the capability refer to the DEP C ZAM DEP User Manual If one of those conditions is not fulfilled an information dialog box see
76. egistered or not Gives the total number of active loaded keys Registered Gives the number of keys known by the application Deleted Indicates how many keys there were deleted Not registered Gives the number of keys not known by the application 8 5 2 Capabilities The Capabilities tab sheet lists the following information about the different capabilities loaded into the DEP Crypto Module Atos Worldline Technology amp Products Engineering DEP Page 77 139 DEP NMS User Manual 04 04 Classification Public DEP Information o keys Capabilities Counters Farameters OS000000 Unlimited j 6 OS000E00 Unlimited O 1 Identifies the tag of the capability Type Defines the type of limitation that applies to the capability Unlimited Counter Limited Time Limited Indicates the remaining availability of the capability the value can ether define the number of times the capability can still be used in case of a counter limited type the number of minutes the capability can still be used in case of a counter limited type Counter Defines the number of times the capability has been loaded into the DEP Crypto Module 8 5 3 Counters The Counters tab sheet lists the following information for every available counter in the DEP Crypto Module Identifies the tag of the counter Counter Indicates the number of times the function was executed the error was generated or the dedicated counter operati
77. elements in a DEP NMS configuration are the DEP platforms to be managed The functions to supply this information are in the Edit menu under the item Platform File Edit view DEP Platform DEP Crypto Module E BB Modify Fa Platform symbolic na Delete Del Platform st eater Ss 4 Platforms Order Unlocked HA Madila 1 The three functions are disabled for the limited version installed on a DEP XP platform 5 1 ADDING A PLATFORM When you select the function Add or the I icon or the equivalent function key F7 the Add platform dialog box appears In this dialog box you have to fill in the necessary information for DEP NMS to identify the platform and communicate with it Add platform Symbolic name Platform symbolic name Mame or IP address Port i 001 Module 17 Module 27 Module ai Module 4i Search modules OK Cancel Apply 5 1 1 Identifying the platform To identify a platform that you want to appear in the configuration in order to manage it via DEP NMS you have to provide the following bits of information e Symbolic name The Symbolic name is the name by which the DEP platform will be identified in the platform list of the DEP NMS main window e Name or IP Address In the Name or IP address field you can either specify the Host name or the IP address of the DEP platform e Port Atos Worldline Technology amp Products Engineering DEP Page 21 139 DEP NMS Us
78. empty configuration will automatically appear Atos Worldline Technology amp Products Engineering DEP Page 19 139 DEP NMS User Manual 04 04 Classification Public If you have modified the current configuration you will be prompted to save the changes before the new configuration opens 4 5 SAVING A CONFIGURATION To save a configuration you can use the function Save from the File menu click the lel icon or use its equivalent keyboard shortcut Ctr1 S or you can use the function Save As or its corresponding icon i The function Save is to store the information about the current configuration in the current configuration file Save As is to be used for a new configuration for which no file name has been specified yet or to save an existing configuration in a file with a different name With the item Save As of the menu File the user asks the DEP NMS application to save the actual configuration in another file than the current configuration file or it is a new file The Save As dialog box prompts you for the name of the configuration file Save in tmp de ji File name New configuration Save as type Configuration File chgl Cancel An SHA 1 hash is foreseen in order to have integrity of the data contained in the file Atos Worldline Technology amp Products Engineering DEP Page 20 139 DEP NMS User Manual 04 04 Classification Public 5 PROVIDING PLATFORM INFORMATION The basic
79. er Manual 04 04 Classification Public In this field you have to supply the port that is to be used for the TCP IP communication between the DEP Platform and the DEP NMS application The default value is 1001 Warning The Port value specified here must correspond to the value defined on the DEP Platform otherwise the DEP NMS cannot connect to it 5 1 2 Selecting Crypto Modules To automatically detect the DEP Crypto Modules presenting on selected DEP Platform click on the Search modules button Clicking this button connects to the DEP Platform and selects the DEP Crypto Modules that have been detected The status field at the bottom provides feedback about the connection to the platform Add platform E xX Symbolic name Flatform slimbolic name Mame or IP address f r2 18 12 36 Fort i O01 Module dW Modue Module a Module ti Search modules UE Cancel Apply Connection succeeded to 172 18 12 36 To determine the modules you want to appear in the configuration tree on the DEP NMS main window you have to select or deselect the modules accordingly The dialog box below illustrates a case where only the second DEP Crypto Module is selected to be included in the configuration Add platform xX Symbolic name Flatform slimbolic name Mame or IP address f f2 16 12 36 Port i 001 Module i Module2f kodues Module 4i Search modules mea ha Connection succeeded to 172 18 12 36
80. er confirmation the operation is executed A confirmation message is displayed if the reset of the DEP Crypto Module has succeeded Atos Worldline Technology amp Products Engineering DEP Page 87 139 DEP NMS User Manual 04 04 Classification Public 8 7 1 2 Setting the DEP Battery Off The Set DEP Battery Off function disconnects the backup battery in the DEP Crypto Module With the battery disconnected the DEP Crypto Module relies on the mains supply to maintain memory contents This implies that keys and application are lost if the current is cut Before actually setting the battery off you are prompted for confirmation After confirmation the operation is executed A confirmation message box is displayed if the reset of the DEP Crypto Module has succeeded ee 5 Setting the DEF battery off succeeded on module 3 of platform Test_FlatForm 8 7 2 Resetting Communication to the DEP platform The Communication function clears the message buffers on the PCI interface of the DEP Platform Before resetting DEP NMS prompts you for confirmation DEP NMS E xj ae 2 Resetting communication to the DEP After confirmation the reset operation is executed A confirmation message is displayed if the reset of the DEP Crypto Module has succeeded Atos Worldline Technology amp Products Engineering DEP Page 88 139 DEP NMS User Manual 04 04 Classification Public 8 7 3 Resetting the DEP Cry
81. es whether the DEP Crypto Module is in good mode or in fatal mode Keymac Indicates the authentication code calculated over all the keys between 00 00 OO OO and FF FF FF FF or Not Available Alarm status Indicates the status of alarms OK INCrUSTLONn Removal Temperature PIC RAM Motion Battery VEC Off Battery status Shows whether the battery is connected Connected Not Connected Serial number Gives the serial number of the DEP Crypto Module If this value does not correspond to the value expected a warning appears See also the section Automatic refresh on page 117 Software active Indicates what software is active BOOL Application Shows the name and the version number of the available boot software Shows the name and the version of the available alarm software Shows the name and the version number of the loaded application Configuration mode Indicates in what mode the DEP Crypto Module is configured Development a Pest Dave None Configuration authority Shows the available authority level of the DEP Crypto Module Atos Worldline Technology amp Products Engineering DEP Page 49 139 DEP NMS User Manual 04 04 Classification Public None Banksys Customer Indicates the number of keys loaded Capabilities Indicates the number of capabilities loaded Customer ID Represents the unique identification number of the customer 8 1 3 Saving status information
82. esewadcnnnteudeh 133 TACT DS INSO UND oa ota N O node seeNee 133 IG 1 4 dWStQI ANON COMPLETE ieee alsaa adie mees te eh als tie ede anaes eedole 134 14 2 LICENSE DONGLE INSTALLATION ccccceccsceccececcscececcsceccecesescecescecesesceses 134 Atos Worldline Technology amp Products Engineering DEP Page 7 139 DEP NMS User Manual 04 04 Classification Public 1421 lt Performing preliminary steps cso aetna RS 135 14 2 2 Finishing the actual installation sess cdecvosscireceerRitecnnapehscinieeeaend thoes 136 15 ANNEX B FUNCTION KEYS AND SHORTCUTS sssssssseseecccccssssoo 138 16 ANNEX C AUDIT TRAIL OPERATIONS AND EVENTS 138 Atos Worldline Technology amp Products Engineering DEP Page 8 139 DEP NMS User Manual 04 04 Classification Public 1 INTRODUCTION 1 1 SCOPE OF THE DOCUMENT This document describes the version 3 x of the DEP NMS Network Management System application This PC application allows the management and configuration of DEP Platforms and the DEP Crypto Modules It can be linked to the DEP EM application Event Manager to which it sends its events For information on the use of DEP EM refer to the document DEP EM User Manual 1 2 RELATED DOCUMENTATION Information about the various DEP products technologies and solutions is available from an extensive set of documents accompanying these products People new to Atos Worldline DEP technology may find
83. f the file is corrupted an error messages 1s displayed The DEP parameter File is corrupted or without hash Continue anyway Atos Worldline Technology amp Products Engineering DEP Page 95 139 DEP NMS User Manual 04 04 Classification Public Note You can restore older DEP parameter files without hash by pressing Yes The DEP parameters are sent to the DEP Crypto Module and the parameter window is refreshed 9 DEP SOFTWARE CLONING Note This functionality is protected by the license dongle for the platforms with LIVE mode You can manage Cloning functionalities without license dongle for the platforms with TEST mode max 5 platforms 9 1 PREREQUISITES e The minimum version of the DEP NMS application must be 3 3 2 14 e Only one Master DEP Crypto Module and at least one or more Clone candidate s should be selected e There should be no other cloning process started on any of participating DEP Crypto Modules e All the DEP Crypto Modules involved in the cloning process must be locked To lock the DEP Crypto Module right click on the appropriate DEP Crypto Module select Locking and click Lock option For more information about the DEP Software Cloning prerequisites please refer to the DEP Software Cloning Guide 9 2 SETTING AS MASTER To set a DEP Crypto Module as Master for cloning right click on the appropriate DEP Crypto Module choose Cloning and then click on the Set as Master option Also
