AccuMark Family V10 Network Security

The new V10 security has a new physical security key (SafeNet HL DL) and a different way of applying
license updates compared to previous versions of AccuMark Family software. Security updates have
been made for AccuMark, AccuNest, AccuScan and MTM family of products.
Refer to the document AccuMarkV10Security for details about standalone
licensing. Briefly standalone (single user) and Network keys are available. The
standard green key is for the single user.
Network licensing allows you to have one key on a system and have your users use the license server for
their security access for AccuMark applications. The network key can be used instead of having
standalone keys on each users workstation.
Network or concurrent keys come in 3 varieties: all are red in color but come in
different allotments of 1 to 10 users, 1 to 50 users, and 1 to 250 users. The
license file that is applied to the network key further restricts the number of
users. For example, you need to have a network key for 30 users. Thus you
would need to use the network key that allows 11 50 users with a license that
is good for 30 users.

Initial V10 keys come Preconfigured

Your initial V10 network security key will come preconfigured with your software entitlement. This can
include any or all of the AccuMark V10 Family products. You will no longer need to apply a separate
license file to get started.
Be sure that you see the light on the key. Some computers may go into sleep or hibernate mode and
may shut down power to the USB ports, thus causing the key to not work properly.

V10 AccuMark and other Gerber Products will use different keys for now
Previously different Gerber products were all able to use the same SafeNet USB black security key and
use the Install License application to apply each of the different licenses, including for AccuMark
software prior to V10, Cutworks, and Cutter software.
Now, because of the V10 security updates, if you have more than one Gerber product like those
mentioned above, you will now need to have two security keys in order to run your applications; one for
the new V10 AccuMark Family software and one for the existing Cutworks and/or Cutter software.
Continue to use Install License for AccuMark Family V9 and earlier versions of software as well for the
Cutworks and Cutter software.

Page 1 of 18

Setting up a License Server: Installing the HASP Drivers

A Network license is installed on a single computer with a Run-time Environment. The Run-Time
Environment for AccuMark is called Sentinel Runtime and is provided through the HASP installation.
The users in the same network will then have access to the network license.
The Run-time Environment includes the HASP device drivers and can be installed without having to
install the full AccuMark software. Since the HASP drivers are a PreRequisite for the full AccuMark
software, you will need to go to the folder where it is located. On the DVD or download file browse to
the location AccuMark\ISSetupPrerequisites\{940FB97C-6A22-4D82-A2F7-9BED4FF2DACD}. In this
folder run HASPUserSetup.exe.
Note: if you download the software from GERBERnet, you must extract all files before installing. You will
encounter errors if you try to install from within the zip file. Installation of the Run-time Environment on
a computer requires admin rights.

Connecting Users to the License Server

Any system that has AccuMark Family V10 and later software installed will broadcast to find a network
server if they do not have a key attached onto it. You no longer have to set environment variables to
point to the license server as you did for previous versions.
This means that the protected application first searches the local machine for a required Sentinel
protection key (default), and then the network.
Concurrent instances from users can be counted or allocated by:

Station: Each login request for a single machine is counted as an instance (default)
Login: Each login request is counted as an instance
Process: Each login request for a single process is counted as an instance

In the network key contents details, you will see the number of concurrent instances for one or more
Features. This value specifies the number of instances of simultaneous usage that the license allows on
the customers network. Concurrent instances may relate to the network, processes, or machines.

Loss of Connection with a Network License

A network-type protection key (HL or SL) that contains Features with concurrency typically does not
reside on the same computer as the protected application. Under certain circumstances, the
communication between the protected application and the protection key may be lost.
For example, the protected application may fail or the computer that hosts the protected application
may crash. As a result, the protection key has an open session for a non-existent instance of the
protected application, reducing the number of available network seats for the application in the license.

Page 2 of 18

Sentinel License Manager contains an automatic function that identifies instances where a network
protection key and the relevant protected application (on separate computers) have become
disconnected. License Manager handles this situation as follows:

If both computers contain active instances of License Manager, but the protected application
fails, License Manager on the computer that hosts the network protection key immediately
closes the session and frees the network seat for re-use.
If only the computer that hosts the network protection key contains an active instance of
License Manager, the session times out after three minutes. At that point, License Manager
frees the network seat for re-use.

This functionality is completely automatic and requires no setup or configuration activities by the ISV or
the end user.

