
	 	  Saber Secure 4.0
 	     Release Notes - April 1993

This file and two other README files contain the 
release notes for Saber Secure 4.0. Information 
covered in each file is as follows:

README1.TXT:	

	NOTES FOR EXISTING CUSTOMERS
	-  Single program for all Secure users
	-  Modifications to command line switches
	-  New features for Secure

	SECURING WORKSTATIONS
	-  About Secure
	-  What you need
	-  Installation
	-  Getting Help
	-  Guidelines for using Secure
	-  Setting up Secure on the network
	-  Setting up Secure to run as a 
	   DOS application (Part 1)

README2.TXT

	SECURING WORKSTATIONS (continued)
	-  Setting up Secure to run as a 
	   DOS application (Part 2)
	-  Setting up Secure to run as a
	   memory-resident utility

README3.TXT

	SECURING WORKSTATIONS (continued)
	-  Using Secure at the desktop
	-  Secure messages

		
     ____________________________________________

	     NOTES FOR EXISTING CUSTOMERS
     ____________________________________________


This section contains information about changes made 
from the previous version of Secure. The main changes 
are:
     -	A single executable program for all Secure 
	users
     - 	Modifications to command line switches
     - 	New command line switches.

These changes are described in detail below.

___________________________________
SINGLE PROGRAM FOR ALL SECURE USERS

The new release of Secure does not require use of a 
special executable program (formerly SECUREP) for 
Novell passwords.  

______________________________________
MODIFICATIONS TO COMMAND LINE SWITCHES

Some command line switches have been modified for this 
release. The following paragraphs describe the changes; 
however, for a complete description of how to use the 
switch, see "Securing Workstations," which follows 
these notes to existing customers. 

-Z	This compatibility switch is no longer needed. 
	Secure now provides LAN Manager compatibility 
	without the switch. 

	ACTION: Remove the -Z switch from your Secure 
	command statements.

-G	This graphics switch is no longer needed for 
	using Secure with products that have a 
	graphical interface.

	ACTION: Remove the -G switch from your Secure 
	command statements.

-P	This switch, which previously allowed you to 
	prevent processing while the workstation was 
	blanked or secured, is no longer available. The 
	new default for Secure is to prevent processing 
	while the screen is blanked unless you use the 
	new -C switch (described below). 

	ACTION: If you currently use the -P switch, you 
	need to remove this coding and add the new -C 
	switch where applicable. 

-D	In the previous version, this switch allowed 
	you to disable all local drives while Secure 
	was loaded; the drives were enabled whenever 
	Secure was unloaded. With this release, you can 
	disable all or selected local drives with this 
	switch; however, the drives will remain 
	disabled even after unloading Secure. 
	
	ACTION:  If you use this switch to disable all 
	local drives, remove these drives from the 
	search path.

	NOTE:	If you have local and network drives on 
		the search path, Secure only disables 
		local drives; no network drives are 
		disabled.

-O	This switch prevents logout and reboot if files 
	are open. However, with this release, logout 
	and reboot will occur if a file was open when 
	Secure was loaded.


_______________________
NEW FEATURES FOR SECURE


New Command Line Switches
-------------------------

The following switches are intended for use by the 
network administrator, and are described in detail 
under "Securing Workstations," which follows. 

-C	Allows the program or application which is 
	running when the screen is blanked to continue 
	processing. If you do not use this switch, the
	current processing is interrupted whenever the 
	screen is blanked.

-I	Provides a screen requiring the user to define 
	an initial password and optional message at the 
	time Secure is loaded as a memory resident 
	utility. The password is then required whenever 
	the screen is blanked. For Novell networks, 
	this switch is available in combination with 
	the -N switch, which bypasses use of the Novell 
	password.

-K	Unloads Secure as a memory-resident program 
	(same as -U switch).

-S	Provides a method for specifying the type of 
	memory swapping to use for Secure when loaded 
	as a memory-resident utility.

-F	Allows you to specify a file to use for 
	swapping memory.
	
-E	Allows you to specify a time-out (in seconds) 
	for displaying the password screen. In most 
	cases, after the time specified has elapsed 
	with no keyboard activity, the screen is 
	blanked; if Secure is being used as a DOS 
	application, inactivity at the password 
	definition screen will cause Secure to be 
	unloaded after the specified time. The effect 
	is the same if the user presses [Esc] at the 
	password screen.


A Note about Graphics Applications
----------------------------------

In order for Secure to work with graphics applications, 
you should not use these two new switches:

-SO	Normally disables memory swapping; however, 
	some form of memory swapping is required for 
	using Secure in conjunction with graphics 
	applications. 

