1 etoken TMS (Token Management System) Frequently Asked Questions Make your strong authentication solution a reality with etoken TMS (Token Management System). etoken TMS provides you with full solution life-cycle management, linking your security devices with all your users, organizational rules, and associated security applications in a single automated and fully configurable system.
2 Table of Contents 1. Why do I need a token management system? What is etoken TMS? What makes etoken TMS different? What authenticator life-cycle stages does etoken TMS support? Can users enroll their authenticators themselves? Which authenticators does etoken TMS support? What is the difference between MobilePASS and SoftOTP? How does etoken TMS help if a user forgets their password? How do software authenticators enable easy deployment? How does etoken TMS help if a user loses or damages their authenticator? How does etoken TMS help when a user leaves the organization? How does etoken TMS help me in my regulatory compliance efforts? What security applications does etoken TMS support? What if I use a security application that etoken TMS does not currently support? Is it possible to assign different etoken TMS management roles and access rights to different individuals? I m a managed services provider. How can etoken TMS help me offer etoken authentication as a service to my customers? Which user repositories currently integrate with etoken TMS? How does etoken TMS integrate with Active Directory? Can I use etoken with Active Directory, without installing etoken TMS on my Active Directory production domain? What if I have more than one domain in my organization? What resources are needed in order to install TMS?... 14
3 1. Why do I need a token management system? Make your authentication solution operational and effective In order to enjoy the numerous benefits of strong authentication such as secure network connectivity, laptop and data protection, password management, and many more, it is necessary that your solution will not only be secure, but also manageable. Managing a strong authentication solution without a token (authenticator) management system can be highly complex and timeconsuming, leading to high implementation costs and high probability of errors. A management system allows you to deploy and manage your solution with automatic easy-to-use tools, not only reducing costs, but also helping you to make the most out of your solution. An authenticator management system integrates and manages the entire authentication solution by providing centralized authenticator and credential management, user self-service tools, and integration with existing user identity management systems, policies, and security applications in the organization. The system accompanies the security solution management of each user throughout the user s full life cycle in the organization. With an open, robust, and flexible management system you can continuously expand your scope of supported security solutions, strengthening and broadening the authenticator solution offering. With a management system in place you can: Control your authenticator inventory and usage Reduce the workload of your IT staff with automated processes and user self-service tools Reduce administrative errors by streamlining processes Enhance user productivity Increase compliance with regulations And in short make your authentication solution operational and effective.
4 2. What is etoken TMS? Your system for life-cycle management of authenticators and supported applications etoken TMS (Token Management System) is a robust system that provides full life-cycle management of the etoken solution within an organization. TMS links authenticators with users, organizational rules, and the associated security applications in a single automated and fully configurable system. With etoken TMS you get: A means for cost-effective and convenient authenticator life-cycle management, including hardware and software authenticator deployment, assignment and revocation User and administrator web-based tools, enabling user self-service authenticator enrollment and password reset, automatic backup and restore of user credentials, handling of lost and damaged authenticators including a solution for user on the road lost my authenticator situations, and much more Integration with Microsoft Active Directory, OpenLDAP, Microsoft SQL, and Novell edirectory An open, standards-based architecture, enabling integration with a wide variety of security applications including disk encryption applications, certification authorities, and more Built-in support for several security applications including Microsoft CA, Check Point VPN, Entrust, Windows Logon, and Single Sign-On (SSO) Comprehensive auditing and reporting capabilities for tracking of the authenticator inventory and usage In short etoken TMS is your key to a successful and operational strong authentication solution.
