OpenText Secure MFT Security Overview
|
|
- Stephen Stafford
- 7 years ago
- Views:
Transcription
1 OpenText Secure MFT Security Overview Many file transfer protocols, including FTP and HTTP, send user credentials and files in clear text format without any encryption. This means anyone can intercept the connection without the sender or receiver s knowledge. Because of this, companies are seeking to replace their unsecured file transfer applications to improve security. This whitepaper will outline how OpenText Secure MFT ensures all factors that are directly and indirectly related to file transfer activities are strongly secured, helping organizations eliminate risk with a user-friendly file transfer solution.
2 Table of Contents Introduction...3 Secure Authentication...3 Encrypt Data in Transit...4 Protect Data at Rest...5 Control Access by User Roles...7 Miscellaneous Security Measures...7 Account Provisioning...7 File Type Restrictions...7 Summary...8
3 Introduction It is well known that many file transfer protocols, including FTP and HTTP, send user credentials and files in clear text format without any encryption. Anyone can snoop the network traffic and intercept the connection without the sender or receiver s knowledge. This lack of security is one of the most common reasons that companies look for alternatives to replace their unsecured file transfer applications. OpenText Secure MFT provides best in class security to protect all aspects of a file transfer workflow, from user authentication, to file transfer, and down to the way files are securely stored. This whitepaper will outline how Secure MFT achieves these tasks in detail. For more information on Secure MFT, please visit: Secure Authentication OpenText Secure MFT uses OpenText Directory Services (OTDS), which comes bundled with the solution, to handle all matters related to authentication. OTDS acts as a common authentication layer for the backend identity servers, including Microsoft Active Directory, or LDAPv3 directory servers. It allows users to access Secure MFT via Single Sign On (SSO) by leveraging their existing corporate identities. OTDS also supports any number of additional user partitions, allowing administrators to define and manage the identity of external users, such as trading partners, contractors, or external business users, independent of the internal enterprise directory services. Multiple user partitions provide administrators an efficient way to manage a mixed group of user identities. OTDS also allows administrators to enforce password policies, such as password length, complexity, and retries. Administrators can use SSL to secure the connections from OTDS to the identity provider, as well as the connections to the end user. The username and password that a user supplies is transmitted in encrypted form throughout the process, and in the case of SSO against AD or LDAP servers, no passwords are transmitted at all. Authenticated users are issued a security token, which can be used to access other Secure MFT services. ENTERPRISE INFORMATION MANAGEMENT 3
4 7. USER TOKEN VERIFIED WITH OTDS FIGURE 1 OTDS MFT WEB SERVICE TRANSFER SERVER Secure MFT authentication and transfer workflow 3. REDIRECT TO OTDS RECEIVE LOGIN PAGE OR SSO NEGOTIATION 1. FIRST CONNECTION ATTEMPT 2. USER NOT AUTHENTICATED REDIRECT TO OTDS 4. USER IS AUTHENTICATED AND CONNECTS 5. TRANSFER AND OTHER SETTINGS RETURNED 6. CONNECTION INITIATED WITH TRANSFER SERVER 8. USER AUTHENTICATED TRANSFER BEGINS Encrypt Data in Transit As a solution that promises strong security, Secure MFT always encrypts data using a FIPS validated cryptographic module when transmitting over the network. The default transfer protocol employed by Secure MFT is the patented OpenText Fuel protocol. It is the next generation file transfer protocol designed by OpenText, and aims to offer a wide gamut of benefits that are missing from many traditional transfer protocols, such as: Acceleration of file transfers over high latency network by up to 80x faster than traditional transfer protocols Pause-and-resume capability to eliminate the need to restart file transfers from the beginning if the transfer is interrupted Data integrity check to verify checksum and guarantees bit-perfect transfer between parties and ensures that sent files arrived at their destination unaltered and uncompromised Ensure data are always encrypted before they are transmitted over the network OpenText Fuel protocol overcomes performance issues related to network latency that often plague TCP-based protocols by using a combination of User Datagram Protocol (UDP) and TCP. By default, the OpenText Fuel protocol operates on port 3000 (UDP) and 3000 (TCP). Secure MFT first generates SFTP / SSH packets, and then encapsulates these in OpenText Fuel packets before sending the payload over the wire. If one were to analyze the network traffic generated by Secure MFT, one will see the protocol wrapping as illustrated in Figure 2. Secure MFT uses Secure FTP (SFTP) and Secure Shell (SSH) protocols to prepare files for transmission and encryption. As a protocol, SSH is a well-known and respected secure transmission encryption mechanism, which provides very rich and varied options for end-point authentication, user authentication, encryption, and the ability to tamper-proof the data stream. With SSH, Secure MFT server and the client on the end-points will negotiate a unique key to encrypt the transmission, and that encryption key changes for every transfer. ENTERPRISE INFORMATION MANAGEMENT 4
