hand held terminal configuring...

HAND HELD TERMINAL

QUICK START GUIDE

For Contract#: W91QUZ‐09‐D‐0043

AIT 1V: CLIN0001

GLOSSARY

CAC – Common Access Card

HHT – Hand Held Terminal

IA APL – Information Assurance Approved Products List

GETTING STARTED

To Begin:

1. Read the manufacturer’s Quick Start Guide. o Motorola – http://support.symbol.com.

2. Charge the batteries fully for the HHT and CAC readers before using the equipment.

INSTALLED SOFTWARE

Network Security Software – Juniper Odyssey Access Client

Device Security Software – Apriva Guard

Data at rest software – As per the IA APL

CONFIGURING SOFTWARE

APRIVA GUARD

Apriva Guard is preconfigured on the HHT; however, the HHT must be unlocked with a valid CAC.

To Unlock the HHT:

1. Insert the CAC. 2. Enter PIN when prompted.

The device is now unlocked and available for use.

JUNIPER ODYSSEY ACCESS CLIENT

NOTE: All wireless network information is provided by your communications and IT support personnel.

To Configure the Client:

1. Click on File/Networks/Create.

2. Enter ESSID of wireless network and description then click

Next.

3. Enter Associate mode used for this site.

Usually WPA2 or xSec if an Aruba infrastructure.

4. Enter Encryption method then click Next.

Usually AES.

5. Click Remove to delete the default EAP‐TTLS configuration.

6. Click Add then select EAP‐TLS.

7. Deselect Validate server certificate then click Next twice.

8. Type test user in the Login name field.

This will be overwritten the next time a CAC is inserted.

9. Highlight the digital certificate then click Next to associate the

login field name to a digital certificate.

10. Click Finish.

11. Click Connect on the OCA client.

Always stay connected.

12. Remove CAC card and then re‐insert and login again.

All login information will now overwrite previous

configuration in OAC client.

SUPPORT

TECHNICAL DOCUMENTATION

Apriva Guard Software and BT200 T CAC Reader – http://iss.apriva.com/support_reader.aspx

Apriva BT 200‐T Installation and User’s Guide – See Attachment

Data at rest – https://chess.army.mil/ascp/commerce/contract/informationassurance.jsp

Motorola – http://support.symbol.com

Odyssey Access Client – http://www.juniper.net/techpubs/software/aaa_802/oac.html

CONTACT

Lowry Computer Products, Inc. 9420 Maltby Road Brighton, MI 48116 (800) 733‐0210

http://www.lowrycomputer.com/ait‐iv/

Apriva ISS Proprietary

Engineering and Product Development

Apriva™

BT 200 – T

Installation and

User’s Guide

© Apriva 6900 East Camelback Road • Suite 300 • Scottsdale,

Arizona 85251 Phone 480.421.1210 • Fax

480.947.2280

Apriva BT 200-T Installation and User’s Guide 02/16/2010 Page | 2


Table of Contents

1. Introduction ............................................................................................................... 4

1.1 Definitions .......................................................................................................... 4

1.2 References ......................................................................................................... 4

2. Overview ................................................................................................................... 5

3. SmartCard Reader Utilities ....................................................................................... 5

4. Hardware and Software Requirements ..................................................................... 6

4.1. Hardware Components ...................................................................................... 6

4.2. Software and CSPware files needed .................................................................. 6

5. Using ActiveSync to Upload files .............................................................................. 7

6. Install the files on the device ..................................................................................... 7

7. Interface with Windows Mobile ................................................................................. 8

8. Pairing the Device ..................................................................................................... 9

9. Charging the battery ............................................................................................... 12

10. Review ................................................................................................................. 13

11. Support options and limitations ........................................................................... 13

12. Troubleshooting ................................................................................................... 13

13. Troubleshooting Tip: ............................................................................................ 15



Table of Figures

Figure 1 -- My Documents Files List ................................................................................ 7 Figure 2 -- USB/Bluetooth Pairing ................................................................................... 8 Figure 3 -- Pairing Complete and Bluetooth Connection Selection ................................. 9 Figure 4 -- Pair and Login Buttons .................................................................................. 9 Figure 5 -- Pin Entry Keypad (Randomized) .................................................................. 10 Figure 6 -- Please Wait Message .................................................................................. 10 Figure 7 -- Pin Entered, Press OK ................................................................................. 11 Figure 8 -- Confirm Agreement ...................................................................................... 11 Figure 9 -- Certificate Menu with CSPWare installed .................................................... 11



1. Introduction

This guide covers the operational use of the Apriva SmartCard Reader.