84. for example 120000 milliseconds The date of the DEP Crypto Module The time of the DEP Crypto Module Message selection Defines the priority of the different type of algorithm command messages that could arrive First In First Out All command messages are processed in the order they arrive first command message that arrives 1s treated first This is the default value Host Messages Priority is given to the command messages First coming from the host the command messages generated by other processes are treated when there are no more host command messages to process Pool Messages Priority is given to the command messages sent First to the POOL device address the command messages sent to the dedicated DEP Crypto Module are treated when there are no more pool messages to process With regard to the settings different operations are possible depending on the button that you press e Save Stores the information of the user into the configuration file in order to quickly configure other DEP Crypto Modules e Restore To retrieve the information saved during the save operation e Defaults Sets the fields to the default factory values coming from the DEP Crypto Module Remark If the RTC Real Time Clock has never been set before this value is empty The Real Time Clock can only be set or modified when the capability CAP_STD_SET_RTC 1s available in the DEP Crypto Module 8 2 HANDLING CRYPTO MODULE LOCKING Like DEP Platf
85. g keys from a previous backup in one or more DEP Crypto Modules Operation can be done on each DEP Crypto Module sequentially or on different DEP Crypto Modules of one or several DEP Platforms simultaneously WwW Use the Restore function from the Keys submenu or select the P icon from the toolbar if you need to restore keys from a previous backup Warnings e You must lock the DEP Crypto Module s before executing this operation e Simultaneous Keys restore operation for multiple selected DEP Crypto Modules is possible on DEP Platform software Atos Worldline Technology amp Products Engineering DEP Page 62 139 DEP NMS User Manual 04 04 Classification Public with version 4 0 0 or higher Otherwise the following error box will appear DEP x x DEP Platform Software non compatible the version 4 0 0 or higher need to be installed e Simultaneous multiple DEP Crypto Module Restore Keys Operations are only possible if you have the Hardware Licence USB dongle Restoring keys requires availability of e the CAP_STD_SAVE_KEYS capability e DEP Master Key If one of those conditions is not fulfilled an information dialog box see below will appear with list of actions that user can take to bring the DEP Crypto Modules to Ready state Checking Modules Status x General information Number of selected DEP Crypto Modulefsi Z Number of ready DEP Crypto Modules D Number of not ready DEP Crypto Modulefsi 2
86. ge comes from the host log 01 indicates that the logging is allowed because of presence of the CAP_STD_TRACE capability 00 means that tracing is not allowed hst_msg_vers 0x20 defines the version number of the internal messages composition only used for internal management serv_addr 0x01 indicates the server address only used for internal management int_msg_nr 0x08 1s an internal message numbering of the treated messages and can vary between 0x00 and 0xOF only used for internal management arrival 0002425978 gives the time in ticks the host handler received the command message Atos Worldline Technology amp Products Engineering DEP Page 42 139 DEP NMS User Manual 04 04 Classification Public e departure 0002425998 gives the time in ticks the host handler received the response message e delta 0000000020 indicates the processing time in ticks and is the difference between the DEParture and the arrival e the HST_CMD part is the logging of the received command message len 000680 decimal defines the length of the received command message in bytes ff 01 13 03 00 01 13 04 OO is the hexadecimal representation of the trace of the received command message only available when the log equals 01 e the HST_RSP part is the logging of the returned response message len 000009 decimal defines the length of the replied message in bytes 00 01 13 04 00 bi al 21 bd is the hexadecimal representation of the trace
87. gineering DEP Page 12 139 DEP NMS User Manual 04 04 Classification Public 3 GETTING STARTED 3 1 INSTALLING THE APPLICATION The installation procedure is described in detail in ANNEX A INSTALLATION PROCEDURE 3 2 STARTING UP To start DEP NMS application execute the DEP_NMsS exe file which is in lt Installation directory gt folder After installation a desktop shortcut to this file is available as well as an entry in the Windows Start menu 3 3 PERFORMING INITIAL CONFIGURATION When the DEP NMS is started for the very first time or when it is restarted without a configuration file being available the main window of the application appears with no client platforms in the list The General Settings dialog box automatically appears giving the possibility to define some initial settings for the DEP NMS DEP NMS New configuration C l File Edit view DepPlatForm Dep Crypto Module Tools PlugIns Help laeha f a pie ZkBAPY OK Cancel Apply Figure 5 For more detailed information refer to the section General Settings on page 116 Once you have completed the General Settings you can start adding DEP Platforms to the configuration Available DEP Crypto Modules are displayed sequentially The date and time of the last refresh is indicated in the status bar of the window Atos Worldline Technology amp Products Engineering DEP Page 13 139 DEP NMS User Manual 04 04 Classification Pub
88. gineering DEP Page 129 139 DEP NMS User Manual 04 04 Classification Public 13 OBTAINING HELP The DEP NMS application has integrated help facilities The Help menu on the DEP NMS main window contains the following functions d DEP _EM Configuration _files security c Flug Ins Help P Help Topics F1 Trace Stat About DEPINMS 13 1 CONSULTING THE ONLINE HELP To open the online help select the Help Topics function from the Help menu or press the corresponding F1 function key The DEP_NMS help window will appear hosting a typical Windows hyperhelp system which you can navigate and search to consult the information you need D gt 8 Hide Back Forward Print Contents Index Search FULL VERSION 2 Table of Contents 2 Scope of the Document 2 References 2 Glossary O Purpose of the DEP NMS Program 2 Light version 2 Full version GENERAL PARAMETERS Qg start stop 2 First run or restart without having confic 9 Restart after having defined a configure 2 Exit General items Qg VIEW 2 Audit trail 2 Refresh all 2 Refresh platform 12 Refresh module 2 Toolbar 2 Status Bar Help Configuration General window Tools ANNEX a INSTALLATION PROCEDURE 13 2 OBTAINING INFORMATION ON DEP NMS When you select the function About DEP NMS from the Help menu the About DEP NMS window will appear with information on the version of the application and with the lega
89. gt Memory never used yet in bytes Memory_BigFree Size of biggest free block 1 block 16 bytes Atos Worldline Technology amp Products Engineering DEP Page 81 139 DEP NMS User Manual 04 04 Classification Public The Save button at the bottom of the DEP diagnostics window allows you to store the information in a file In the Save As dialog box you have to specify the name of the file that you want to use ae gt j ee Save in E Data fies ff DEP Info tect File name Diagnostics tet Save ae Ippe Jest File txt Cancel 8 6 2 Testing Communication Hardware The Test Communication Hardware function tests the PCI interface of the DEP Platform The Test communication hardware dialog box will appear where you have to select kind of test s that you want to execute Test communication hardware 3 x FIFO out Intern FIFO loop Extern FIFO loop End to end FIFO out M Intern FIFO loop OK M Extern FIFO loop OK End to end Atos Worldline Technology amp Products Engineering DEP DEP NMS User Manual 04 04 Page 82 139 Classification Public 8 6 3 Performing DEP Self Test With the function DEP Self Test you can test the main board of the DEP Crypto Module and displays some information Depending on the hardware installed the test checks the DES and the RSA units or the unique cryptographic chip When application software is lo
90. h to close the wizard Merge Backups Wizard Completing the Change DMK Wizard Please erase capabilities CAP_STO MERGE BACKUP and CAP_STD_SAVE_ FEY S from the DEF Crypto Module by CAM DEF optional To close this wizard click Finish Atos Worldline Technology amp Products Engineering DEP Page 73 139 DEP NMS User Manual 04 04 Classification Public 8 5 READING DEP INFORMATION The Read DEP Information function retrieves the information about the following items e the keys loaded It gives a list of the known and loaded key identifiers together with the indicator whether they are active or not Additional information about the number of times the keys are loaded is also available e the capabilities loaded Together with their type and value Additional information about the number of times the capabilities are loaded is also available e the counters related to the number of times certain functions were executed by the DEP Crypto Module the number of times a certain error occurs the number of times some dedicated operations have been executed e the DEP parameters loaded Warning The Read DEP Information item is only enabled in locked mode You can select the function from the DEP Crypto Module menu or from the context menu that appears when you right click a specific DEP Crypto Module from the configuration tree DEP NMS C 192 168 0 19 chg D co el i Status F3 Locking d
91. have currently no effect as no dongle was Found 11 2 MANAGING PASSWORDS 11 2 1 Understanding security levels The DEP NMS is able to work with a secure protocol for communicating with the DEP Platforms There are two levels of security e Semi secure works with a default password e Fully secure works with a user defined password During the first start up of the DEP NMS the semi secure mode is automatically used This is indicated at the right hand side of the status bar by means of a single key y done on 2007 3 5 15 18 05 NUM Ec The security level of the DEP NMS itself determines the maximum level of security for all the DEP Platforms that it is to manage e DEP Platforms without security that is platform software version 1 x A key with a red cross is present in the Security column e DEP Platforms with security level semi secure that is platform software version 3 x or higher A key is present in the Security column Atos Worldline Technology amp Products Engineering DEP Page 119 139 DEP NMS User Manual 04 04 Classification Public DEP NMS C Program Files Banksys DEP_NMS and DEP_E Fie Edit iew Dep Platform Dep Crypto Module Tools Plug Ir D hd i ae elie SAY Platform symbolic name Security Platform status Trace 5 1 E EAE Co ee T d EJ dep xp test 16 e Unlocked GFF C 4 Module 1 BY Module 2 HEJ dep xp test 15 Unlocked GFF i 2S Module 1 4 Module 2 BY Module 3 HH Module
92. he line usual colour 9 7 START CLONING PROCESS Note Before starting the cloning process one DEP Crypto Module should be set as Master and at least one Clone candidate should be selected refer to the sections 9 2 and 9 4 for more information on how to set the Master and the Clones To initiate the cloning process right click on any DEP Crypto Module select the Cloning menu and click on the Start Cloning Process option Also you can start the cloning process from general menu Click on the DEP Crypto Module in main window choose Cloning and click on the Start Cloning Process option 9 7 1 Cloning the Master DMK If the Master DEP Crypto Module has already loaded DEP Master Key DES or AES then it can be cloned too You will be asked to confirm the Master DMK cloning Confirm DMK Usage x LY The DEP Master Key is loaded in the Master DEP Crypto Module Do you want to clone this Master Key Atos Worldline Technology amp Products Engineering DEP Page 100 139 DEP NMS User Manual 04 04 Classification Public If you choose Yes the application will clone the DEP Master Key If you choose No the application won t clone the Master Key and you will have a chance to delete the DMK from the Master Checking Modules Status l l x General information Number of selected DEP Crypto Module s 1 Number of ready DEP Crypto Module s 0 Number of not ready DEP Crypto Module s 1 Problems information D
