Why does the ZenWorks agent uses a Gina replacement and the CASA stuff ?

There are a lot of (desktop management) products who can "read" the current
logged in credentials, if they are correct and even if the password has been
changed (even disconnected, in cache).

Like SecureLogin (also a Novell branded product)

The current gina replacement makes strong authentication (smart cards,
biometrics etc.) impossible.

Can anyone make sense why they choose this design in a "completely
rewritten" application ?