Secure Workstation is an NMAS post-login method that provides a mechanism to lock a workstation on events such as, when an authentication device is removed or after a period of user inactivity. You can configure secure workstation to lock the workstation, log out a user from Windows, log out a user from the network, or close a set of administrator-specified programs.
Secure workstation functions around these three factors:
Inactivity Timeout
Network log in and log out
Device Removal
Manual Lock
Locking a workstation
Logging out from a workstation
Logging out from a network
Executing post-policy commands
Issuing warnings
Closing programs
Secure workstation uses two policies:
Local Policy: Local policy is used for workstations where the policy is stored in the registry.
Network Policy: Network policy is used for workstations where the policy is stored in the server.
Effective Policy: The effective policy is a combination of the local policy and the network policy.
The secure workstation policy editor is a GUI feature, which you can use to edit the local policy and view the effective policy.
Secure workstation is integrated with SecureLogin. It registers itself with LDAPAuth for various events. When an event occurs, the SWEvent handles the event and passes it on to the service.
NOTE:On Windows machines, the exe files that are set to run automatically cannot have administrator privileges. So, the secure workstation policy editor session that requires administrator privileges does not run automatically. To run the session as a standard user on Windows 7, find the secure workstation session management process file (wsaccsmp.exe) and manually start this service. On Windows Vista, select to run the session from the notification message, which informs that the session is blocked.