93. ible to select and remove one or more not ready modules from Problems Information list Continue button will be enabled when in Problem Information list all the DEP Crypto Modules will be in Ready state To terminate the Banksys Crypto Upgrade process for all selected DEP Crypto Modules click Cancel Atos Worldline Technology amp Products Engineering DEP Page 113 139 DEP NMS User Manual 04 04 Classification Public 10 2 2 3 Monitoring the loading process During the actual loading of the Banksys Crypto update file the Banksys Crypto Upgrade dialog box will appear displaying the progress of the process It also displays the name of the file that is being loaded Banksys Crypto Update Loading Banksys Crypto update file 0001_tst 10 05 hee Step niz Banksys Crypto Update Ea Loading Banksys Crypto update file 0001_tst_107_05 hee Step 100 If there is no ready DEP Crypto Module left during the loading process the following error will appear and the load process will be interrupted x Loading Banksys Crypto update file error on selected modules There is no ready modules left After pressing the OK button the Banksys Crypto update report dialog will appear with the total number of successful and failed DEP Crypto Module s For each failed DEP module s there is a status line with the failure reason Atos Worldline Technology amp Products Engineering DEP Page 114 139 DEP NMS User Manual
94. ieri Ar th ieee A a et ieee 39 kask Achivaline the lO BIND orior e e eE O TO AOE OARA 39 Vie POR SHOP PINS TIVE TOL C1 aan cia crcl si E be voe Wad cv T vind ee Reals 39 7 3 3 Cetine The race FILS saisruesiia toad a bonteendsahaaees 40 TA MANAGING STATISTIC S cectentescitart aneusuiansgasetanessantadt ueaneuneus wala bineeouesa anton nena 43 7 4 1 DUNS The statisties UY rsen n a tame iusaaihs 44 7 4 2 SLO Pete STANS NCS ULIILY crin E aN 44 7 4 3 Getting the statistics INfOTMATION ccccccccesseeecceeceececnaaeeessseeeeseeeaaaaeees 44 8 MANAGING DEP CRYPTO MODULES cccccssccccccrssssssssssccccssseesees 47 8 1 HANDLING MODULE STATUS INFORMATION ssssseeeceeceeeeeeeeeeeeeeeeeeeeeees 47 6 1 1 Requesting status INfOTINATION ccccccccccccccc en eeeeeeeece ae eeeseeeeeaaeeseeseaaaaes 47 6 1 2 Interpreting module status information ccccccccccceeeeecsscceceaeeeseceeeeaaees 48 6 1 3 DAVING SIGLUS Tf OTMONON aonn a a 49 8 1 4 Modifying configuration settings ccccccccccseeccccccccaseescceeecaeseeseessaaaneses 50 8 2 HANDLING CRYPTO MODULE LOCKING asigiccpetenestineisd sans cad Genet teeesnnraseet 51 6 2 1 LOC eee nee TOR eee PRES a CENCE ere ST OO ene S eee 52 6 2 2 TI OGK sistas EEE E E esto Gituattate es Aes ca stncanen E E des iaeoacen 32 8 2 3 TOV COG WAN OCK i T EEEE TENE EAT E ee 32 Sas MANAGING APPLICATIONS orasini inie Ea 32 6 3 1 Loading application software on DEP Crypto Module s
95. ing of all its DEP Crypto Modules 7 2 3 Forced Unlock With the Forced Unlock function you can unlock a DEP Platform that has been locked by another DEP NMS instance The DEP Platform is locked by another user Before the platform is unlocked you are prompted for confirmation DEP NMS E Zj 2 would you like to Force unlock the selected DEP Platform Ves Mo Atos Worldline Technology amp Products Engineering DEP Page 39 139 DEP NMS User Manual 04 04 Classification Public When a DEP Platform is forced unlocked all its DEP Crypto Modules are also forced unlocked The status of the DEP Platform in the main window is now Unlocked After that you can lock the DEP Platform 7 3 HANDLING TRACES A DEP Platform can trace the messages that are exchanged between the DEP Platform and the hosts The Trace menu offers functions to manage the tracing feature The following functions appear in the submenu e Start e Stop e Get Trace File DEP NMS C Program Files Banksys DEP_NMS and DEP _EM Ca File Edit View Dep Platform Dep Crypto Module Tools Flug Ins He D co bel Gy atus F2 JABAL Platform symbolic Locking d Platform status Trace Statistic 2 config cfc ML t my Loe ks Statistics t Stop BS Module 1 Get Trace File BS Module 2 4 dep t print 25 Unlocked On CFF HS Module 1 By default the trace functionality is disabled At the start the trace file is stored o
96. installed modules z Version software EMUS 4 1 3 Host listener OK Type DEPP 7 1 2 Interpreting the platform status information 7 1 2 1 Status tab sheet The Status tab sheet contains the following items The TCP IP name used by the DEP platform on the LAN Symbolic Name The name used to represent the DEP platform LAN The TCP IP port of the DEP platform on the LAN for the messages with the DEP NMS locked platform is locked by another user unlocked Trace On trace facility on the platform is active Off trace facility on the platform is not active Statistics On statistics facility on the platform is active Off statistics facility on the platform is not active Total Opened connections The number of opened connections Total Messages sent The total number of messages sent by the DEP platform Total Messages received gives the total number of messages received by the DEP platform Number of installed modules The number of the installed DEP Crypto Modules in Atos Worldline Technology amp Products Engineering DEP Page 30 139 DEP NMS User Manual 04 04 Classification Public nized DEP Cio Modes o o managed DEP Crypto Modules platform Host listener Indicates whether the DEP platform is ready for listening to the hosts The type of DEP platform DEP T6 DEP XP 7 1 3 Saving status information You can save the status information into a text file Click the Save button on Platform St
97. ion File Edit View Dep Platform Dep Crypto Module Tools PlugIns Help lsh Sa piwpBBAP Platform symbolic name Security Platform status Trace Statistics TCP IP address Locking Status New configuration If you have modified the current configuration you will be prompted to save the changes before the new configuration opens 4 2 OPENING AN EXISTING CONFIGURATION FILE To load an existing configuration file use the Open function from the File menu a Also you can click the La icon or use the equivalent Ctr1 0 keyboard shortcut By default for Windows 2000 and Windows XP the configuration files are saved in the Configuration_files subfolder with C Documents and Settings USER Atos Worldline DEP_NMS and DEP_EM path and for Windows Vista and Windows 7 with c Users USER Atos Worldline DEP_NMS and DEP_EM respectively If the configuration file that you wish to open appears in the list of the five recently opened files in the File menu you can open it from there by clicking its name Atos Worldline Technology amp Products Engineering DEP Page 17 139 DEP NMS User Manual 04 04 Classification Public F DEP NMS C Program Files Banksys DEP_NMS and DEP _EM Configuration _files co File Edit wiew DEF Platform DEF Crypto Module Tools PlugIns Help Mews Ctrlth Open Chrl 0 Open amp Merge Close Save Ctrl 5 Save S C Program Files BanksysiDEP_NM
98. l disclaimer and copyrights Atos Worldline Technology amp Products Engineering DEP Page 130 139 DEP NMS User Manual 04 04 Classification Public f ww The information in this software is confidential and shall not be disclosed to any third party in whole or in part without the prior written consent of Atos Worldline SAN OY COPYRIGHT The information in this software is subject to change without notice and shall not be construed as a commitment by Atos Worldline S A NAY The content of this software including but not limited to trademarks designs logos text images is the property of Atos Worldline S AM WY and is protected by the Belgian Act of 30 06 1994 relate to author s right and by the other applicable Acts Atos Worldline Technology amp Products Engineering DEP Page 131 139 DEP NMS User Manual 04 04 Classification Public 14 ANNEX A INSTALLATION PROCEDURE An installation procedure is available for the DEP NMS and DEP EM applications It is a wizard driven procedure that lets you install DEP NMS possibly DEP EM and the License Dongle The wizard should normally start automatically and display the DEP NMS and DEP EM Setup Launcher window when you insert the installation CD ROM jg DEP_NMS and DEP_EM Welcome to the DEP_NMS and DEP_EM Setup Wizard The installer will guide you through the steps required to install DEPLNMS and DEP_EM on your computer WARNING This compute
99. lation procedure 2 Plug ins take over the TCP IP configuration of the DEP NMS and need no configuration of their own 3 Managing plug ins is possible without the Hardware Licence USB dongle but using them on the contrary is not 12 1 ADDING PLUG INS To add a plug in to the DEP NMS application select the Add Plug In function from the Plug Ins menu The Add Plug In dialog box will appear Add Plug In x Mame Browse Link Cancel In the Name field supply the name of the plug in that you want to add The Browse button lets you find on your system the executable for the plug in Atos Worldline Technology amp Products Engineering DEP Page 126 139 DEP NMS User Manual 04 04 Classification Public Look in ASA kep Generation Se RSA _KeyGeneration exe File name A54 _KeyG eneration exe Files of type Executable File exe Cancel By default the name of the executable that you have selected will be entered in the Name field You can however change the name Name R54 Key generation Browse Link CrlcrvpeeyProjeckiDEP WMS PlugIns RSA creel _ When you click OK a link to the plug in will be inserted in the Plug Ins submenu If the hardware license USB dongle is not present the name of the plug in is added to the Plug Ins menu but it is disabled MS and DEP _EM Configuration files Tools Plug Ins Help Add Plug In
100. lic DEP NMS C Program Files Banksys DEP_NMS and DEP_EM Configuration_files config1 cfg File Edit View Dep Platform Dep Crypto Module Tools Plug Ins Help DsOG4lwa s mPEBAP Platform symbolic name Security Platform status Trace Statistics TCP IP address or name Locking Status Keymac Software 2 E EN p Sass SS ES c eS J dep xp_test_16 x Unlocked OFF off dep_xp_test_16 E Module 1 Unlocked Good FFFFFFFF None BY Module 2 Unlocked Good FFFFFFFF None DEP EM not connected Last manual refresh done on 2007 3 8 09 29 37 umn Ei Figure 6 Operations that you perform from within the DEP NMS main window are carried out on the selected DEP platform or DEP Crypto Module Warning If you perform an operation via a C ZAM DEP it is carried out only on the selected DEP Crypto Module If none is selected the following error box will appear Remote C20 commands are only allowed on DEP Crypto Modules There are several different items for refreshing in the View menu it will implement a manual refresh of the whole content of the main window See General Settings section on page 116 When a problem is encountered the DEP NMS alerts the Operator by means of a modification in the columns Platform Status and Module Status Alarms can pop up while requesting the Status or as a result of various DEP NMS functions with a bad answer of the selected DEP platfor