5 3. What makes etoken TMS different? TMS is a versatile authentication server SafeNet etoken TMS offers distinct advantages such as: Full life-cycle management of the entire solution in a single system support for all authentication devices in all form factors and all related security application in a single, flexible, and modular system, including etoken hardware authenticators, etoken Virtual and MobilePASS software authenticators. o Notification Facility that allows completely programmable/scriptable notification mechanism via , SMS or other home grown mechanism for authenticator lifecycle events Open User Repository Architecture The user repository of TMS is architected to be external to the system and separate from the system s authenticator database. This enables a synchronization-free integration with Active Directory, Microsoft SQL, LDAP and Novell edirectory user repositories. o TMS utilizes the existing organizational environment to manage authenticators so the system is smoothly assimilated in the organization's existing IT infrastructure, administrators can perform authenticator management functions in a manner similar to how group policies are created and managed, ensuring also a short learning curve for administrators, and what s more - because the users and authenticators are managed from the same management system, no additional user repository is required! Open, extensible architecture All SafeNet authentication solutions work out the box using standard interfaces. For non-standard interfaces, SafeNet provides a number of SDKs and web services APIs for integration. By using the TMS connectors server-based, configurable plug-ins, it is easy to manage authenticator usage with third-party security applications. The number of supported applications is unlimited - with the TMS Connector SDK offered by SafeNet all security solution providers can add management-level support to their integration with etoken by creating their own TMS connectors. o TMS is architected for extensibility and already today offers the following extension mechanisms. These are already in use today by business partners and customers to extend the functionally and extend TMS to easily integrate with their existing IT infrastructure. Key integration technologies include: TMS Connectors SDK Provide the ability to add a provisioning target system (such as additional CA, Disk Encryption or other user and key management system provisioning systems). TMS Connectors enable a full integration with the entire authenticator life cycle, from issuance to termination, including key recovery and unlocking, suspension etc. TMS Card Printer SDK (from TMS 5.0 only) Provides the ability to add support for card printing systems for smartcard issuance. TMS OTP SDK Provide a set of APIs and Web Services to allow an external agent/application to perform OTP authentication.
6 4. What authenticator life-cycle stages does etoken TMS support? Full life-cycle management from enrollment to revocation TMS manages all stages of the authenticator life cycle, including: Assignment associating an authenticator with a user Enrollment preparing an authenticator with the needed credentials and settings Update modifying authenticator content, for example when an employee s role changes Password reset or change if the authenticator password is forgotten or needs to be changed Replacement enrolling a new authenticator and revoking the current one Disablement/revocation temporarily disabling or permanently revoking an authenticator that has been lost or damaged, or when a user leaves the organization With TMS, authenticator life-cycle management functions can be performed either by the user, through the self-service site, or by the administrator. 5. Can users enroll their authenticators themselves? Certainly! With TMS user self-service tools The TMS Self-service website allows your users to manage their own authenticators according to the security policies you set. Your users can enroll their authenticators, update their authenticators, and even upgrade their old authenticators with new devices without any help, just through the provided intuitive self-service web tools. 6. Which authenticators does etoken TMS support? TMS supports all etoken authenticators TMS provides full support for all etoken hardware authenticators in all form factors and all related security application in a single, flexible, and modular system. From TMS 5.0 (CA), support is also provided for certificate and OTP-based software authenticators, namely etoken Virtual and MobilePASS. Note: Note: MobilePASS appears under the name SoftOTP in the current etoken TMS 5.0 CA release. The name will be updated to MobilePASS in the upcoming etoken TMS 5.1 GA release.
7 7. What is the difference between MobilePASS and SoftOTP? OTP-based software authentication in etoken TMS MobilePASS appears under the name SoftOTP in the current etoken TMS 5.0 CA release. The name will be updated to MobilePASS in the upcoming etoken TMS 5.1 GA release. MobilePASS is also supported by SafeWord 2008 with the Enterprise Solution Pack. 8. How does etoken TMS help if a user forgets their password? Password reset in the user self-service website To ensure the administration burden is truly reduced to minimum TMS is equipped with secure webbased user self-service tools. For maximum security, TMS divides the user self-service authenticator password reset to two different scenarios: 1. The user forgets their password and is in the office all they have to do is enter an internal selfservice website, authenticate using Windows authentication, and reset the password. 2. The user forgets their password and is out of the office the user can enter an external website, authenticate by answering a set of predefined questions and reset the password. The process is simple and intuitive, involves no help-desk calls, and minimizes password related costs. But this is only one option; for organizations that prefer the help desk approach, TMS provides the answer. Administrators can easily reset user authenticator passwords using the TMS web-based administration tool. 9. How do software authenticators enable easy deployment? Software authenticators can be deployed with ease For global organizations with centralized IT functions, etoken TMS offers a solution to smooth deployment and distribution of authenticators. etoken Virtual Temp is a time limited temporary authenticator which can be used for a limited period of time instead of a permanent authenticator For each authenticator, the user can enroll one temporary virtual authenticator.