-C	Normally allows you to continue processing 
	while the screen is blanked. However, in order 
	to allow an application to continue processing, 
	Secure retains control of the screen, and this 
	doesn't work if the applications are not in the 
	same video mode.


Screen Display Flexibility
--------------------------

Secure now works with a 25-, 43- or 50-line screen 
display, and you can switch between display modes while 
Secure is loaded.


              _____________________

              SECURING WORKSTATIONS
              _____________________


____________
ABOUT SECURE

As a network administrator, you don't want to face a 
situation like this one:

January 15, payday.  When Tammy in Accounting sees that 
payroll is running smoothly, she decides to step out 
quickly for a cup of coffee. Down the hall at the 
coffee pot, she runs into Jerry, and stays away from 
her PC longer than anticipated. Meanwhile, because she 
failed to exit the network payroll application, not 
only is confidential information displayed for anyone 
who might enter her office, but it's available to be 
copied to diskette. 

With Secure, the Saber DOS utility for workstation 
security, the following scene is one you won't mind 
watching: 

January 31, payday.  Tammy sees that payroll is running 
smoothly. She secures her workstation, and then goes 
for coffee. She knows that if someone walks in her 
office, her workstation is Secure, since the Secure 
dialog box requiring a password prevents unauthorized 
access. Also, since she works with confidential 
information, her workstation's local drives are 
disabled whenever she starts the payroll application to 
prevent copying of information. When she has finished 
her break, she can return to the information previously 
displayed simply by entering the authorized password.

These and other features of Secure are described in 
this document. With Secure, you can define the level of 
network and file access security which is appropriate 
for your environment. And you can provide a desktop 
interface for users which allows them to be confident 
that data at their workstation is protected against 
possible misuse. Security and screen blanker features 
are available depending upon the network you use and 
whether you run Secure as a standard DOS program or as 
a memory-resident utility (TSR). 


How Secure Works as an Administrative Tool
------------------------------------------

As a tool for controlling access to information on the 
network, Secure allows the network administrator to 
perform the following:

     -	Control the delay time for activating the 
	screen blanker. 

     -	Force users to be logged off the network and 
	workstations to be rebooted after a period of 
	inactivity or at a specified time.

     -	Prevent users from being logged off the network 
	if files are open. 

     -	Disable all or selected local drives; one use 
	of this feature is to disable local drives to 
	prevent applications with confidential data 
	from being copied.

     -	Allow background processing to continue while 
	the workstation is secured.

     -	Identify the type of memory swapping if you 
	wish to use Secure as a memory-resident 
	utility.

     -	Specify a file to use for swapping memory.

     -	Require users to define and use a password each 
	time they secure their workstations.

     -	For Novell networks, use the Novell password as 
	the required access code once a workstation has 
	been secured, bypass the password and use the 
	screen blanker only, or require the user to 
	define a password.


How Secure Works as a Desktop Tool 
----------------------------------

As a desktop tool, Secure allows the user to:

     -	Temporarily secure the workstation from 
	unauthorized access to network or local data 
	while the user is away. 

     -	Blank the screen with a "traveling" Saber 
	graphic to prevent monitor "etching." 

The remainder of this document describes the following: 

     -	System and memory requirements
     -	Installation procedure for Secure as a 
	stand-alone application
     -	Guidelines for using Secure
     -	Setting up Secure on the network
     -	Using Secure at the desktop
     -	Getting help
     -	Secure error messages.


_____________
WHAT YOU NEED

System Requirements
-------------------

Secure works on any IBM-compatible personal computer 
(XT, AT, 8086, 8088, 80286, 80386, 80486) with DOS 3.1 
or later versions.

Memory requirements
-------------------

As a memory resident program, Saber Secure doesn't use 
conventional DOS memory if you use memory swapping. 
If you disable memory swapping, Secure uses up to 45K 
bytes of memory. 


____________
INSTALLATION

If you have installed Saber LAN Workstation, Secure is 
available. However, to install Secure as a stand-alone 
application, copy the file SECURE.EXE (main executable 
program for use on all network operating systems) from 
the program diskette to a desired directory on the 
user's search path. The following files are also 
available for Secure as a stand-alone application:

README.TXT	file containing pertinent product 
		information and errata unavailable at 
		time documentation is printed. 

README.EXE	program that allows a file to be 
		displayed online, saved to another file 
		or routed to a printer.
	
		We recommend you set the file 
		attributes for the above files to 
		SHAREABLE, READ-ONLY.