101. lock With this function you can unlock a DEP Crypto Module that is already locked by another DEP NMS instance in order to lock it yourself thus preventing access by for example a host for commands or by another DEP NMSs for modifications The status of the DEP Crypto Module in the main window is now Unlocked Before the DEP Crypto Module is unlocked you are prompted for a confirmation Ves Ao After that you can lock the DEP Crypto Module 8 3 MANAGING APPLICATIONS The Application submenu contains functions for loading and ending DEP Crypto Module applications Atos Worldline Technology amp Products Engineering DEP Page 53 139 DEP NMS User Manual 04 04 Classification Public DEP NMS 192 168 0 19 cfg File Edit View DEP Platform DEP Crypto Module Tools PlugIns Help hg pE Status FS latform symbol pree Platform symbolic name Application fr 2 192 168 0 19 cfa keys End EJ 192 168 0 19 Read DEF Information 160 0 19 HE Module 1 Jamei p Locke 4 Module 2 Beret Locke my 192 166 0 20 a TSS ease clase FF 192 166 0 20 E Module 1 Slane p Locke E Module 2 Locke BY Module 3 Firmware Upgrade Locke my 192 168 0 22 Unlocked GFF OFF 192 168 0 22 E T a aaa ae aT ca Locke 4 Module 2 Locke 8 3 1 Loading application software on DEP Crypto Module s 8 3 1 1 Starting the operation Software loading operation allows loading DEP application software in on
102. m or DEP Crypto Module If an alarm is raised the icon changes and the corresponding line become red DEP JAMS New configuration Hocus Bereta ts thr a Mees Aest Mle ec Oc Ral simwEEA gt T New configuration l l IEJ depp testis i Unlocked o OF dep_xp_test_16 BD Module 1 Lirdket ee Good FRFFFFFF Mon Nore Hone Dn OOO A446 998 BD Moule 2 Lirdggkagd Alam Eatkery FFFFFFFF Mona Hone Nona Ca If the event manager TCP IP address and port are defined the error messages are also sent to the corresponding machine see DEP EM User Manual Atos Worldline Technology amp Products Engineering DEP Page 14 139 DEP NMS User Manual 04 04 Classification Public 3 4 RESTARTING WITH CONFIGURATION DEFINED When you re start DEP NMS after having defined a configuration the main window of the application appears with the information as it has been specified in the configuration file that was last used DEP NMS C Program Files Banksys DEP_NMS5 and DEP_EM Configuration_files config cfg E laj xj Fie Edt View Dep Platform Dep Crypto Module Tools Plugins Helo Oeges simwSEAP Platform symbolic name Security Platform status Trace Statistics TCP IP address Locking JEJ dep_xp testis Unlocked off oif dep_xp_test_16 IE Module 1 Unlocked Good FFFFFFFF Hone None None OOD 1LONONNT A4 4699B2 W Module gt Lirdoched Alarm Battery PRPPPFFF None None None Mena nana E dep ptet s5 SS Unlocked Off O
103. mp Products Engineering DEP Page 108 139 DEP NMS User Manual 04 04 Classification Public e The CAP STD _FW_UPDATE capability should be loaded on the DEP Crypto Module e All the DEP Crypto Modules should be at CUST Authority Level 10 2 2 Starting the Banksys Crypto Upgrade 10 2 2 1 Starting operation for Single Selected DEP Crypto Module Select the appropriate DEP Crypto Module right click on it select the Firmware Upgrade menu and click on the Upgrade Banksys Crypto option Also you can start the firmware upgrade process from general menu Click on the DEP Crypto Module in main menu choose Firmware Upgrade and click on the Upgrade Banksys Crypto option DEP NMS C 192 168 0 19 cfg File Edit View DEP Platform DEP Crypto Module Tools Plugins Help D g ae Status F3 Locking d PlatForrn symbolic name Firan ar me j Status Application d 2 192 168 0 19 cfg keys b 192 168 0192 Read DEF Information ai I Module 1 Diagnostics p Locked Good E Module 2 Reset p Locked Good Mot Set C EJ 192 168 0 20 DEP Parameters Ga A Module 1 Herma p Locke Good Not 4 F E Module 2 larke Gand Mot 4 F E Module 3 Firmware Upgrade BIOS Reflash Mot 4 F The Upgrade Banksys Crypto option is enabled only 1f e the DEP Crypto Module is locked e the version of DEP Crypto Module is DEP PCI V4 e the minimum version of the DEP Platform Software is VENUS 4 3 0 or higher e the Applica
104. n port 1 4 LC T 0 65535 msec z0 Check value CRE Baud rate OK Cancel pply Atos Worldline Technology amp Products Engineering DEP Page 33 139 DEP NMS User Manual 04 04 Classification Public For each of the two protocols you can define various parameters DEP NMS stores this information for each DEP Platform With regard to the settings different operations are possible Depending on the button that you press e Save Stores the information of the user into the configuration file in order to quickly configure other platforms e Restore To retrieve the information saved during the save operation e Defaults Sets the fields to the default factory values coming from the DEP platform 7 1 4 3 Setting PDP parameters PDP is an asynchronous protocol that is used to communicate with the DEP Platform through a serial communication port of the PC The following parameters could be set Default value COM port Defines the serial communication 1 port of the DEP Platform that is Note For the DEP T6 used for its communication Taare this field is read only and fixed at a value of 2 I C T The inter character time out 20 milliseconds parameter in milliseconds that defines the maximum delay between two characters of the message Check value Defines the check value that is used in the PDP protocol CRC or LRC Baud rate Defines the communication speed used for the DEP platform communica
105. n the DEP Platform but it can be copied subsequently to the DEP NMS 7 3 1 Activating the logging Use the function Start from the Trace submenu to start the trace utility and log the messages exchanged between DEP Platform and host The status of the trace utility of the selected DEP Platform on the DEP NMS switches to On Note The trace of messages depends on the activation of the capability CAP_STD_TRACE in the DEP Crypto Module s of the DEP Platform 7 3 2 Stopping the logging Use the Stop function to stop the trace utility The status of the trace utility of the selected DEP Platform on the DEP NMS is switched to Off Atos Worldline Technology amp Products Engineering DEP Page 40 139 DEP NMS User Manual 04 04 Classification Public 7 3 3 Getting the trace file Select the Get Trace File function from the Trace submenu if you want to obtain a local copy of the trace file that has been stored on the DEP Platform Before you can get a trace you must stop the tracing When you select the function a Save As dialog box appears in which you specify the path and name of the logging file on the DEP NMS The filename presented by default is e Trace txt if trace data is saved for the first time e the name of the trace file that was last used if trace data has been saved before If the file already exists DEP NMS requests confirmation to overwrite it cave in Data_files de FE Trace txt
106. n the Plug Ins menu The appropriate application window will open The image below illustrates the use of the plug in RSA Key Generation Atos Worldline Technology amp Products Engineering DEP Page 128 139 DEP NMS User Manual 04 04 Classification Public DEP NMS C Program Files Banksys DEP_NMS and DEP_EM Configuration_files security clg E S la x Fie Edit Yiew Dep Platform Dep Crypto Module Tools PlugIns Help Coe Ha Sai pie BSA Platform symbolic name Security Platform status Trace Statistics TCP IP address or name Lockin Status Keymac Software Mode Authority Serial Number J security cfg E dep_xp_test_16 Unlocked Off Off dep_xp_test_16 L jModue a ee ee ee 22110845 Custome H Module 2 Locked b Good FFFFFFFF None None None 000100000B7C759E5B E dep_xp_test_15 23 Unlocked Off Off 172 24 14 237 E Madola 4 Laekad h Caned CCCCCCCC lana Klann flana NNNNA 000000000 a Fiai oono E9 File Help ooo000000 E9 npu Output BESBISIEE ter ay Public Exponent Decimal Value B66907BB2 ey B66 s5DB40 Key Length in Bits Decimal Value Output Directory Browse r Generate RSA Key Zi Connected to dep_xp_test_16 DEP Crypto Module number 01 DEP EM not connected Automatic refresh disabled NUM sy For more detailed information on RSA Key Generation plug in refer to the RSA Key Generation User Manual Atos Worldline Technology amp Products En
107. nce in the Password field and repeat it in the Confirm password field To finish click OK Enter password HCK e xj Password Confirm password In both fields the password characters are masked The password length must be between 8 and 20 characters otherwise the following message box will appear DEP NHS IN The password length must be between 6 and 20 characters Note When you have confirmed the password the DEP NMS ttries to apply it for all managed platforms Apply new security level to all platforms x Apply new security level apenas Q The current security level of the Following platFormis is not compatible with the security of the DEP MMS Platform symbolic name t print IP Mame or Oddress 172 24 15 230 Port 1001 Please verify the password defined on each platforms Atos Worldline Technology amp Products Engineering DEP Page 121 139 DEP NMS User Manual 04 04 Classification Public At this stage the security level of the DEP NMS is fully secure This is indicated at the right hand side of the status bar by means of two keys O mun The fully secure DEP NMS can manage e DEP Platforms without security that is platform software version 1 x A key with a red cross is present in the Security column e DEP Platforms with the semi secure security level that is platform software version 3 x or higher A key is present in the Security column e DEP
108. ntan a a E 23 Gs TAHE VIEW MENU nouniisnnnan a Aiii 24 6 1 REFRESHING THE INFORMATION ccccccoccececcececcsceccscececcscscscecescecescececesceses 24 6 1 1 Refreshing WINDOW GIODGIY is sar Gia indsrucaiiatiiativactiwendernencamacst 24 6 1 2 REES IAIN CA CIN arii ee Eea E ETE A EN Ie 24 6 2 2 VIEWING THE AUDIT PRAM rrea aaa a Wel a a a a aa 24 6 3 SHOWING HIDING THE STATUS BAR ccccceccececcececcsceccccecescscesescesescecesceceses 26 6 4 SHOWING HIDING THE TOOLBAR cscececcscescecccececescecescscescscesescesescecesesceses 27 7 MANAGING DEP PLATFORMS cccccccccccccccccccccccccccccccccccccccccces 28 7 1 HANDLING PLATFORM STATUS INFORMATION ccccceccsceccscecscecescscecescecesees 28 7 11 Requesting status INfOTNATION cccccsccccccccc ee E a 28 Tedd Interpreting the platform Status information cccccceccccc cee neeeeceeeee ness 29 E Rae DAVIN SOUS Tj OTINGQUON EREE EE nena ae 30 7 1 4 Modifying parameters oiii in a e EE EERENS 30 DEPA HANDLING PLATFORM LOCKING c ccecececcccecccecececececscscsesesesesescececccecaeacecs 37 Atos Worldline Technology amp Products Engineering DEP Page 5 139 DEP NMS User Manual 04 04 Classification Public Toad LO a ee ee Oe a Se eC ee eee em ee ee Meee ea ae er eae 38 Lill CTU OCR nissene sta nasil ereine beh seek T ual esmeene sau ees 38 Tlie POVCCO UO MMOGCK srpna T E E WusnicineDrexkastuses 38 Tide HANDLING TRACES arc
109. ntication Code File sac that is delivered together with the Firmware Upgrade file If the application file is not a valid firmware update file the following error will occur You should select the valid firmware upgrade file SSS t x X The firmware update file or File name Format is not walid After selecting the valid application file the Enter the Firmware Certificate dialog box will open Fill in the correct FW Certificate information Enter the Firmware Certificate x Pu Certificate E3E ob 226 9494501 Cancel Atos Worldline Technology amp Products Engineering DEP Page 110 139 DEP NMS User Manual 04 04 Classification Public 10 2 2 2 Starting operation for Multiple Selected DEP Crypto Modules For multiple selection press Ctrl or Shift and hold it while selecting appropriate DEP Crypto Modules then right click on any selected DEP Crypto Module click on the Firmware Upgrade menu and choose the Upgrade Banksys Crypto option Also you can start the firmware upgrade process from general menu Click on the DEP Crypto Module in main menu choose Firmware Upgrade and click on the Upgrade Banksys Crypto option DEP NMS C 192 168 0 19 cfg File Edit View DEP Platform DEP Crypto Module Tools PlugIns Help D hd elie ee A FP Platform symbolic name a a TCPYIP add 192 168 0 19 cfg m 192 166 0 19 a Unlocked On Off 192 168 ES WModulet ar Set Ee Module Sta