Admin Control Center

Information extracted from Software Protection and Licensing Guide.pdf
The Admin Control Center provides a way to look at the security keys, their content, generating a C2V
file which contains the current state of the key, applying a V2C (license) file update, and in the case of
network licensing allocations of features and sessions to users.
When you launch Sentinel Admin Control Center, the Web interface displays a number of Administration
Options on the left of the page. The Sentinel Admin Control Center help system provides information
about the fields for each option. Note that the options relate to Sentinel License Manager on the
machine whose name or IP address appears in the title bar of Admin Control Center. The following
options are available:

Sentinel Keys enables you to identify which Sentinel protection keys are currently present on
the network, including locally connected keys.
Products enables you to view a list of all the Base Products available on all Sentinel License
Managers (local and network). In addition, when a Product contains Features with detachable
licenses you can see the number of licenses for the Product that are currently available to be
detached from the network and the maximum duration for which they may be detached. This
option also enables you to access the Detach/Extend functions.
Note : The Product name for Products that are licensed with Sentinel HL keys are not necessarily
displayed in Admin Control Center.

Features enable you to view a list of the Features that are licensed in each of the Sentinel
protection keys that are currently present on the network, including locally connected keys. In
addition, you can see the conditions of the license, and the current activity related to each
Feature.

Page 3 of 18

Sessions lists all the sessions of clients on the local machine, and those remotely logged in to
Sentinel License Manager on the local machine. You can view session data and terminate
sessions.
Update/Attach enables you to update existing licenses on a Sentinel protection key in the field
and, in the case of Sentinel SL keys, to attach a detachable license to a recipient machine. It also
enables you to apply identification details of an offline recipient machine to a host machine in
order to create a file for a detachable license.
Access Log enables you to view a history of log entries for the server on which Sentinel License
Manager is running.
Configuration enables you to specify certain operating settings for Sentinel Admin Control
Center running on the connected machine. You can set parameters relating to user access,
access to remote Sentinel License Managers, and access from remote clients. In addition, you
can customize log template files in terms of the data they return.
Diagnostics enables you to view operating information for the Sentinel License Manager to
which you are currently logged in, to assist in diagnosing problems. You can generate reports in
HTML format. This option also enables you to view miscellaneous data relating to the use of the
server on which Sentinel License Manager is running.
Help displays the Sentinel Admin Control Center help system. Context-sensitive help is available
within each of the functions described above, by clicking the Help link at the bottom of the page.
About provides information about the version of Sentinel License Manager, and a link to the
SafeNet, Inc. Web site.
Country Flags enables you to change the language of the user interface by clicking on the flag of
the country appropriate to the language you require. Languages other than English can be
downloaded from the Sentinel Web site.

Page 4 of 18

Admin Control Center: Looking at a Network Key and its Contents

Open a browser like Internet Explorer and type http://localhost:1947 into the address bar. Be sure the
V10 network key is attached to the system and click on the Sentinel Keys link on the left:

This example has several different kinds of keys. Not all these types of keys will be visible to others,
mainly just the standalone and networked keys.

The blue Master keys allow specific people to generate files for the security keys. No one will have these
keys except for those who are allowed to make such files, like CAD engineering or IT/SAP.

Page 5 of 18

The soft license or certificate is a different kind of security also may be known as keyless, and is
currently under investigation at this time. The red key is the Network key and the green key is the
Standalone key.
The see the contents of the network key, click on the Net Features link-box on the right:

Here is a sample of this network keys content:

Page 6 of 18

You may see just numbers listed in the Features column or you may see actual feature names. Your
initial preconfigured key will only show the features as numbers.
If any anytime you need an update to your license, then you will receive an updated license file to apply
and this will enable the ability to see the feature names. Your key will work with either numbers or
feature names.
You will see an expiration date in the Restrictions column. All keys will have expiration dates regardless
if they are permanent licenses. If you are entitled to permanent licenses you will receive updates for
your key prior to your expiration period.
Clicking on the Sessions link will display the information of the connected users:

Page 7 of 18

Managing Access to Sentinel License Managers

Information extracted from Software Protection and Licensing Guide.pdf
Managing Access to Sentinel License Managers is performed in the Users and Access from Remote
Clients tabs in the Configuration page.

Page 8 of 18

Users
The user restrictions that you define are evaluated in the order in which they are specified, and the
evaluation process stops when the first match is found. You therefore need to take care that the
restrictions are listed in an order that satisfies this logic.