____________
GETTING HELP


Online Help
-----------

Secure includes online Help text which provides a 
description of all the switches described in this 
document. On the DOS command line, enter the following 
command to display Help text for Secure:

	SECURE -?

	or

	SECURE -H


Software compatibility
----------------------

If you have a question about hardware or software 
compatibility, call Saber Software Corporation's 
technical support:

	Toll-free:	(800) 526-8086
	Local:		(214) 361-5284
	Fax:		(214) 361-1014
	BBS:		(214) 361-1883


___________________________
GUIDELINES FOR USING SECURE

Here are some guidelines to help you understand how to 
use Secure.

What's the best way to use Secure?
----------------------------------

Secure is very flexible in terms of how you might wish 
to use it. How you use Secure depends upon two 
conditions:

     -	Whether you are running Secure as a DOS 
	application or a memory-resident utility, and 

     -	The type of network you are using.

If you use Secure as a DOS application, that means that 
Secure is loaded every time it's used to blank or 
secure the workstation, and then unloaded when the 
workstation is unlocked. If you use Secure as a 
memory-resident utility, that means that Secure remains 
loaded in memory and is available upon demand.

Options for running Secure are available through 
command line switches, which are described in detail 
later in this document. You may wish to review these 
options to determine whether you wish to run Secure as 
a DOS application or memory-resident program. 

NOTE:	If you use Microsoft Windows, the Secure 
	program is suspended while Windows is loaded. 
	It becomes available when you exit Windows and 
	return to DOS. (We suggest using Saber Menu for 
	Windows, which provides features for security 
	while you're in windows).


How do I use Secure as a DOS application?
-----------------------------------------

To run Secure as a DOS application for on-demand 
security, users enter the command with the appropriate 
options at the desktop. 


How do I use Secure as a memory-resident utility?
-------------------------------------------------

If you load Secure as a memory-resident utility, you 
have all the options that you would with the DOS 
application as far as controlling the automatic 
blanking and security for the workstation. Plus you 
have some other options. For example, you can define 
the period of inactivity before automatic blanking, and 
allow users to secure their workstation on demand with 
use of a "hot key" combination. 

Certain applications will work properly with Secure as 
a memory-resident program only if you use the option to 
allow processing while the screen is blanked. For 
example, if you use real-time communication programs or 
hard disk utilities and diagnostic programs, you don't 
want to suspend processing while the screen is blanked. 

These options are described in detail later in this 
document.


Does the type of network I have make a difference? 
--------------------------------------------------

Secure options are available regardless of your network 
type. However, there are some differences in the way 
the switches work, depending upon the type of network 
you have. For example, here are some issues to consider 
if you are using Secure on a Novell network:

     -	Secure uses the Novell password from the system 
	bindery, unless you use the switch which 
	requires users to enter a password. 

     -	If you wish to require use of a password, two 
	switches are available depending upon the 
	screen blanking and security level you wish to 
	provide. 


Using Secure and a mouse
------------------------

Keep in mind these items when using Secure and a mouse:

     -	Always load the mouse driver before loading 
	Secure.

     -	Because Secure monitors only keyboard activity, 
	use of the mouse does not prevent functions you 
	specify, such as blanking the screen after a 
	period of keyboard inactivity, from being 
	performed.


________________________________
SETTING UP SECURE ON THE NETWORK

This section describes the tasks necessary to set up 
Secure for your network. The following topics are 
covered:

     - 	Format and syntax for Secure commands
     -	Running Secure as a DOS application
     -	Running Secure as a memory-resident utility
     - 	Tips for determining which method is best for 
	your environment.


Secure command format and syntax 
--------------------------------

The following command format and syntax is used whether 
you are running Secure as a DOS application or loading 
it as a memory-resident utility:

	SECURE {-switch}

where -switch is one or more of the switches listed in 
the following tables. If you use more than one switch, 
separate the switches with a blank space.

Here is a quick reference for using switches with the 
command. Details and examples follow these tables under 
the sections for setting up Secure.

LOADING AND UNLOADING:

Switch		Description and default	
------		-----------------------
-R[key]		Load Secure as memory resident; may 
		specify a hot key. Parameter optional. 
		DEFAULT with no switch: Secure is 
		loaded as a DOS application.
		DEFAULT with switch and no parameter: 
		hot key combination for memory-
		resident Secure is [Alt]+[S].

-U or -K	Remove Secure from memory if it is the 
		most recent TSR loaded. No parameters.
		DEFAULT: off


SCREEN BLANKING:

Switch	Description and default		If you run Secure as:	
------	-----------------------		---------------------
					DOS	Memory-
					App	resident	

-Bnnn	Blank screen after period of  		X
	keyboard inactivity. Parameter 
	required. Default: 10 minutes.


LOGOUT AND REBOOT:

Switch	Description and default		If you run Secure as:	
------	------------------------------	---------------------
					DOS 	Memory-
					App	Resident

-Lnnn	Reboot workstation after  	X	X
	period of inactivity; for 
	Novell, log off network 
	session and reboot 
	workstation. Parameter 
	required. Default: off.