110. odule s O Problems information DEF Platform to Module Problem Hemave Continue Cancel You can click Continue to proceed the cloning process or Cancel to reject cloning 9 7 3 Cloning progress dialog Cloning progress dialog box will show the status of cloning process Actually the DEP NMS can divide the process in multiple sessions if the number of clone candidates exceeds the maximum supported by the master For example if there are 25 clone candidates and maximum number supported by master is 10 then the DEP NMS will organize 3 sessions The number of current session and total number of sessions are in the first line of the progress dialog see below It is important to remark that cloning two DEP Crypto Modules on the same platform is sequential while cloning two DEP Crypto Modules on different platforms is parallel So DEP NMS will divide clones in the way to minimize the overall cloning time Examples of progress dialog Cloning progress x Cloning session 1 1 Current session Processing Atos Worldline Technology amp Products Engineering DEP Page 103 139 DEP NMS User Manual 04 04 Classification Public Cloning progress x Cloning session 1 1 Current session Cloning progress x Cloning session 1 1 Current session 9 7 4 Cloning summary After finishing the cloning process the Cloning Process Summary dialog will show you the cloning
111. on was executed Type Identifies the counter function counter error counter or dedicated counter counters are grouped according to their type Atos Worldline Technology amp Products Engineering DEP DEP NMS User Manual 04 04 Page 78 139 Classification Public DEP Information 3 x keys Capabilities Counters Parameters Tag counter type o ooo d O O2000000 O2000100 2000200 02000300 o2000400 02000500 02000600 O2000 700 02000800 O2000900 02000400 02000600 02000000 O2000E00 O2000F00 02001000 02001100 020013500 02001500 02001600 02001 700 02001600 02001600 2001000 02001000 O2001E00 O2001F00 O2002000 nnn Tan 2 2 aaa MOO CO ANAA AAA NOW ore RY aaae oOo 053 Command Code 053 Command Code 053 Command Code 053 Command Code D53 Command Code D53 Command Code 053 Command Code 053 Command Code 053 Command Code 053 Command Code 053 Command Code 053 Command Code 053 Command Code D53 Command Code 053 Command Code 053 Command Code 053 Command Code 053 Command Code 053 Command Code 053 Command Code 053 Command Code 053 Command Code D53 Command Code D53 Command Code 053 Command Code 053 Command Code 053 Command Code 053 Command Code nS Command Code 8 5 4 Parameters The Parameters tab sheet lists the following information for every available DEP parameters in the DEP Crypto Module Gives the tag of the DEP parameter Gives the actual value of the DEP parameter These pa
112. onfiguration select the Delete function from the Platform submenu in the Edit menu or use the equivalent Delete key from the keyboard A dialog box appears prompting you to confirm your operation Atos Worldline Technology amp Products Engineering DEP Page 23 139 DEP NMS User Manual 04 04 Classification Public DEP NMS If you press Yes the platform and all Crypto Modules linked to it will be removed from the configuration tree and the main window will automatically refreshed If you press No the dialog box will be closed without any changes 5 4 PLATFORMS ORDER To change the order of platforms in grid select the Order function in the Platform submenu in Edit menu A dialog box appears allowing you to perform this operation Change Platforms Order x Platforms DK Cancel All the DEP Platforms of configuration are listed in the Platforms list To change the DEP Platforms position in the list select any of them and click Up or Down buttons to up and down its position To confirm the new order of DEP Platforms click OK otherwise simply click Cancel Atos Worldline Technology amp Products Engineering DEP Page 24 139 DEP NMS User Manual 04 04 Classification Public 6 THE VIEW MENU The View menu contains functions that allow to determine the information being present in the main window The View menu contains the following functions e Refresh All and Refresh Item to refresh the con
113. or the first time e the name of the restore file that was last used if keys have already been restored before Look ir E Data fies t backup dat File name Jrestore dat Files of type Dat File dat Cancel The default path for the backup files is C Documents and Settings USER Atos Worldline DEP_NMS and DEP_EM Data_files for Windows 2000 and XP and c Users USER Atos Worldline DEP_NMS and DEP_EM Data_files for Windows Vista and Windows 7 When the correct backup file has been selected the Keys restore dialog box will appear indicating the progress of the specified restore operation keys restore x Restoring a backup of keps from file backup dat Atos Worldline Technology amp Products Engineering DEP Page 64 139 DEP NMS User Manual 04 04 Classification Public Update of the information in the main window is done If during the key restore process selected DEP Crypto Module s are not ready to proceed with the key restore operation the following error box will appear and the restore process will be interrupted SSS h ti i Restoring a backup of keys From file error on selected modules There is no ready modules left After pressing the OK button the Keys restore report window will appear containing the total number of successful and failed DEP Crypto Module s For each failed DEP Crypto Module s there is status line with failure reason
114. or the operation for example settings configuration of the DEP Platform unlocking of DEP Platform or DEP Crypto Module Atos Worldline Technology amp Products Engineering DEP Page 26 139 DEP NMS User Manual 04 04 Classification Public Event Properties o i 2x Event Date ffl 2004 Source DEP_NMS Time 13 35 Categor None Type Information EventID 1 User Bf Computer PC DOPOZ62 Description Operation succeeded Getting the Platform Status Date te Bytes O words For a detailed list of operations that are logged refer to the ANNEX c audit trail Operations and events With the function Save Log File As from the Action menu of the Windows Event Viewer you can store the data of the event log file into an ASCII file 6 3 SHOWING HIDING THE STATUS BAR To show or hide the status bar at the bottom of the main menu respectively select deselect the Status Bar option in View menu DEPIEM not connected Last automatic refresh done on 200579730 14 43 34 MOM From left to right the status bar contains the following bits of information e Status of the connection of the DEP NMS to its DEP EM for more information about DEP EM refer to the DEP EM User Manual e The date time of the last refresh all manual or automatic e Caps Lock activated e Num Lock activated e Scroll Lock activated e Status of security level of the DEP NMS see the specific chapter 10 2 for more information
115. orms DEP Crypto Modules can be accessible to multiple users at the time But a user may want to lock the module thus reserving it exclusively to himself The Locking submenu in the DEP Crypto Module menu presents functions to control the locks on a DEP Crypto Module The submenu offers the following functions Lock e Unlock Atos Worldline Technology amp Products Engineering DEP Page 52 139 DEP NMS User Manual 04 04 Classification Public e Forced Unlock DEP NMS C 192 168 0 19 cfg File Edit View DEP Plathorr DEP Crypto Module Tools Plugins Help Ci co el a i Status Fa Lock Platform symbolic name E Application H Unlock E 192 168 0 19 chg Keys H Forced Unlock EJ 192 168 0 19 Read DEF Information mr l 2 Moai ES Module 2 ael p Locke my 192 165 0 20 z TB tarem FF 192 165 0 20 ES Module 1 Cloning p Locke ES Module 2 Locke BE Module 3 Firmware Upgrade Locke my 192 165 0 22 a Unlocked CF GFF 192 165 0 22 ES Module 1 Locke ES Module 2 Locke 8 2 1 Lock This function lets you lock the DEP Crypto Module after which it is no longer capable of processing command messages from the host The Status of the DEP Crypto Module on the DEP NMS is changed to Locked 8 2 2 Unlock With this function you free the DEP Crypto Module thus enabling it to process command messages from the host The Status of the DEP Crypto Module on the DEP NMS is changed to Unlocked 8 2 3 Forced un
116. ot loaded 197 168 0 19 Module 2 The DEP application software loaded in the module Remove Gontinve Cancel Below is the list of errors which can appear in Problems Information list Banksys Crypto upgrade is only allowed on DEP PCI V4 0 modules This kind of error appears if the selected DEP Crypto Module s version is not DEP PCI V4 0 The loaded DEP Application Software doesn t support the Banksys Crypto upgrade functionality The Application Software loaded on DEP Crypto Module s doesn t support the I STD_FW_UPGRADE interface Bring to the Customer level The DEP Crypto Module should be at CUST Authority level The CAP_STD_FW_UPDATE capability is not loaded The CAP_STD_FW_UPDATE capability should be loaded on selected DEP Crypto Modules to continue the process For multi module upgrade the USB license dongle is not installed The USB license dongle should be installed to continue the process DEP Platform Software non compatible the version 4 3 0 or higher need to be installed The minimum version of the DEP Platform Software should be VENUS 4 3 0 While displaying the above information dialog box application is doing background check for state of DEP Crypto Modules enumerated in Problems Information list When one or more DEP Crypto Modules are brought to Ready state Problems Information list and General Information will be updated in the dialog box It is poss
117. path to the folder where the DEP NMS and DEP EM applications are to be installed The default pathis C Program Files Atos Worldline DEP_NMS and DEP EM j DEP_NMS and DEP_EM Select Installation Folder The installer will install DEPLNMS and DEP_EM to the following folder To install in this folder click Next To install to a different folder enter it below or click Browee Folder C Program Files 4tos WorldlinesDEP_NMS and DEP_EM Browse Disk Cost Install DEPLNMS and DEP_EM for yourself or for anyone who uses this computer Everyone f Just me Cancel Back It is recommended to use the default path yet you can specify a different folder by clicking Browse and selecting the desired folder for the installation of the DEP NMS and DEP EM applications You also need to establish whether you want the application to be available to only one or to all the user of the computer on which you are installing In the former case you select the option Just me in the latter you select Everyone Click Next to continue If you want to return to the previous screen press Back or if you want to abort the procedure click Cancel Atos Worldline Technology amp Products Engineering DEP Page 133 139 DEP NMS User Manual 04 04 Classification Public 14 1 2 Confirming installation The Confirm Installation dialog box gives an overview of the settings selected during the installation procedure