5 FIGURE 2 OPENTEXT FUEL OpenText Fuel protocol diagram SFTP / SSH The cryptographic module is FIPS validated and Secure MFT uses AES-128 as the encryption algorithm. Finally, before Secure MFT put data on the wire, it encapsulates SFTP / SSH packets in the OpenText Fuel protocol to provide the aforementioned productivity and performance enhancement. In summary, once a user s identity is established and the user initiates a file transfer session, file assets are passed through the SFTP/SSH layer to be formatted for transmission and establish a secure connection using a unique SSH session key, then optimized by the OpenText Fuel protocol layer for acceleration. On the wire, Secure MFT file transfer activities will be limited to only the UDP and TCP ports configured for OpenText Fuel protocol. OpenText Fuel protocol also ensures bit-perfect transfers by generating hash values of the file assets on both end-points, and compares the hash at the end of the transfer. The hash is based on the standard SHA-2 algorithm, which can be further validated with any open source tools. However, Secure MFT deploys a unique hashing process to ensure that pausing and resuming file transfers will not affect the checksum validation. Protect Data at Rest Secure MFT can be configured to encrypt all files as it stores them in the connected file storage system in order to provide an extra layer of security. Secure MFT uses a unique key, which it generates on a per-file basis to encrypt each file. The benefits of this approach are: No two files are encrypted by the same key No master key to unlock all files Data-at-rest encryption/decryption key for each file is made up of a number of pieces of information, some of which is dynamic so that there is no way for a malicious attacker to access a key on the system that will decrypt a file ENTERPRISE INFORMATION MANAGEMENT 5
6 Only senders and receivers of a transaction will have the permission to retrieve encrypted data from the storage through Secure MFT Only the metadata of a transaction are recorded in the audit logs, and only users with the Auditor role will be able to access the logs: Sender s name Recipient list Transaction start time and end time File names and the corresponding file size Expiration date/time Subject provided for the transaction Finally, Secure MFT renames the physical files using GUID when stored in the repository, further obfuscates the identity of those files from prying eyes. In the case of asset life cycle management, Secure MFT allows administrators to set the retention policy globally or let senders set the retention on a per-transaction basis. The access to files associated with a transaction is therefore time limited. Once the retention period is reached, links to those expired files cease to function. Administrators can configure Secure MFT to periodically remove files that are no longer associated with any active transactions from the file repository, and so sensitive assets will not remain on the server for any longer than necessary. Figure 3 The optional setting to encrypt the file repository, accessible from the Secure MFT Setup Console. FIGURE 3 The optional setting to encrypt the file repository, accessible from the Secure MFT Setup Console ENTERPRISE INFORMATION MANAGEMENT 6
7 Control Access by User Roles Secure MFT offers granular user roles, each with defined access rights. By assigning appropriate roles to users, Secure MFT administrators can effectively control the access to the solution. Available user roles include: Administrator Administrators can access the web administration console to create users, monitor ongoing transactions in real time, and modify Secure MFT server settings. But they do not have access to the Audit logs Auditor Auditors can log in to the web administration console solely to access the audit logs Sender Users with the sender role will be able to send files using Secure MFT Receivers Receivers can receive files Dashboard Access Dashboard Access gives users permission to access the user web dashboard Inviter Only users with the inviter role can invite additional users to join to the Secure MFT service Restricted Sender Administrators can restrict a user to only send files to a defined list of addresses or domains by assigning that user with the Restricted Sender role. Miscellaneous Security Measures Secure MFT employs additional security measures to produce an all-around secure file transfer platform. Account provisioning Secure MFT leverages a multi-point provisioning process during user registration. It requires newly registered users to reconfirm their address, and offers administrators the ability to moderate the registration by manually validating the registration requests to ensure the identity of the user and control the access to the solution. Both steps can be bypassed to streamline the registration process at the administrator s discretion. File type restrictions To further allow organizations to control the flow of corporate information, Secure MFT provides file type restrictions so companies can restrict users from sending files of certain types based on file extensions. For example, administrators can configure Secure MFT to reject files with extensions.exe.com, or.bat, which some consider inherently unsafe, or application-specific extensions to protect corporate intellectual properties. ENTERPRISE INFORMATION MANAGEMENT 7