-Thh:mm	Reboot workstation at a 	X	X
	specified time; for Novell, 
	log off network session and 
	reboot workstation (military 
	time). Parameter required. 
	Default: off.

-O	Prevent logout and reboot if  		X
	files are open. No parameters. 
	Default: off.

-A	Disable warning beeps before  	X	X
	logout. No parameters. 
	Default: off.


PASSWORD CONTROL:

Switch	Description and default		If you run Secure as:	
------	-----------------------		---------------------
					DOS	Memory-
					App	resident	

-N	For Novell networks; disables  	X	X
	use of password. Password 
	security based on whether 
	Secure is run as DOS 
	application or is memory 
	resident. No parameters. 
	Default: off.

-I	For use when Secure is loaded  		X
	as memory resident to require 
	password and allow for an 
	optional message. On Novell 
	networks, may use alone or in 
	combination with -N switch. 
	No parameters. Default: off.

-Ennn	Blank screen after period of 	X	X
	inactivity on the password 
	screen. Parameter required. 
	Default: 60 seconds. 


OPERATIONAL CONTROL:

Switch	Description and default		If you run Secure as:	
------	-----------------------		---------------------
					DOS	Memory-
					App	resident	

-D[drv]	Disable all or selected local 	X	X
	drives on a network compatible 
	with DOS 3.1 or	later version. 
	Parameter optional. Default 
	with no switch: off. Default 
	with no parameters: disables 
	all local drives.

-C	Allow processing when screen 		X	
	is secured or blanked; if 
	memory resident, swapping is 
	disabled. No parameters. 
	Default: processing is  
	prevented when screen is
	blanked.


MEMORY SWAPPING:

Switch	Description and default		If you run Secure as:	
------	-----------------------		---------------------
					DOS	Memory-
					App	resident	

-Sparm	Select memory type for   		X
	swapping. Parameter required.  
	Default: automatic detection 
	of best method.

-Fpath	Specify file for memory  		X
	swapping. Default: automatic 
	swap file creation on current 
	drive and directory.


Example with multiple switches
------------------------------

Here is an example of how the Secure command works 
at login. In this example, Secure is loaded on a Novell 
network as a memory-resident utility. Whenever Secure 
is loaded, use of the Novell password is bypassed, and 
the user must define a password. Whenever there are two 
minutes of inactivity at the keyboard, the screen is 
blanked; the user must use the defined password to 
unlock the workstation. The user can also secure the 
workstation using the hot key combination [Alt]+[Q]. 
Visual warning messages are displayed at 6:55 and 
6:59 p.m. each evening; the user is logged off the 
network at 7:00 p.m. and the workstation is rebooted. 

	SECURE -RQ -N -I -B2 -T19:00 -A

NOTE:	Switches may be entered in any order, and you 
	may use the slash (/) instead of the hyphen (-) 
	if you prefer. Some switches allow or require 
	the use of parameters, as in the example above; 
	these parameters are detailed in the sections 
	that follow.

_____________________________________________
SETTING UP SECURE TO RUN AS A DOS APPLICATION

If you wish to run Secure as a DOS application, you 
have several options. The following paragraphs describe 
what happens with each option; however, you can combine 
options to set up the security you need. Use the format 
and syntax described above for entering the command. 


Basic Secure as a DOS application
---------------------------------

Used as a DOS application, the basic Secure command 
provides a screen blanker and password security. You 
can set up Secure to run directly from the DOS command 
line, or you can create a menu item in Menu for DOS 
which starts the program. Here's what happens at the
workstation, depending upon the network you use.

For all networks but Novell, an initial password 
definition screen requires the user to enter a password 
for reentry and an optional message to be displayed in 
case someone attempts to use the workstation. After 
this information is entered, the screen is blanked 
until the user returns and presses any key. At this 
time, the password screen is displayed again and 
requires the defined password for access to the 
workstation.

If you use Novell, the network password is used 
automatically; the password definition screen is 
displayed to allow the user to enter a message only. 
After this information is entered, the screen is 
blanked until the user returns and presses any key. At 
this time, the password screen is displayed again and 
requires the Novell password for access to the 
workstation.

NOTE:	Although there is a note on the password 
	definition screen that the password is taken 
	from the network, you might wish to inform 
	users that they are required to use their 
	network passwords to unlock the workstation 
	after the screen is blanked. 

Syntax: 
------
To use basic Secure, enter following command:

	SECURE 

NOTE:	Step-by-step instructions for use at the 
	workstation are provided below in "Using 
	Secure at the Desktop." 