118. possible to change parameters and Read only is displayed in the title bar of the window 7 1 4 1 Connections This tab sheet contains information about the connections between the hosts and the DEP Platform The Connections tab sheet presents the list of open and closed connections To easily notice the open connections in the list these are displayed in blue Platform status Read only x pplication protocol DateTime Event manager Status connections Host protocol Host Name Host Address Sent Received 192 168 0226 1453 1453 26 05 09 19 0 192 168 0226 2076 076 26 05 09 19 01 192 168 0 226 104 1047 26 05 09 19 0 Start Time a 192 166 0226 75l rol 26 05 09 19 0 i 192 168 0226 S06 og 26 05 09 19 0 192 166 0226 407 407 26 05 09 19 0 E 1952 166 0226 303 a03 26 05 09 19 0 197 1668 0 276 164 164 26 05 09 19 0 192 166 0 226 p m 29 05 09 16 4 mn S a A an G a G a G a D a A a G oo n D a S a D a G m G a D a A a G m G oO afl Refresh For each connection the following information is presented Host name Hostname name found by a DNS service 1f no name has been found or disabled in the configure communication protocol data Host address IP address of the host connected if Resolving hostname is enabled in the configuration of communication protocol data and hostname was found by a DNS service Sent Total number of messages sent via the conne
119. pto Module CPU The function DEP resets the main CPU All the data in the memory is kept application software keys etc Before resetting the DEP NMS prompts you for confirmation Resetting the DEP Cancel After confirmation the reset operation is executed A message box will appear if the reset of the DEP Crypto Module has succeeded a 8 7 4 Resetting the DEP Alarm Processor The DEP Alarm Processor function causes both the main CPU and the alarm processor to be reset Before resetting a confirmation is asked to the operator Warning Be aware that all the memory application software keys will be cleared by this operation DEP NMS E x P This operation will erase software keys capabilities Continue anyway After confirmation the reset operation is executed If the reset of the DEP Alarm Processor has succeeded the main window is automatically refreshed 8 8 MANAGING DEP PARAMETERS You can use parameters to fine tune application software The DEP Parameters functions lets you set modify backup restore DEP parameters of the DEP Crypto Module Atos Worldline Technology amp Products Engineering DEP Page 89 139 DEP NMS User Manual 04 04 Classification Public Warning The DEP Parameters function is only enabled in locked mode When you select the DEP Parameters function from the DEP Crypto Module menu or from the context menu that appears when you right
120. r j Status Cloning Status E 192 168 0 19 cfg EJ 192 168 0 19 g Unlocked On Off 197 168 0 19 medio tae Gand Master Cant a Clone Candidate BY 192 166 0 20 i Unlocked Off E 192 168 0 22 3 Unlocked off rete gt Application keys Read DEP Information Diagnostics H Reset b DEP Parameters Unset Master Firmware Upgrade r D REEE asteriClane Seb as alone Unset Clone Start Cloning Process Unselect All Atos Worldline Technology amp Products Engineering DEP Page 99 139 DEP NMS User Manual 04 04 Classification Public After the Clone candidate is unset the Cloning Status will become Not Set The background of the DEP Crypto Module line returns to the DEP Crypto Module line usual colour 9 6 UNSELECT ALL To unset all the previously set as Master and or Clone candidate DEP Crypto Modules right click on any DEP Crypto Module choose Cloning and then click on the Unselect All option Also you can unset the DEP Crypto Module Master and or Clone candidates from general menu Click on the DEP Crypto Module in main window choose Cloning and click on the Unselect All option Unselect All function is enabled only if at least one DEP Crypto Module is set as Master or Clone Candidate and Cloning Process is not started After all the DEP Crypto Modules are unset the Cloning Status will become Not Set for all the DEP Crypto Modules and the backgrounds of the DEP Crypto Modules lines return to t
121. r Manual 04 04 Classification Public 10 FIRMWARE UPGRADE Note This functionality is protected by the license dongle when more than one DEP Crypto Modules are selected You can start Firmware upgrade without license dongle for one DEP Crypto Module The Firmware Upgrade menu item allows to reflash the bios and upgrade the Banksys Crypto firmware DEP NMS 192 168 0 19 cfg File Edit View DEP Platform DEP Crypto Module Tools Flug Ins Help lana ae sepia ABA Platform symbolic name Securit Platforms Trace Statistics TCP IP addr Lock 192 168 0 19 cfg my 192 166 0 19 T3 Unlocked on CFF 192 166 0 19 BS Module 1 Lack BS Module 2 Lact my 192 168 0 20 Unlocked CFF CFF 192 166 0 20 my 192 168 0 22 a Unlocked CFF CFF 192 166 0 22 GOTTEN status F3 ee a BY Module 2 Locking Lack Application d keys Read DEF Information Diagnostics Reset H DEP Parameters Cloning Firmware Upgrade BIOS Reflash Upgrade Banksys Grypto 10 1 BIOs REFLASH With the Bios Reflash function of Firmware Upgrade submenu you can reflash the Bios of the DEP Crypto Module s Also the Bios is supporting the cloning functionality The cloning will be enabled only if the Cloning Software is available on appropriate DEP Crypto Module To set the Cloning Software on DEP Crypto Module the cloning supported Bios should be loaded Note The Reflash Bios function is available if the DEP Crypto Module is in boo
122. r name and the TCP IP port to advertise alarms to the DEP EM application that will listen to the TCP IP address and port If these fields are not filled in or nobody listens nothing is sent The Event Manager will be advertised in case of e Modification of the configuration of a DEP Platform or a DEP Crypto Module e Modification in the communication protocol e Modification in the application protocol e End of application e Shutdown e Reset of alarms e Forced unlock of a DEP Platform or a DEP Crypto Module Atos Worldline Technology amp Products Engineering DEP Page 118 139 DEP NMS User Manual 04 04 Classification Public 11 1 3 C ZAM DEP In the bottom part of the General Settings dialog box you can configure the port for the C ZAM DEP that is to be used on the PC on which the DEP NMS application is running With the option Active you determine whether the C ZAM DEP is to be active or not By default it is not activated Once it is active you can select via the list box underneath the COM or RS232 Port that is to be used for the C ZAM DEP operations The label to the right of the list box indicates whether the port is initialisedornot initialised Warning Activating the Automatic Refresh or the C ZAM DEP if you have only the lite version of the DEP NMS application has no effect The following information box will appear if you do so Automatic refresh and C ZAMIDEP communication are active but
123. r program i protected by copyright law and international treaties Unauthorized duplication or distribution of this program or any portion of it may result in severe civil or criminal penalties and will be prosecuted to the masimum extent possible under the law Cancel Figure 8 Installation wizard Notes 1 A user must have administrative privileges to be able to start the installation procedure 2 If the CD ROM not start automatically execute Setup_NMS exe on the CD ROM 3 This version of the DEP NMS uses a password to protect the communication between the DEP NMS and the DEP Platform If you use an old version lt 2 07 it is recommended to delete the existing file DEP_NMS pwd before installing this new version 14 1 DEP NMS AND DEP EM INSTALLATION To launch the installation of DEP NMS and DEP EM press the corresponding button in the installation start up window Atos Worldline Technology amp Products Engineering DEP Page 132 139 DEP NMS User Manual 04 04 Classification Public The Welcome dialog box appears and you can proceed with the installation by clicking Next and following the instructions that the wizard presents If for any reason you do not want to proceed with the installation press Cancel Below is a brief description of the different phases in the installation procedure 14 1 1 Selecting the installation folder In the Select Installation Folder dialog box you have to specify the
124. rameters respectively define the lower and upper borders of the DEP Parameter instances new DEP parameter instances outside these borders are not allowed Min ins Identifies the type of the DEP parameter 1 byte WORD 2bytes DWORD 4bytes digit string Format This identifies the required format of the DEP parameter during the introduction of the value NONE DEC HEX Indiciates the group of parameters to which the Atos Worldline Technology amp Products Engineering DEP Page 79 139 DEP NMS User Manual 04 04 Classification Public actual parameter belongs Name Gives the textual description of the current DEP Gives additional information on the DEP parameter for example Key per slice MinVL These parameters define respectively the lower and upper borders of the DEP Parameter value V or length L whichever applies for the DEP Parameter DEP parameter values lengths outside these borders are not allowed DEP Information Keys Capabilities Counters Parameters Jag vale Minins Maxins Type Format Group O 000000 1 OO oo 2 Byte Dec System o7000100 DEF_MAME HE OO o0 String System O7260000 20 od oo 1 Byte Hex Em 8 6 PERFORMING DIAGNOSTICS The function Diagnostics allows you to test some internal devices of the DEP Platform and to read the alarm information Warning Diagnostics item is only enabled in locked mode When you select this function a submenu appears
125. rent ways depending on the button that you press e OK updates the parameter s and closes the window e Apply update the parameter s but does not close of the window e Cancel the parameters are not modified and the window closes 8 8 1 Modifying DEP parameters If you want to select a DEP parameter first you should select it and then modify the corresponding value Atos Worldline Technology amp Products Engineering DEP Page 91 139 DEP NMS User Manual 04 04 Classification Public Dep parameter Taa Name values o7000000 Keymac Slice 1 Minimum instance 07000100 DEP Name DEP_NAME HERE Maximum instance o7260000 IIPS Min Bits 20 Unit Type Format inimum value Maximum value Del instance Cancel Appl Note Only the field Values can be modified other fields are read only 8 8 2 Adding a parameter instance In order to add an instance to a DEP parameter you have to select the multi instance DEP parameter and click the Add instance button Dep parameters Group Tag Name Values ag System 07000000 Keymac Slice 1 Minimum instance System OFO00100 DEF Name DEP_MAME HERE Maximum instance Iep 07140000 Tep key ID 400 Unit Ilep 07140001 lep Rey ID Eoo Type Iep 07140100 Iep Sd ID 0 Format lep 07140200 Iep 4pp Ins 0 Minimum value Chin OFLEO000 IBM3624 Dec Thl Maximum value asm OF210000 Basement aid Casm 07210100 Sd aid Casm 07210200 Dec Key Use Lim Casm 07210300 5M Algo Cas
126. s d A Trace txt File name Statistics tat Save as type tet File txt 4 Cancel By default the status files are saved in the Data_files subfolder with path C Documents and Settings USER Atos Worldline DEP_NMS and DEP_EM for Windows 2000 and XP and c Users USER Atos Worldline DEP_NMS and DEP_EM for Windows Vista and Windows 7 respectively When you have specified the name and location of the file DEP NMS starts writing the data to the local statistics file Warning The Statistics utility must be stopped before you can write the data to a file Atos Worldline Technology amp Products Engineering DEP Page 47 139 DEP NMS User Manual 04 04 Classification Public 8 MANAGING DEP CRYPTO MODULES To obtain information about a DEP Crypto Module or carry out an operation you need to select the DEP Crypto Module s from the configuration tree in the main window To select the DEP Crypto Module s click on the line s with appropriate DEP Crypto Module s The functions that you can apply to a DEP Crypto Module can be accessed in any of the following ways e via the DEP Crypto Module menu e via the context menu that opens when you right click the platform e via an icon on the toolbar e via a shortcut key refer to ANNEX B Function keys and shortcuts on page 138 8 1 HANDLING MODULE STATUS INFORMATION 8 1 1 Requesting status information To open the DEP Crypto Modul