8 Summary Data breaches are in the news constantly. These breaches have affected some of the largest and most recognized organizations in the world organizations with advanced security and intrusion detection. One source of information leak is in the file transfer, as many of those transfers are still taking place over unsecured network protocols initiated by unmanaged file transfer applications. Backed by more than 20 years of experience in providing enterprise-grade security solutions, OpenText Secure MFT delivers uncompromising security to organizations of any size to safely exchange files globally. The state-of-the-art design of Secure MFT ensures all factors that are directly and indirectly related to file transfer activities, including user authentication, data-in-transit and data-at-rest encryption, asset life cycle management, and user access rights, are strongly secured. By doing so, it helps organizations eliminate risk associated with rich digital content exchanges with a user-friendly file transfer solution, while increasing user productivity, confidentiality and security of file exchange with a single, centrally-managed solution. For more information about Secure MFT, please visit: NORTH AMERICA EUROPE, AFRICA +31 (0) MIDDLE EAST JAPAN SINGAPORE HONG KONG AUSTRALIA Copyright 2015 Open Text Corporation OpenText is a trademark or registered trademark of Open Text SA and/or Open Text ULC. The list of trademarks is not exhaustive of other trademarks, registered trademarks, product names, company names, brands and service names mentioned herein are property of Open Text SA or other respective owners. All rights reserved. For more information, visit: (11/2015)04013EN.rev1
OpenText Secure MFT Network and Firewall Requirements
NETWORK OpenText Secure MFT Network and Firewall Requirements Secure MFT is a client-server solution that provides accelerated transfer of large files over any network connection. The solution architecture
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationWHITE PAPER. Managed File Transfer: When Data Loss Prevention Is Not Enough Moving Beyond Stopping Leaks and Protecting Email
WHITE PAPER Managed File Transfer: When Data Loss Prevention Is Not Enough Moving Beyond Stopping Leaks and Protecting Email EXECUTIVE SUMMARY Data Loss Prevention (DLP) monitoring products have greatly
More informationSECUR IN MIRTH CONNECT. Best Practices and Vulnerabilities of Mirth Connect. Author: Jeff Campbell Technical Consultant, Galen Healthcare Solutions
SECUR Y IN MIRTH CONNECT Best Practices and Vulnerabilities of Mirth Connect Author: Jeff Campbell Technical Consultant, Galen Healthcare Solutions Date: May 15, 2015 galenhealthcare.com 2015. All rights
More informationBANKING SECURITY and COMPLIANCE
BANKING SECURITY and COMPLIANCE Cashing In On Banking Security and Compliance With awareness of data breaches at an all-time high, banking institutions are working hard to implement policies and solutions
More informationOpenText Managed File Transfer (MFT) is an enterprise
OpenText IX Secure MFT Simplified, accelerated, and managed enterprise file exchange OpenText Managed File Transfer (MFT) is an enterprise solution for managing the exchange of rich digital content inside
More informationHow Managed File Transfer Addresses HIPAA Requirements for ephi
How Managed File Transfer Addresses HIPAA Requirements for ephi 1 A White Paper by Linoma Software INTRODUCTION As the healthcare industry transitions from primarily using paper documents and patient charts
More informationMOVEIT: SECURE, GUARANTEED FILE DELIVERY BY JONATHAN LAMPE, GCIA, GSNA
MOVEIT: SECURE, GUARANTEED FILE DELIVERY BY JONATHAN LAMPE, GCIA, GSNA The MOVEit line of secure managed file transfer software products by Ipswitch File Transfer consists of two flagship products, the
More informationNetop Remote Control Security Server
A d m i n i s t r a t i o n Netop Remote Control Security Server Product Whitepaper ABSTRACT Security is an important factor when choosing a remote support solution for any enterprise. Gone are the days
More informationReadyNAS Remote White Paper. NETGEAR May 2010
ReadyNAS Remote White Paper NETGEAR May 2010 Table of Contents Overview... 3 Architecture... 3 Security... 4 Remote Firewall... 5 Performance... 5 Overview ReadyNAS Remote is a software application that
More informationMANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But it s
More informationSecurity Architecture Whitepaper
Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer
More informationCrashPlan Security SECURITY CONTEXT TECHNOLOGY
TECHNICAL SPECIFICATIONS CrashPlan Security CrashPlan is a continuous, multi-destination solution engineered to back up mission-critical data whenever and wherever it is created. Because mobile laptops
More informationImproved Digital Media Delivery with Telestream HyperLaunch
WHITE PAPER Improved Digital Media Delivery with Telestream THE CHALLENGE Increasingly, Internet Protocol (IP) based networks are being used to deliver digital media. Applications include delivery of news
More informationFive Ways to Improve Electronic Patient Record Handling for HIPAA/HITECH with Managed File Transfer
Five Ways to Improve Electronic Patient Record Handling for HIPAA/HITECH with Managed File Transfer 1 A White Paper by Linoma Software INTRODUCTION The healthcare industry is under increasing pressure