8 10. How does etoken TMS help if a user loses or damages their authenticator? User or administrator can disable or revoke the authenticator When an authenticator is missing there s always the risk that some malicious doer has found or even stole it and will try to use it to do some harm. Even though our devices include several security features that make sure your personal credentials remain safe (depends on the specific authenticator) such as your etoken password, an automatic etoken lock mechanism, and credential storage on-board a secured smart card TMS allows you to do even more. With TMS selfservice and administration tools you can easily render the lost authenticator useless, and quickly eliminate all the relevant security risks. TMS supports two possible scenarios: 1. The authenticator is believed to be temporarily missing for example, your user got to the office and cannot find their authenticator but believes it may have been forgotten at home. In this case, it is possible to disable the authenticator this means that the authenticator cannot be used, but the certificates are still not revoked. The user can do it herself from the user selfservice website, or the help desk can do it for them from the TMS management website. If at the end of the day the user does find the authenticator at home, the user or the help desk can then enable the authenticator. 2. The authenticator is lost if your user is certain that the authenticator is lost, the authenticator and certificates stored on it should be revoked. Once the authenticator is revoked it cannot be used by anyone, and there is no risk that it will ever pose a significant security threat. An authenticator can be revoked either by the user from the user self-service website, or by the help desk from the TMS management website. One of the challenges when implementing an authentication solution is to enable users to continue working, even if they are on the road and forgot or lost their token. Not doing so might have very serious implications: the user might not be able to access their computer, or company network, and suffer from significant productivity loss which may also lead to loss of income. For example, a user might arrive at a potential customer site only to find out he/she cannot access an important presentation and consequently lose an important deal. etoken Rescue is one of etoken TMS key features, enabling an on-the-spot, immediate solution for users who lose or damage their authenticator on the road. A user who finds him/herself without a working authenticator in hand can easily regain access to the network and critical applications using etoken TMS web-based self-recovery service. In only a few short steps, the user is provided with etoken Rescue a temporary software token that includes all the certificates and keys of their physical token. With etoken TMS s etoken Rescue, there are no idle employees and no productivity loss as a result of a disabled token. etoken Rescue keeps users securely connected to enterprise digital assets, by ensuring access at all times. SafeNet offers etoken Rescue, a software-based solution which allows your users to temporarily continue using their credentials without their physical authenticator while they re out of the office.
9 Once they return, and have reinstated their authenticator or been issued a new one, their etoken Rescue expires. TMS supports a number of methods for securely retrieving and activating etoken Rescue when such exceptions occur. For example, etoken Rescue may be securely stored on the user s local machine when the user is issued an authenticator, and then updated regularly. etoken Rescue is encrypted with a long and complex encryption key using the AES encryption algorithm so that the authenticator content is very strongly protected. To activate etoken Rescue, the user can retrieve the encryption key either from the secured TMS self-service website or from the help desk. Another possibility is to download the encrypted etoken Rescue from the secured website as well as retrieve the key at the time the exception occurs. The end user specifies the validity period when requesting the authenticator. When the validity period expires, the etoken Rescue and profiles are automatically revoked. In addition, enrolling a new token for the user automatically revokes the etoken Rescue. With etoken, each organization can choose the methods that best fit its needs and security policies. 11. How does etoken TMS help when a user leaves the organization? You can automatically and immediately revoke the authenticator Whenever someone leaves the company, or a user is no longer part of a group or organization, it is vital to ensure that neither they nor anyone else can use her credentials and keys. TMS provides you with an easy-to-use wizard that can automatically and immediately un-assign the authenticator from the user and revoke all credentials, ensuring you are secure. 12. How does etoken TMS help me in my regulatory compliance efforts? With enhanced data security, auditing and reporting With regulatory compliance at the forefront of organizations concerns, TMS was designed to facilitate the organization s compliance efforts with full auditing and reporting capabilities. TMS is equipped with a set of built-in reports such as token usage, connected tokens, token inventory and status, and attendance reports. TMS also supports external reporting tools so you can generate any other reports you may need. In addition, TMS auditing tools include fully customizable alerts so you can track any irregular or problematic usage right when it happens. As numerous regulations also require internal data controls and protection of individuals privacy, TMS enables you to manage your solution in a secure fashion. Access to TMS is based on a rolebased authorization method, allowing you to completely control the scope of each administrator s ability to view and modify user data and to perform management functions, starting from a particular domain and down to the level of specific users. Furthermore, all TMS user data in the domains with which TMS is associated can be encrypted with a different key for each domain.