Our SmartCard Reader can be paired wirelessly via Bluetooth, to devices such as Windows Mobile® PDAs, most RIM BlackBerry® Bluetooth devices, Intermec and Motorola bar code scanners. It can also be connected through USB to desktop and laptop PCs.

The reader allows users to insert a public key infrastructure (PKI) embedded common access card along with Apriva’s SensaGuard software to provide an interface between devices for secure access to data on compatible devices.

1.1 Definitions

Term Description

Intermec Device Mobile device designed and supported by Intermec Corporation.

Apriva SmartCard Reader Apriva’s device for allowing an interface between the Intermec device and a user’s PKI embedded common access card.

SensaGuard Apriva’s software for PKI authentication/validation on devices.

Windows Mobile Operating system used on the Intermec, and other devices. Designed and supported by Microsoft Corporation

ActiveSync Software from Microsoft Corporation. Used in this guide to provide a utility for installing and updating files on Windows Mobile devices, necessary for use with the Apriva SmartCard Reader.

1.2 References

Intermec is a trademark of the Intermec Corporation

Apriva SmartCard Reader and SensaGuard are products of Apriva

Windows Mobile and ActiveSync are products of the Microsoft Corporation



2. Overview

This guide presumes users have read and understand the guide referring to installing the SmartCard Reader and SensaGuard software. For copies of those guides, please contact Apriva.

3. SmartCard Reader Utilities

Apriva Smart Card (CAC) Readers

Apriva Smart Card Readers enable government entities and other data sensitive enterprises to have the highest level of security available for wireless communication. Our Smart Card Readers provide S/MIME users with strong identification and authentication using hard token certificate and private key policies. Apriva’s Smart Card Readers employ a proprietary embedded operating system with advanced power management capabilities. A common architecture and development board with support for smart card readers, magnetic stripe readers, Bluetooth, SDIO, IR, USB, Serial and 2D barcode readers provide a strong technology nucleus for rapid new product factoring.

Features • DoD PKI Hard Token Common Access Cards • Rechargeable Internal Li++ Battery with Sophisticated Power Management • Wide Range of Connectivity Options • Soft Landing Smart Card Reader • U.S. Army & U.S. Air Force Approved • Bluetooth Security Verified by NSA Benefits • Full DoD PKI Enablement • Long Battery Life Without Need to Carry Replaceable Batteries • Optimal Form Factor • Drivers for RIM and most Windows Mobile Pocket PC devices.

Additionally, Apriva’s SCRs provide support for Microsoft® Cryptographic Service Provider interfaces: SensaCSPware™ – Apriva’s software license for allowing an interface into various PDAs and 3rd party applications via Microsoft Cryptographic APIs (CAPI). SensaGuard™ – Apriva’s software license for PKI authentication/validation to device and/or a given application.



SensaVault™ – Apriva’s software license for AES 256 Data-at-rest encryption messaging store and folder structure.

BT200-T Bluetooth® | Windows Mobile PDA's & RIM BlackBerry OS devices (or Desktops/Laptops via USB) The Apriva® Bluetooth® CAC Reader introduces a small-form factor mobile CAC reader to the Pocket PC platform or the RIM BlackBerry OS, with secure, wireless technology. The BT200-T has built in lanyard attachment bar, power on/off, and LED display. Drivers support USB Desktop/LaptopOS as well. Over 4 weeks of battery life.

4. Hardware and Software Requirements

The following hardware and software elements are necessary to effectively link the SmartCard Reader and installing the appropriate SensaGuard software.

4.1. Hardware Components

Windows Mobile device

Apriva BT-200 Bluetooth SmartCard reader

USB cable with mini adapter

Desktop Computer with ActiveSync

4.2. Software and CSPware files needed

AprivaSmartCardDriver.WM5PPC.cab

AprivaCSPware.WM5PPC-DualRelease.cab

Scardtest.exe

AprivaCSPwareTest.exe



5. Using ActiveSync to Upload files

1. Connect the mobile device to the desktop computer.

2. Connect the mobile device to the laptop with the USB cable

3. ActiveSync should start. A sync partnership is not needed.

Note: ActiveSync can be downloaded from the Internet. It is a Microsoft product and can be downloaded from their site.