127. sed locally as address for its own Event Manager address 7 2 HANDLING PLATFORM LOCKING Multiple DEP NMS application instances can have the same DEP Platforms in their configuration A user can decide to lock the platform thus reserving it all to himself Atos Worldline Technology amp Products Engineering DEP Page 38 139 DEP NMS User Manual 04 04 Classification Public The Locking menu presents functions to control the locks on a platform The submenu offers the following functions Lock e Unlock e Forced Unlock Dep Platform Dep Crypto Module Tools Hel i Status FZ PEEA Trace d Statistics b Forced Unlock Unlock If one of the functions has been executed the status of the DEP platform in the main window is automatically updated 7 2 1 Lock The Lock function lets you reserve the DEP Platform exclusively to yourself This prevents other hosts or DEP NMS instances from accessing it and performing specific Operations on it When a DEP Platform is locked all its DEP Crypto Modules are also locked The status of the DEP Platform in the main window is now Locked 7 2 2 Unlock The function Unlock lets you free the DEP Platform in order to allow hosts or other DEP NMS instances to access it again When a DEP Platform is unlocked all its DEP Crypto Modules are also unlocked The status of the DEP platform in the main window is now Unlocked Unlocking a DEP Platform implies unlock
128. ssrenerenni na na N n 90 8 8 2 AGGING a parameter INS VANCE arona e A EE 9 6 6 3 Deleting a parameter INSTANCE ix sxseciisacevick tine a eeeagles ease eae 92 8 8 4 Backin EUP PAV AMCLCIS serapin e r E E UGmuths 93 Atos Worldline Technology amp Products Engineering DEP Page 6 139 DEP NMS User Manual 04 04 Classification Public 6 6 9 Restoring POTANICICNS on aA EEE nome 94 2 DEP SOFFWARECLCONING z uunaananna aana a aaa 95 9 gt PREREOUI ITE Suaren a A es 95 OD SETTINGAS WASTER aa a a aa a E Ea a raea Eaa 95 9s ONSET MAS TER aaa a ese ace sacaah at nes aeeneraanaeesiauneeiacs 96 OA SSE TING AS CLONE ariun bate vast axe ieee a a a Saioties 97 JS UNS ETCLONE ceea me re aR TNT eomy Ee ner EP OTT mr NT erste o 98 9G WIN SEIS VP aen asiue side seactatuctusd wa donzeseduasataetiovsenwimavelse 99 9 7 START CLONING PROCESS iiicissscsciesccoudecvivdceavsueesdcssiesicbstedvsieceivdiveckvevticaceovinns 99 9 7 1 Cloning the Master DMK esiciss satis varies tes nea AT cea eee 99 9 7 2 Customer Administrators authentication on Master and KAWL Checking 100 O73 CLONING probro s dali Jes cack a 102 9 7 4 CLONING SUMMIT asein a E E E 103 9 8 RESET VUAS TER CUONE wisncsenssssanivadeuntsoseus seen aauleaeseedus posiedsesesadecnsaazautensometunsesh 104 10 FIRMWARE UPGRADE oeiia aaae a taa 105 TOT BIOSREFLASI seroren er T T E A 105 10 2 UPGRADE BANKSYS CRYPTO nesrin a a a a aaa 107 LOZA SPV CLO GUUS IL CS sirier e E T E EE 107 10 2
129. st messages If set this attribute enables the DEP Crypto Module to process command messages sent by the host Otherwise the module is able to process only command messages generated by one of the internal applications constituting the DEP Platform system This mode is enabled by default Pool messages If set this attribute puts the DEP Crypto Module in the pool of DEP Crypto Modules that are able to process command messages sent to the DEP POOL device address POOL Otherwise the DEP Crypto Module may process only command messages explicitly sent to it enabled by default For more details refer to the document DEP Host Interface Protocol Automatic recovery The amount of time that the DEP Handler waits period before trying to re establish the communication with a DEP Crypto Module that was in fatal mode Maximum response The maximum amount of time that the DEP time in msec Handler waits for a response message from the DEP Crypto Module after the DEP Platform has sent a message to the DEP Crypto Module When the DEP Crypto Module fails to respond within Atos Worldline Technology amp Products Engineering DEP Page 51 139 DEP NMS User Manual 04 04 Classification Public the maximum response time allowed the mode of the DEP Crypto Module is automatically changed to FATAL The default value is 5000 milliseconds but for long operations such as RSA key generation it may be necessary to take a bigger value
130. statistics were recorded Protocol Error Gives a list of the protocol errors that were Counters detected and a counter that indicates the error frequency Message status counters Response Message sent to Host Message statistics Indicates the number of messages that were treated and lists some averages about those messages Average Command Indicates the average length of the messages Length sent by the DEP NT to the DEP Crypto Module Average Response Indicates the average length of the responses Length sent from the DEP Crypto Module to the DEP NT Average Dep Indicates the average time in microseconds Processing Time that the DEP Crypto Module needs for processing the messages Atos Worldline Technology amp Products Engineering DEP Page 46 139 DEP NMS User Manual 04 04 Classification Public Average Host Indicates the average number of messages per Transaction Rate second that the DEP Crypto Modules processed To save the statistical data locally in a file click the Save button at the bottom of the dialog box A Save As dialog box will open to specify the path and name of the Statistics file The filename presented by default is e Statistics txt if statistical data is saved for the first time e the name of the statistics file that was last used if statistical data has been saved before If the file already exists DEP NMS requests confirmation to overwrite it 2 x Save in Data_file
131. store the information in the file click on the Save button In the Save As dialog box supply the name of the file File name DEPInfo tet Save ae Ippe Jest File txt Cancel The default location of the file is C Documents and Settings USER Atos Worldline DEP_NMS and DEP_EM Data_files for Windows 2000 and XP and C Users USER Atos Worldline DEP_NMS and DEP_EM Data_files for Windows Vista and Windows 7 The file name that is presented by default is e DEPinfo txt if you save this information for the first time Atos Worldline Technology amp Products Engineering DEP Page 75 139 DEP NMS User Manual 04 04 Classification Public e the name of the last used file if you have save information before If the filename already exists the DEP NMS prompts for confirmation to overwrite it C Banksys Setup DEP NM SiData FilesiDEPInfo txt already exists Do you want bo replace ik 8 5 1 Understanding information about keys The top part of the Keys tab sheet list the following information for every key that has ever been loaded into the DEP Crypto Module even when it was deleted afterwards Meaning Tag Identifies the key Length Defines the length of the loaded key in bytes Indicates whether the key is active A or has been deleted Indicates whether the key is known R by the loaded application or not Indicates how many times the key was loaded Iso 10118 2 Hash
132. t level The DEP Crypto Modules should be locked Bios Reflash operation is allowed on one or more DEP Crypto Modules Simultaneous Bios Reflash operation for multiple selected DEP Crypto Modules is possible if the minimum version of DEP Platform software is VENUS 4 0 0 or higher Atos Worldline Technology amp Products Engineering DEP Page 106 139 DEP NMS User Manual 04 04 Classification Public The procedure is identical to that of DEP Application loading except that the user will be prompted for confirmation an additional time in view of the impact of the operation SSS Lti i iS A Reflashing a Bios is a sensible operation Do not interrupt the process Once you have confirmed the loading starts and the Bios reflash load dialog appears with a progress bar Warning Do not interrupt the application at this stage Bios reflash load x Loading bios retlash file PO4ecTUP_ 401 hes 12 At the end of loading process the DEP NMS will automatically perform Reset Alarm Board to activate new bios To check whether the newly loaded bios is running select the module and then choose the Status function from the DEP Crypto Module menu or simply click F3 The Software boot and the Software cloning are presenting the BIOS Atos Worldline Technology amp Products Engineering DEP DEP NMS User Manual 04 04 Page 107 139 Classification Public Module status Read only X Module 1 Module 2
133. t Field Send onnected to 192 168 0 18 Port number 1000 Module number 0 Pool Response time 26 sec DEP NMS verifies the call before sending it and in case of problems it displays a warning Send a Call to the Selected DEP Crypto Module or Platfor x Call to Send FF01250200080001 Output ch The Call to send contains non hexadecimal characters Connected to 197 166 0 18 Port number 1000 Module number 1 Response time 0 sec Atos Worldline Technology amp Products Engineering DEP Page 125 139 DEP NMS User Manual 04 04 Classification Public 12 WORKING WITH PLUG INS To extend the functionality of DEP NMS Atos Worldline has developed additional tools referred to as Plug Ins which you can integrate in the application By default you can add and organize plug ins in DEP NMS with the Add Plug in and Organize Plug Ins functions from the Plug Ins menu Once a plug in has been added it will appear in Plug Ins menu S and DEP _EM Configuration _file Tools Plug Ins Help Fa Add Plug In Organize Plug Ins Us Tr RSA key Generation riFF FF dan wn Fart The information about the plug ins that have been added is stored in the DEP_NMS INI file It allows correct rebuilding of the menu when the application restarts or after an upgrade Remarks 1 Before you can add a plug in you need to install it via its own instal
134. tation occupied by the host sequence number value ranges from 0 to 16 Note This feature is not available if enhanced protocol is used Magic Number Identifies a host command as using a Value dedicated DEP Platform protocol and occupies the first byte s of a host command DEP NMS stores this information for each DEP Platform in the configuration file With regard to the settings different operations are possible depending on the button that you press e Save Stores the information of the user into the configuration file in order to quickly configure other platforms e Restore To retrieve the information saved during the save operation e Defaults Sets the fields to the default factory values coming from the DEP Platform For more detailed information on the Application Protocol refer to the DEP Host Interface Protocol document Atos Worldline Technology amp Products Engineering DEP Page 36 139 DEP NMS User Manual 04 04 Classification Public 7 1 4 6 Platform Date Time The Date Time tab sheet shows the Date Time defined on the DEP Platform Platform status Read only E x Status Connections Host protocol Application protocol Co BatefTime Event manager Date Time Value Date 30 09 2005 Time 17 06 17 4pply also to all modules Here you can change the date and or the time of the DEP Platform It is also possible to adjust at the same time the Real Time Clock of the managed