The value allow=all@all is implicitly added to the end of the list. According to the logic just described, if
this value was at the beginning of the list, all subsequent restriction values would be ignored.
Additional information about defining restriction values is provided in the Admin Control Center help
system.

Access from Remote Clients

When you define criteria relating to the remote machines that can access Sentinel License Manager on
the current machine, you need to define access restrictions. The remote client access restrictions that
you define are evaluated in the order in which they are specified, and the evaluation process stops when
the first match is found. You therefore need to take care that the restrictions are listed in an order that
satisfies this logic.

Page 9 of 18

The value allow=all is implicitly added to the end of the list. According to the logic just described, if this
value was at the beginning of the list, all subsequent restriction values would be ignored.
Additional information about defining remote client access restriction values is provided in the Admin
Control Center help system.
Accessing Sentinel License Manager Located on a Different Subnet
When a Windows application that is protected with Sentinel LDK v.6.0 or later is located on a different
subnet than Sentinel License Manager and the Sentinel protection key, you must create a separate
configuration file to enable the application to find the License Manager.
Create a file called hasp_vendorID.ini, where vendorID is the Vendor ID associated with your Batch
Code (for the DEMOMA Batch Code, use hasp_demo.ini). Place the file on the same machine as the
protected application, in the following directory:
For Windows Windows 7: %LocalAppData%/SafeNet Sentinel/Sentinel LDK/
For example, for Vendor ID 37517 and a user named test1, create the following file:
C:\Users\test1\AppData\Local\SafeNet Sentinel\Sentinel LDK\hasp_37517.ini

Page 10 of 18

A separate .ini file must be created on the machine for each user of the protected application.
The hasp_vendorID.ini file should contain the following line:
SERVERADDR = remoteServerAddress where remoteServerAddress is the IP address or computer
name of the remote machine that contains Sentinel License Manager and the protection key.

Searching for Sentinel License Managers

The Access to Remote License Manager tab in the Configuration page is used determine which locations
to include when the local Sentinel License Manager searches for remote Sentinel License Managers.

When you define criteria relating to the machines that may be searched for Sentinel License
Manager, you can choose to:
Enable a broadcast that searches all machines on the local network
Search the default local group in an IPv6 subnet
Restrict the search to specific machines. In this case, it is necessary to specify each machine that
may be searchedby specifying either its name or its IP address.
Additional information about defining remote license manager access restriction values is provided in
the Admin Control Center help system.

Page 11 of 18

Requesting an Update for your Key

If you purchased an additional AccuMark V10 product, or need to have an update for your current key,
you may be instructed to use either the Gerber License Utility or the Admin Control Center.
NOTE: instructions demonstrate for standalone key, procedure is the same for the network key
The request will be to generate a C2V key to obtain the current state of the key. Your key may not be
able to be updated without a file that contains the current state of the key.
To generate a request using the Admin Control Center open a browser like Internet Explorer and type
http://localhost:1947 into the address bar. Be sure the V10 security key is attached to the system and
click on the Sentinel Keys link on the left:

Now click on the C2V link-box on the right:

Page 12 of 18

Click on the Download C2V File link-box:

Select the Save button to save the file:

Page 13 of 18

You will see an acknowledgement that the file has been saved along with other options:

Note the name and location of your Downloads folder to locate the file to send to the requestor. Send
this file to the person who requested the file from your key.
It can be sent through email or the way as instructed by the requestor.
Once the requestor receives the C2V file, they will generate a new file for you to apply.

Page 14 of 18

Applying an Updated license onto your Key

Once you receive an updated file for your key, now you will need to apply it. You start the same way as
for the request by opening the Admin Control Center Open a browser like Internet Explorer and type
http://localhost:1947 into the address bar. Be sure the V10 security key is attached to the system and
click on the Sentinel Keys link on the left:

This time click on the Update/Attach link on the left:

Page 15 of 18

Use the Browse button to locate your updated file:

Select the V2C file to use then select the Open button:

Page 16 of 18

Select the Apply File button:

You should receive a confirmation message indicating the file was applied successfully:

Page 17 of 18

If you receive an error, capture a copy of the error message and send it to the requestor.
To see the updated file, simply click on the link for the key ID:

Now you will see the updated contents and the feature names:

Page 18 of 18