10 13. What security applications does etoken TMS support? Broad application support with modular connectors TMS manages security application using TMS connectors server-based, configurable plug-ins. Built-in connectors available from SafeNet include: TMS Windows Logon (GINA) Connector provides easy deployment of user profiles for the etoken Windows Logon (GINA) application, providing strong user authentication for local network logon TMS OTP Authentication connector enables the enrollment and deployment of tokens for OTP authentication throughout the organization TMS Microsoft CA connector facilitates the deployment of PKI within the organization by enabling users to automatically enroll their tokens with certificates provided by Microsoft Certification Authority services TMS P12 Certificate Import Connector enables users to import P12 and root CA certificate files onto their etoken smart-card-based devices TMS PFX Certificate Import Connector enables users to import PFX and root CA certificate files onto their etoken smart-card-based devices TMS Check Point Internal CA connector creates a direct link between TMS and the Check Point internal CA, enabling enterprise-wide management of Check Point internal CA certificates using TMS etoken Anywhere Connector TMS Flash Management Connector manages etoken NG-FLASH flash memory partitioning and configuration of an auto-run area Entrust Connector Even though the connectors already cover a wide variety of security needs, you are by no means limited only to these connectors. Additional connectors are available according to the organization s needs such as TMS Single Sign-On (SSO) connector provides enterprise-level backup & restore capabilities for user application logon credentials Thanks to the system s open and modular architecture and a robust TMS connector SDK, etoken customers and application developers can create their own connectors. Several etoken solution partners now offer connectors for management-level integration of their solutions.
11 14. What if I use a security application that etoken TMS does not currently support? TMS offers flexible, modular integration In order to integrate third-party security applications with TMS, SafeNet offers the TMS Connector SDK. With this SDK you, or your application provider, can develop your own TMS connector and add management-level support to the security application that you use. TMS open and modular architecture is designed to ensure that you can manage and deploy the solution that exactly fits your security needs. 15. Is it possible to assign different etoken TMS management roles and access rights to different individuals? Definitely! TMS was designed with security in mind TMS is equipped with a role-based access mechanism for security. It allows you to ensure that individuals accessing TMS can modify only the user data stored on the system which is relevant to them, and perform only allowed actions. The following examples illustrate how this important feature can be used in an organizational setting: Managed services providers or large corporations with independent business units allow administrators access only to domains under their control, e.g. belonging to a specific customer account or geographical region Dispersed authenticator management responsibilities an organization may wish to allow certain individuals access to only portions of TMS functionality. For example: o Human resources may be allowed to enroll or upgrade authenticators for users o Upper management may be allowed to view token usage reports o Low-level help desk personnel may be able to perform basic help desk functions, but not to modify the authenticator inventory or which authenticators are assigned to which users
12 16. I m a managed services provider. How can etoken TMS help me offer etoken authentication as a service to my customers? Secure solution management with a single system A number of key features in TMS make the etoken solution a strong choice for managed services providers wishing to offer authentication services. Your customers can rest assured that their data is secure, and you can save valuable time and money. Management of multiple domains from the same server multiple domains can be managed in one system, from a single web-based interface, simplifying administration Role-based authorization permissions can be assigned to administrators for specific domains, OUs, groups, and tasks Data security different encryption keys can be used for different domains (belonging to different customers), meaning you can effectively manage the etoken solution for numerous customers in a single system without compromising your customers data Support for high availability using well-known and commonly-used clustering and redundancy capabilities available with Microsoft Windows Server 2003 and IAS Management tools for the customer the TMS administrator and user self-service websites can be used by the customer for local management Auditing TMS provides tamper-proof auditing and event-based notification by Reporting Reports can be viewed by the service provider as well as by the customer via the TMS management website. Data is stored in a separate database for each domain so you can easily aggregate a specific customer s data and export it to the customer, to be analyzed using TMS report or external reporting tools 17. Which user repositories currently integrate with etoken TMS? Microsoft Active Directory, Microsoft SQL Server, OpenLDAP and Novell edirectory In order to provide you and your administrators with the flexibility to deploy etoken TMS with the user repository you desire, etoken TMS is fully integrated with Microsoft Active Directory, Microsoft SQL Server, OpenLDAP and Novell edirectory.