135. tents of the main window globally or for a specific item e Audit Trail to open Audit Trail window e Status Bar to display hide the status bar e Toolbar to display hide the toolbar or view the audit trail 6 1 REFRESHING THE INFORMATION 6 1 1 Refreshing window globally With the function Refresh All from the View menu or with the corresponding function key F5 you can refresh in one go the information about all the DEP Platforms and their respective DEP Crypto Modules listed in the DEP NMS main window view Dep Platform Dep Crypt Refresh Al FS Refresh Item F Audit Trail F4 P ooo w Status Bar w Toolbar 6 1 2 Refreshing Item With the function Refresh Item from the View menu or with the corresponding function key F6 you can refresh the information about the selected DEP Platform or DEP Crypto Module View Dep Platform Dep Cryy Refresh All FS Refresh Item F Audit Trail F4 Em gt 1 wf Status Bar Toolbar 6 2 VIEWING THE AUDIT TRAIL With the function Audit Trail from the View menu or the corresponding function key F4 you can view the audit trail Atos Worldline Technology amp Products Engineering DEP Page 25 139 DEP NMS User Manual 04 04 Classification Public View Dep Platform Dep Refresh All FS Refresh Item F SS it m Audit Trail FA w Status Bar i w Toolbar The function opens Windows Event Viewer window In addition to the stand
136. tion it ranges from 4800 to 115200 baud 7 1 4 4 TCP IP The standard TCP IP protocol could also be used for establishing communication with the DEP Platform Multiple TCP IP sessions up to a maximum of 16 could be established in parallel between the DEP Platform and a host called multi connect DEP Platform The parameters for the TCP IP protocol are Default value Name resolving Flag that indicates whether or not the Disabled DEP Platform should use a DNS Atos Worldline Technology amp Products Engineering DEP Page 34 139 DEP NMS User Manual 04 04 Classification Public Dynamic Name Solving service to lookup the hostname Application message type Application message length Port number Time min Flag that indicates whether the DEP Deactivated Platform should use keep alive messages to check if the host is still alive Determines where the Most Significant Byte MSB and the Least Significant Byte LSB convention 1s used it is limited to the values LSBFirst andMSBFirst Gives the length in bytes of the message sent through TCP IP it is limited to the values 2 and 4 should be defined to gain access to the DEP Platform Warnings 1 Do not use 7001 or 1002 since these are used as the default values for the communication between respectively DEP Platform and DEP NMS and DEP Platform to DEP EM for the transfer of commands or the handling of errors or warnings 2 For the
137. tion Software is loaded in DEP Crypto Module For more information see paragraph 8 3 1 on page 53 e the loaded DEP Application Software supports the Banksys Crypto upgrade functionality To see if the Application Software supports the upgrade functionality look at the Software DFS document To support the Firmware Upgrade feature the I STD_FW_UPDATE interface must present in Software DFS list e the DEP Crypto Module s is upgraded to CUST authority level e the CAP_STD_FW_UPDATE capability is loaded in the DEP Crypto Module For detailed information on how to load the capability refer to the DEP C ZAM DEP User Manual Atos Worldline Technology amp Products Engineering DEP Page 109 139 DEP NMS User Manual 04 04 Classification Public When the DEP Crypto Module is ready and the Upgrade Banksys Crypto option of Firmware Upgrade submenu is enabled you should select the file hee file you want to load on DEP Crypto Module Select the appropriate file in opened Open dialog box and click Open Look in Applications do ft et Ez My Recent Documents Deskto p 0001_tst 105 05 hee 0001 tst_ bank 5 a_f hee Me Documents er My Computer i P File name D001_tst_105_05 hee Files of type Hee Files hee Cancel After you have selected the Firmware Upgrade file you have to enter the Firmware Certificate value The FW Certificate can be found in the appropriate Firmware Authe
138. tional checks are made after initial checking phase All selected DEP Crypto Modules must be in the same mode DEV TST or LIV otherwise the following warning message box will appear Atos Worldline Technology amp Products Engineering DEP Page 55 139 DEP NMS User Manual 04 04 Classification Public ae LULULUmUmt sOSI A Parallel software load is not possible because the selected modules haven t the same MODE All selected DEP Crypto Modules must have the same CUSTOMER ID otherwise the following warning message box will appear a OSOSOSOSSCS A Parallel software load is not possible because the selected modules hawen t the same CUSTOMER ID If the application is not PCI software you are prompted for confirmation to continue the loading c The software CO Banksys Setup DEP NMSiData_ files PRIS_18b HEx m is may be no PCI software Do vou want to continue the application loading 8 3 1 2 Selecting the application When all the DEP Crypto Modules are ready and the Continue button is enabled you should select the application you want to load on DEP Crypto Module Select the application software in opened Open dialog box and click Open File name Pci CERT_1 1b HE s Files of type Hex File hex Cancel The input file containing the Application Software must either be an Intel 16 bit HEX format with HEX file extension Atos Worldline Technolog
139. tus Fs ocked Good Yor Set E3 192 165 0 Locking 192 168 BY Module Application j Locke Good Not A DOWIE OCKE oo ao ites E Modul Keys Locke Good Mot 4 BB Module Fead BER Information Unlocked Good Mot A Ey 92 166 00 Diagnostics E F 192 165 dge MOC oO Of DE HE Modul Reset Unlocked 9 Good Mot Set BM Module CEF Parameters Locke Good Mot Set Cloning d Firmware Upgrade BIS Relash The Upgrade Banksys Crypto option is enabled only 1f the minimum version of the DEP Platform Software is 4 3 0 or higher The upgrading process will be cancelled if the USB dongle is not present The following message box will appear SS s X Multiple Firmware upgrade is only allowed with 4 Full license dongle After selecting the Upgrade Banksys Crypto function select the appropriate update file hee file Atos Worldline Technology amp Products Engineering DEP Page 111 139 DEP NMS User Manual 04 04 Classification Public Look in Applications d c Eg My Recent Documents Desktop D001 tst_105_05 hee 0001 tst bank 58a F hee S Me Documents er My Computer Y R File name b001 tei 05_05 hee Places Files of type Hee Files hee Cancel After you have selected the firmware upgrade file enter the Firmware Certificate from the appropriate Firmware Authentication Code File see paragraph 10 2 2 1 on page 108 The next phase of the
140. u want to set as Clone select DEP Crypto Module in the menu bar choose Cloning and click on the Set as Clone option Atos Worldline Technology amp Products Engineering DEP Page 98 139 DEP NMS User Manual 04 04 Classification Public DEP NMS C 192 168 0 19 cfg File Edit View DEP Platform DEP Crypto Module Tools Plugins Help hd se es pie ebeBaAP Platform symbolic name i Platforms Trace Statistics TCP IP addr 192 168 0 19 cfg my 192 166 0 19 Unlocked On CFF 192 1686 0 19 dS a en a ae E 192 168 0 20 Unlocked OFF Off Leathe r EH 192 166 022 Unlocked OFF OFf Aypjltice etn keys Read DEF Information Diagnostics Reset DEP Parameters irr Unset Master Firmware Upgrade t _ mes t Master Clone Set as Clone Unset lone Start cloning Process Unselect All 9 5 UNSET CLONE To unset the previously set as Clone candidate DEP Crypto Module right click on the DEP Crypto Module choose Cloning and then click on the Unset Clone option Also you can unset the DEP Crypto Module Clone candidate from general menu Select the DEP Crypto Module which you want to unset click on the DEP Crypto Module in main window choose Cloning and click on the Unset Clone option DEP NMS C 192 168 0 19 cfg File Edit View DEF Platform DEP Crypto Module Tools Flug Ins Help rhe se ae sie eRA F Platform symbolic name i Platforms Trace Statistics TEPIP add
141. y amp Products Engineering DEP Page 56 139 DEP NMS User Manual 04 04 Classification Public e encrypted Application Software file with HEE file extension If you load an application for the first time the path that is presented 1s C Documents and Settings USER Atos Worldline DEP_NMS and DEP_EM Data_files for Windows 2000 and Windows XP and C Users USER Atos Worldline DEP_NMS and DEP_EM Data_files for Windows Vista and Windows 7 respectively If applications have been loaded before the name of the last application file is presented 8 3 1 3 Entering the certificate After you have selected the Application Software you have to enter the Software Certificate that 1s the Software Authentication Code The SW Certificate can be found in the appropriate Software Authentication Code File sac that is delivered together with the Application Software In the Enter the Software Certificate dialog box fill in the correct SW Certificate information By default the Software Authentication Code that was last used is presented Enter the Software Certificate a xX Gw Certificate E Bbeole 4426 SFLEBB 8 3 1 4 Monitoring the loading process During the actual loading of the application the Application load dialog box will appear displaying the progress of the process It also displays the name of the application that is being loaded Application load l x Loading application file oer oc
142. you can set the DEP Crypto Module as Master from general menu Select the DEP Crypto Module you want to set as Master click on the DEP Crypto Module in main window choose Cloning and click on the Set as Master option Atos Worldline Technology amp Products Engineering DEP Page 96 139 DEP NMS User Manual 04 04 Classification Public DEP NMS C 192 168 0 19 cfg File Edit View DEP Platform DEF Crypto Module Tools Plug Ins Help D hg ew elie BB AP Platform symbolic name Securit Platform s Trace Statistics TEPIP addr Lockin Status 192 168 0 19 cfg my 192 168 0 19 a Unlocked On CFF 192 166 0 19 BS Module 1 Locked Good Module 2 nE as Locked Good my 192 168 0 20 od Un kekno s 168 0 20 m4 192 168 0 22 a Unil Pea eR 168 0 22 keys Read DEF Information Diagnostics Reset DEP Parameters Unset Master Firmware Upgrade PE Reset Mastenialone Set as Clone Unset alone Start Gloning Process Unselect All If Master is successfully selected the Cloning Status will become Master Candidate and the row to light indigo 9 3 UNSET MASTER To unset the previously set as Master DEP Crypto Module right click on the DEP Crypto Module choose Cloning and then click on the Unset Master option Also you can unset the DEP Crypto Module Master candidate from general menu Select the Master DEP Crypto Module click on the DEP Crypto Module in main window choose Cloning
143. you through the different steps of the procedure Follow the instructions and click Next to continue with the following step The series of images below show you the sequence of instructions that the wizard steps through Atos Worldline Technology amp Products Engineering DEP Page 66 139 DEP NMS User Manual 04 04 Classification Public x Load the DME2 into the DEP Crypto Module by CAM DEP this will erase all the present application keys You must enter the DMK2 before you can continue with the next step SS t itiSI AN Please load the OME into the DEP Crypto Module Change DMK Wizard Load the capability CAP_STO_CHANGE_DME into the DEP Crypto Module by CA4AM DEP You must enter the capability CAP_STD_CHANGE_DMK into the DEP Crypto Module before you can move to the next step warning LUC AN Please load the capability C amp P STO CHANGE BME into the DEP Crypto Module At this stage you have to load the capability CAP_STD_SAVE_KEYS into the DEP Crypto Module Change DMK Wizard E E x Load the capability LAF_STD_SAWE_KEYS into the DEP Crypto Module by CAM DEF You must load the capability CAP_STD_SAVE_KEYS before you can go to the next Step Atos Worldline Technology amp Products Engineering DEP Page 67 139 DEP NMS User Manual 04 04 Classification Public warning EE AN Please load the capability C4P 57D SAVE KEYS into the DEP Crypto Module
Download Pdf Manuals
Related Search