4. Copy the following files into the My Documents directory of the mobile device.

Reader firmware

Apriva SmartCard driver.WM5PPC.Cab

AprivaCSPware.WM5PPC-DualRelease.cab

Scardtest.exe

AprivaCSPwareTest.exe

6. Install the files on the device

1. On the mobile device, go to Start>File Explorer

2. Use the device stylus to touch each of the files listed in the My Documents directory. This should initiate an automatic installation of the files onto the device. (Install all software before you install the SensaGuard Service.)

Figure 1 -- My Documents Files List



7. Interface with Windows Mobile

To pair with the Sensa Secure Mobile Email System for the first time after a Sensa client installation, use the following steps:

1. Install the Sensa client on the PDA by running the appropriate *.CAB file (detailed above)

2. After the install, the mobile device software will reset

and the Sensa Guard data-at-rest PIN and the PIN pad will be displayed.

3. Sensa Guard is now configured for a tethered, USB

pairing process.

4. Connect the BT200T (the PDA jack) to the mobile device with the USB cable and supplied adapter and insert your CAC (Press the ON/OFF switch on the

BT200T) and enter your CAC PIN to unlock the mobile device.

5. On the mobile device, run the Sensa Utility program using

the Programs shortcut.

6. Select the Smart Card Reader button.

7. Select USB (the default) and then the Pair button. (See

Figure 2) The tethered pairing operation will take40-60 seconds to complete.

8. On display of a pairing complete message, select OK to close the message box and select the connection method Bluetooth. Wait until the hourglass disappears before removing the cable or CAC.

Do not remove CAC or the USB cable during this process. If you do, you will have to repeat the pairing process for proper transition to Bluetooth operations.

Figure 2 -- USB/Bluetooth Pairing



9. Disconnect the USB cable.

10. The BT200-T is now ready for wireless operations. When the CAC is inserted

and the reader is turned on, the CAC reader will be available for Bluetooth operation. When the CAC is removed, there are no RF emissions – the BT200-T is hard off. This also true when you turn the reader off by pressing the ON/OFF switch.

8. Pairing the Device

1. Once your device is setup, you will see a screen similar to the image on the left..

2. If your device fails to connect to the BT200-T, you can click the “Pair” button. You may need to reconnect the USB cable for this process.

3. Once you have the reader connected, click on the “Login” button.

Figure 4 -- Pair and Login Buttons

Figure 3 -- Pairing Complete and Bluetooth Connection Selection



A “Please Wait” icon will be displayed as SensaGuard is communicating with

the reader.

4. Once SensaGuard is operational it will generate a numeric keypad prompting the user’s CAC pin number as shown above.

Note: SensaGuard randomizes the placement of the numbers on the keypad each time it is initialized as an added security measure.

Figure 6 -- Please Wait Message Figure 5 -- Pin Entry Keypad (Randomized)



5. Every time you log into SensaGuard you will have to click the “OK’’ button confirming that you have read the terms of the IS User

Agreement.

6. To use Apriva CSPware go to Start>Settings>System and click on the Apriva CSPware icon. (With Apriva CSPware you can add certificates and view certificates.)

7. More details on using CSPWare are available Apriva’s CSPWare Installation and User Guide.

Figure 7 -- Pin Entered, Press OK

Figure 8 -- Confirm Agreement

Figure 9 -- Certificate Menu with CSPWare installed



9. Charging the battery

The BT200 can be charged from most powered mini-USB connections.

Charging Indication: The Smart Card Reader is charged using the PC/charge jack on the bottom left side of the device.. The green LED will light continuously with occasional quick flashes to indicate the reader is charging.

While it is not charging, the reader blinks on briefly. While it is charging, the reader blinks off briefly. On Power-up: A green LED for a few seconds indicates a battery with a good charge. A solid red LED indicates that the battery charge is low. No LEDs or erratic LEDs indicate the battery is completely discharged.