13 18. How does etoken TMS integrate with Active Directory? By extending the Active Directory schema TMS extends the Active Directory (AD) schema to include TPOs Token Policy Objects, which contain all the relevant information regarding TMS supported security applications and solutions. The schema extension is done according to Microsoft guidelines, and all extensions are registered with Microsoft. The TPOs are handled and managed just like Active Directory s GPOs, which are already well familiar to all administrators. So with minimal changes to AD, TMS gives maximum results. The many benefits of seamless integration with AD include: Familiar and intuitive usage for administrators Direct link with user data no need for database replication Full integration with AD user rules and policies All user data are located and managed in one place 19. Can I use etoken with Active Directory, without installing etoken TMS on my Active Directory production domain? Use ADAM TMS by default can be installed in two different modes: on the production domain, and on Active Directory Application Mode (ADAM). This means you can use TMS without making any modifications to your production domain. 20. What if I have more than one domain in my organization? Manage all your domains from one etoken TMS etoken TMS supports the management of multiple domains allowing you to truly manage your entire solution with a single system. How does it work? Very simple When entering TMS a window opens with a list of all the domains the administrator is authorized to access. All the administrator has to do is pick a domain from the list and start working.
14 21. What resources are needed in order to install TMS? Installation is according to your environment Active Directory users: TMS can be installed on Windows 2003 on the same computer as Active Directory. TMS does not require a dedicated server or a unique user repository. MS SQL Server users: TMS supports MS SQL Server as a user store, with ADAM as the TMS Configuration Store. Prior to installing TMS, certain views should be created in MS SQL Server. OpenLDAP: TMS supports the use of OpenLDAP as a user store, with ADAM as the TMS Configuration Store. An XML file should be provided to match TMS aware entities. Novell edirectory: TMS supports the use of edirectory as a user store, with ADAM as the TMS Configuration Store Copyright & Trademark Notice: 2009, SafeNet. All rights reserved. All text, images, graphics and other materials which are part of this document are subject to copyrights and other intellectual property rights of SafeNet, and nothing contained herein may be reproduced for commercial use or distribution, modified or transmitted in any form or by any means, other than for the specific purpose for which they were provided herein or with the express written consent of SafeNet. Nothing in this document may be construed as granting any proprietary rights of SafeNet whatsoever. All trademarks, service marks, logos and trade names mentioned herein with respect to SafeNet's products and/or services (collectively, the "Marks"), whether registered or not, are proprietary to SafeNet, or other respective owners, who have granted SafeNet the right and license to use such Marks and are subject to trademark rights of SafeNet.
etoken Single Sign-On 3.0 Frequently Asked Questions Table of Contents 1. Why aren t passwords good enough?...2 2. What are the benefits of single sign-on (SSO) solutions?...2 3. Why is it important to
The Encryption Anywhere Data Protection Platform A Technical White Paper 5 December 2005 475 Brannan Street, Suite 400, San Francisco CA 94107-5421 800-440-0419 415-683-2200 Fax 415-683-2349 For more information,
Why alone is not enough CenterTools Software GmbH 2011 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise
TMS 5.1 OTP Planning Guide Version 2 May 2010 All attempts have been made to make the information in this document complete and accurate. SafeNet is not responsible for any direct or indirect damages or
Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009 EXECUTIVE OVERVIEW Enterprises these days generally have Microsoft Windows desktop users accessing diverse enterprise applications
Investment and Governance Division 614.995.9928 tel Ted Strickland, Governor 30 East Broad Street, 39 th Floor 614.644.9152 fax R. Steve Edmonson, Director / State Chief Information Officer Columbus, Ohio
ADDING STRONGER AUTHENTICATION for VPN Access Control Adding Stronger Authentication for VPN Access Control 1 ADDING STRONGER AUTHENTICATION for VPN Access Control A VIRTUAL PRIVATE NETWORK (VPN) allows
White Paper for Software Publishers Strong Authentication: Securing Identities and Enabling Business A l a d d i n. c o m / H A S P Table of Contents Abstract...3 Introduction...4 Passwords Are Not Enough!...4
Understanding and Configuring Password Manager for Maximum Benefits Written by Chris Radband, senior professional services consultant, Dell Software Introduction About Password Manager The pain of password
Why alone is not enough CenterTools Software GmbH 2013 Copyright Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise
SafeNet Authentication Client (Windows) Version 8.1 SP1 Revision A User s Guide Copyright 2011 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete
MBAM Self-Help Portals Authoring a self-help portal workflow for BitLocker Recovery Using Microsoft BitLocker Administration and Monitoring (MBAM) Technical White Paper Published: September 2011 Priyaa
Convenience and security ControlSphere is a computer security and automation solution designed to protect user data and automate most of authentication tasks for the user at work and home environments.
The Dot Net Factory AD Self-Service Suite for Active Directory Version 3.6 The Dot Net Factory, LLC. 2005-2011. All rights reserved. This guide contains proprietary information, which is protected by copyright.
Open Directory Apple s standards-based directory and network authentication services architecture. Features Scalable LDAP directory server OpenLDAP for providing standards-based access to centralized data
Technical Data Sheet DirX Identity V8.4 Secure and flexible Password Management DirX Identity provides a comprehensive password management solution for enterprises and organizations. It delivers self-service
Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
Technical Data Sheet DirX Identity V8.5 Secure and flexible Password Management DirX Identity provides a comprehensive password management solution for enterprises and organizations. It delivers self-service
Chen Arbel Vice President, Strategic Development Authentication Unit & Software DRM Aladdin Knowledge Systems Two-Factor Authentication The key to compliance for secure online banking Legal Notice Copyright
WHITE PAPER CENTRIFY CORP. Active Directory and DirectControl APRIL 2005 The Right Choice for Enterprise Identity Management and Infrastructure Consolidation ABSTRACT Microsoft s Active Directory is now
Enterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH White Paper February 2010 www.alvandsolutions.com Overview Today s increasing security threats and regulatory
Deliver seamless access to applications with an easy-to-deploy solution IBM Single Sign-On Highlights Help simplify the employee experience by eliminating the need to remember and manage user names and
Authentication Solutions Versatile And Innovative Authentication Solutions To Secure And Enable Your Business SafeNet Strong Authentication and Transaction Verification Solutions The Upward Spiral of Cybercrime
IBM Tivoli Access Manager and VeriSign Managed Strong Authentication Services Combine resources for one complete online business security solution. Big e-business opportunities demand security to match
RSA Authentication Manager 8.1 Help Desk Administrator s Guide Revision 1 Contact Information Go to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm
SafeNet Authentication Client Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information Document
RSA Authentication Manager 8.1 Help Desk Administrator s Guide Contact Information Go to the RSA corporate website for regional Customer Support telephone and fax numbers: www.emc.com/domains/rsa/index.htm
HP ProtectTools Embedded Security Guide Document Part Number: 364876-001 May 2004 This guide provides instructions for using the software that allows you to configure settings for the HP ProtectTools Embedded
white paper The Benefits of an Industry Standard Platform for Enterprise Sign-On The need for scalable solutions to the growing concerns about enterprise security and regulatory compliance can be addressed
www.css-security.com 425.216.0720 WHITE PAPER Microsoft Windows (RMS) provides authors and owners the ability to control how they use and distribute their digital content when using rights-enabled applications,
White Paper Transparent, Encrypted Access to Networked Applications TFS Technology www.tfstech.com Table of Contents Overview 3 User Friendliness Saves Time 3 Enhanced Security Saves Worry 3 Software Componenets
NETWRIX IDENTITY MANAGEMENT SUITE FEATURES AND REQUIREMENTS Product Version: 3.3 February 2013. Legal Notice The information in this publication is furnished for information use only, and does not constitute
CA ARCserve Backup for Windows Agent for Microsoft SharePoint Server Guide r15 This documentation and any related computer software help programs (hereinafter referred to as the "Documentation") are for
SOLUTION BRIEF: IDENTITY AND ACCESS MANAGEMENT (IAM) How can Identity and Access Management help me to improve compliance and drive business performance? CA Identity and Access Management automates the
What s New Guide Active Administrator 6.0 2011 ScriptLogic Corporation ALL RIGHTS RESERVED. ScriptLogic, the ScriptLogic logo and Point,Click,Done! are trademarks and registered trademarks of ScriptLogic
Identity and Active Directory Management Softerra Adaxes Enterprise Directory Solution Product Profile make the complex simple Copyright Copyright Softerra, Ltd. Softerra, All rights Ltd. reserved. All
Identity and Access Management for the Cloud What you need to know about managing access to your clouds Organizations need to control who has access to which systems and technology within the enterprise.