Note: The Control Panel can display the battery voltage. For example 4004mv = 4.004 volts. A fully changed LI+ battery measures between 4.1 and 4.2 volts. Charging: It takes approximately 180 minutes to charge a BT200-T using either a wall charger or charging from a PC with the proper USB driver loaded

Wall charger: Attach the BT200-T to the wall charger and the BT200-T should indicate it is charging (see above section “Charging Indication”).

Windows XP: The Windows XP PC must have the Apriva USB driver installed to ensure proper charging operations. The Apriva Reader will power on automatically when it is connected to a desktop computer. After several seconds, the green LED should blink once per second to indicate a USB connection is present. If it is blinking once every 4 seconds, it is indicating it is powered, with no USB connection.

Troubleshooting: If the battery is allowed to discharge to the point where the unit will not turn on: The BT200-T should be attached to either a USB wall charger or a PC with the USB driver and allowed to charge for 20 to 30 minutes. Once the device has charged for 20-30 minutes, turn it off and then turn it back on to finish fully charging.

If the PC USB connection doesn’t charge or charges too slowly, install the Apriva USB driver onto the PC and charge the BT200-T again.



10. Review

As the above guide shows, the Apriva SmartCard Reader will provide secure data access on the Intermec device. In order for all the components to work together properly, it is important to follow all of the steps in this guide.

11. Support options and limitations

Question concerning the BT200-T device, or any of the related Apriva software, please contact Apriva.

866.277.9482 480.421.1303 (Outside the US)

http://iss.apriva.com/support.aspx

Questions regarding Windows Mobile and ActiveSync software should be directed to www.microsoft.com

12. Troubleshooting

If you experience trouble connecting your SmartCard Reader to your device, please refer to the following page.



Action LED Indication Meaning

Reader turned on using power

switch

Solid GREEN and solid RED for

about 2 seconds

Normal power on indication while reader completes

self test

Solid GREENBattery over 75% charged, ready for reader

operations

Rapid GREEN blinking

(2 per second)

Battery between 25% and 75% charged, ready for

reader operations

Rapid RED blinking

(2 per second)

Battery less than 25% charged, user should charge

before use

After 4 seconds both LEDs turn

offNormal transition to Reader Ready Mode

GREEN Blinking

(every 4 seconds)

No USB or Bluetooth connection,

battery over 25% charged

RED Blinking

(every 4 seconds)

No USB or Bluetooth connection,

battery less than 25% charged

GREEN Blinking

(every 1 second)

USB or Bluetooth connection,

battery over 25% charged

RED Blinking

(every 1 second)

USB or Bluetooth connection,

battery less than 25% charged

Power Down ModeGREEN and RED solid for about

2 seconds then both turn off

Power down indicates power switch pressed, card

removed, reader not paired, no Bluetooth or USB

connection, or inactivity timer expired

Solid GREEN blinking off every

4 seconds

No USB or Bluetooth connection, reader charging

Note: If reader is off when cable is inserted, reader

will power on

Solid GREEN blinking off every

1 second

USB or Bluetooth connection, reader charging

Note: If reader is off when cable is inserted, reader

will power on

Battery Test Mode

(About 4 seconds)

Reader Charging Mode

Reader is connected to a

charger or a host PC with USB

cable

Reader Ready Mode



13. Troubleshooting Tip:

When the Apriva BT200 is initially turned on, it will turn both the green and red LEDs on while it is performing an integrity check. Then, it will look for a USB connection. If a USB connection is found, it will disable the Bluetooth and use the USB connection. If a USB connection is not found within a few seconds, it will turn the USB off and look for a Bluetooth pairing. If the reader has not been paired, it will turn the reader off, otherwise, it will check if Bluetooth has been enabled. If Bluetooth has not been enabled, it will turn the reader off, otherwise, it will blink the LED every four seconds while it is awaiting a Bluetooth connection.

This can be a problem which you may find. Once you have established a USB connection, it does not delete the pairing information, but it does disable the Bluetooth. The only way to enable the Bluetooth again is to go into the driver control panel with a USB connection and select the Bluetooth radio button.

This was designed for an airplane and a SKIF. If the user wants to make sure

the Bluetooth radio does not turn on, he/she just has to connect the USB

cable. Once they have disabled it in this way, they must consciously turn it back on.

To obtain the proper drivers, contact [email protected]