Citrix Password Manager Quick Deployment Guide Install and Use Password Manager on Presentation Server in Under Two Hours Citrix Systems, Inc. Notice The information in this publication is subject to change
WINDOWS SERVER SMALL BUSINESS SOLUTIONS Name: Marko Drev SMB Windows Server Family SOLUTION SERVERS TRADITIONAL SERVERS Complete server platform, integrated and optimized Customizable Server platform for
DIGIPASS Authentication for Windows Logon Product Guide 1.1 Disclaimer of Warranties and Limitations of Liabilities The Product is provided on an 'as is' basis, without any other warranties, or conditions,
Achieving PCI Compliance with Red Hat Enterprise Linux June 2009 CONTENTS EXECUTIVE SUMMARY...2 OVERVIEW OF PCI...3 1.1. What is PCI DSS?... 3 1.2. Who is impacted by PCI?... 3 1.3. Requirements for achieving
Implementing HIPAA Compliance with ScriptLogic A ScriptLogic Product Positioning Paper By Nick Cavalancia 1.800.424.9411 www.scriptlogic.com Table of Contents INTRODUCTION... 3 HIPAA BACKGROUND... 3 ADMINISTRATIVE
Security Watch Deploying EFS: Part 1 John Morello By now, everyone has heard reports about personal or sensitive data being lost because of laptop theft or misplacement. Laptops go missing on a regular
Entrust IdentityGuard Versatile Authentication Platform for Enterprise Deployments Sam Linford Senior Technical Consultant Sam.email@example.com Entrust is a World Leader in Identity Management and Security
Abstract The combination of online banking s rising popularity and the increasing number of online services offered by financial organizations indicates a bright future for e-banking. However, to maximize
SELF SERVICE RESET PASSWORD MANAGEMENT ARCHITECTURE GUIDE Copyright 1998-2015 Tools4ever B.V. All rights reserved. No part of the contents of this user guide may be reproduced or transmitted in any form
C E N T R I F Y W H I T E P A P E R. N O V E M B E R 2013 An Overview of Samsung KNOX Active Directory and Group Policy Features Abstract Samsung KNOX is a set of business-focused enhancements to the Android
Entrust Managed Services PKI Using Entrust certificates with VPN Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark or a registered trademark
RSA Digital Certificate Solution Create and strengthen layered security Trust is a vital component of modern computing, whether it is between users, devices or applications in today s organizations, strong
RSA SecurID Two-factor Authentication Today, we live in an era where data is the lifeblood of a company. Now, security risks are more pressing as attackers have broadened their targets beyond financial
The Dot Net Factory AD Self-Service Suite for Active Directory and ADAM Architecture Overview White Paper Version 3.5 TABLE OF CONTENTS INTRODUCTION... 3 BENEFITS OF DIRECTORY SELF-SERVICE AND DELEGATED
Symantec Enterprise Vault for Microsoft Exchange Server Store, manage, and discover critical business information Data Sheet: Archiving Trusted and proven email archiving performance and users can enjoy
Oracle Identity Management for SAP in Heterogeneous IT Environments An Oracle White Paper January 2007 Oracle Identity Management for SAP in Heterogeneous IT Environments Executive Overview... 3 Introduction...
solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service? provides identity and access management capabilities as a hosted cloud service. This allows you to quickly
Reduce costs, simplify access and audit access to applications with single sign-on IBM Single Sign-On Highlights Reduce password-related helpdesk Facilitate compliance with pri- costs by lowering the vacy
Kaseya Kaseya IT Automation Framework An Integrated solution designed for reducing complexity while increasing productivity for IT Professionals and Managed Service Providers. The powerful, web-based automation
Veritas Enterprise Vault for Microsoft Exchange Server Store, manage, and discover critical business information Trusted and proven email archiving Veritas Enterprise Vault, the industry leader in email
Active Directory Compatibility with ExtremeZ-IP A Technical Best Practices Whitepaper About this Document The purpose of this technical paper is to discuss how ExtremeZ-IP supports Microsoft Active Directory.
Single Sign-On Security and comfort can be friend. Arnd Langguth firstname.lastname@example.org September, 2006 Identity proliferation in the enterprise Password management problem How many passwords do you have?
Centralized Self-service Password Reset: From the Web and Windows Desktop Self-service Password Reset Layer v.3.2-007 PistolStar, Inc. dba PortalGuard PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200
Two-Factor Authentication A Total Cost of Ownership Viewpoint CONTENTS + Two-Factor Authentication 3 A Total Cost of Ownership Viewpoint + Introduction 3 + Defining Total Cost of Ownership 3 + VeriSign
SafeNet Authentication Service Integration Guide SAS Using RADIUS Protocol with Microsoft DirectAccess Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet,
The Essentials Series: Enterprise Identity and Access Management Authentication sponsored by by Richard Siddaway Authentication...1 Issues in Authentication...1 Passwords The Weakest Link?...2 Privileged
SAP Solution in Detail SAP NetWeaver SAP Identity Management Business-Driven, Compliant Identity Management Table of Contents 3 Quick Facts 4 Business Challenges: Managing Costs, Process Change, and Compliance
What s New Guide: Version 5.6 A QUEST SOFTWARE COMPANY 1. 8 0 0. 4 2 4. 9 4 1 1 w w w. s c r i p t l o g i c. c o m WHAT S NEW IN ACTIVE ADMINISTRATOR 5.6? Contents...3 Active Administrator Product Overview...3
etoken for Windows Smartcard Logon Lesson 9 April 2004 etoken Certification Course Smartcard Logon Overview Windows 2000/2003 Enterprise Server built-in feature Smartcard logon requires issuing a personal
Chapter 1 Scenario 1: Acme Corporation In This Chapter Description of the Customer Environment page 18 Introduction to Deploying Pointsec PC page 20 Prepare for Deployment page 21 Install Pointsec PC page
Windows BitLocker Drive Encryption Step-by-Step Guide Microsoft Corporation Published: September 2006 Abstract Microsoft Windows BitLocker Drive Encryption is a new hardware-enhanced feature in the Microsoft
Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access CONTENTS What is Authentication? Implementing Multi-Factor Authentication Token and Smart Card Technologies
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3
System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure
Strong Authentication Securing Identities and Enabling Business Contents Contents...2 Abstract...3 Passwords Are Not Enough!...3 It s All About Strong Authentication...4 Strong Authentication Solutions
Passlogix Sign-On Platform The emerging ESSO standard deployed by leading enterprises Extends identity management to the application and authentication device level No modifications to existing infrastructure
NetIQ Identity Manager Setup Guide July 2015 www.netiq.com/documentation Legal Notice THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE
Strong Authentication for Secure VPN Access Solving the Challenge of Simple and Secure Remote Access W H I T E P A P E R EXECUTIVE SUMMARY In today s competitive and efficiency-driven climate, organizations
THE DATA PROTECTIO TIO N COMPANY Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption whitepaper Executive Summary Long an important security measure, encryption has
IBM i Security Digital Certificate Manager 7.1 IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in Notices,
IQS Identity and Access Management Identity Management Authentication Authorization Administration www.-center.com The next generation security solution 2003 RSA Security Conference IAM is a combination