More informationHow To Login To The Mft Internet Server (Mft) On A Pc Or Macbook Or Macintosh (Macintosh) With A Password Protected (Macbook) Or Ipad (Macro) (For Macintosh) (Macros
TIBCO MFT Internet Server User Guide Software Release 7.2.4 October 2014 Important Information SOME TIBCO SOFTWARE EMBEDS OR BUNDLES OTHER TIBCO SOFTWARE. USE OF SUCH EMBEDDED OR BUNDLED TIBCO SOFTWARE
More informationEntrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0
Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust
More informationVPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu
VPN Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining
More informationShipping Services Files (SSF) Secure File Transmission Account Setup
Company This template is provided to document all of the materials and information needed for configuring secure file transmission for Shipping Services Files. Version 1.3 Page 1 of 5 1. Enter Date Submitted:
More informationSECURE YOUR DATA EXCHANGE WITH SAFE-T BOX
SECURE YOUR DATA EXCHANGE SAFE-T BOX WHITE PAPER Safe-T. Smart Security Made Simple. 1 The Costs of Uncontrolled Data Exchange 2 Safe-T Box Secure Data Exchange Platform 2.1 Business Applications and Data
More informationEvolution from FTP to Secure File Transfer
IPSWITCH FILE TRANSFER WHITE PAPER Evolution from FTP to Secure File Transfer www.ipswitchft.com Do you know where your organization s confidential and sensitive files were transferred today? Are you sure
More informationEXPLORER. TFT Filter CONFIGURATION
EXPLORER TFT Filter Configuration Page 1 of 9 EXPLORER TFT Filter CONFIGURATION Thrane & Thrane Author: HenrikMøller Rev. PA4 Page 1 6/15/2006 EXPLORER TFT Filter Configuration Page 2 of 9 1 Table of Content
More informationVPN. VPN For BIPAC 741/743GE
VPN For BIPAC 741/743GE August, 2003 1 The router supports VPN to establish secure, end-to-end private network connections over a public networking infrastructure. There are two types of VPN connections,
More informationHow to Secure a Groove Manager Web Site
How to Secure a Groove Manager Web Site Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the companies, organizations,
More informationWS_FTP Professional 12. Security Guide
WS_FTP Professional 12 Security Guide Contents CHAPTER 1 Secure File Transfer Selecting a Secure Transfer Method... 1 About SSL... 2 About SSH... 2 About OpenPGP... 2 Using FIPS 140-2 Validated Cryptography...
More informationArchitecture and Data Flow Overview. BlackBerry Enterprise Service 10 721-08877-123 Version: 10.2. Quick Reference
Architecture and Data Flow Overview BlackBerry Enterprise Service 10 721-08877-123 Version: Quick Reference Published: 2013-11-28 SWD-20131128130321045 Contents Key components of BlackBerry Enterprise
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationPerceptive Content Security
Perceptive Content Security Best Practices Perceptive Content, Version: 7.1.x Written by: Product Knowledge, R&D Date: June 2015 2015 Perceptive Software. All rights reserved. Perceptive Software is a
More informationImplementing and Managing Security for Network Communications
3 Implementing and Managing Security for Network Communications............................................... Terms you ll need to understand: Internet Protocol Security (IPSec) Authentication Authentication
More informationOverview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP
Overview Securing TCP/IP Chapter 6 TCP/IP Open Systems Interconnection Model Anatomy of a Packet Internet Protocol Security (IPSec) Web Security (HTTP over TLS, Secure-HTTP) Lecturer: Pei-yih Ting 1 2
More informationData Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment
White Paper Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment Cisco Connected Analytics for Network Deployment (CAND) is Cisco hosted, subscription-based
More informationTransition Networks White Paper. Network Security. Why Authentication Matters YOUR NETWORK. OUR CONNECTION.
Transition Networks White Paper Why Authentication Matters YOUR NETWORK. OUR CONNECTION. : Why Authentication Matters For most organizations physical security is a given. Whether it is video surveillance,
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationVPN SECURITY. February 2008. The Government of the Hong Kong Special Administrative Region
VPN SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the
More informationDirectory and File Transfer Services. Chapter 7
Directory and File Transfer Services Chapter 7 Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP over traditional authentication systems Identify major
More informationCA Performance Center
CA Performance Center Single Sign-On User Guide 2.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is
More informationSecuring Information in LiveBackup
. Atempo, Inc. Securing Information in LiveBackup How LiveBackup secures data in transmission and storage Date: December 7, 2007 Author: Amy Gracer, Version: alb.lbsg.311.2 en Copyright 2008 Atempo Inc.
More informationSecurity Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2
BlackBerry Enterprise Service 10 BlackBerry Device Service Solution Version: 10.2 Security Technical Overview Published: 2014-09-10 SWD-20140908123239883 Contents 1 About BlackBerry Device Service solution
More informationMySQL Security: Best Practices
MySQL Security: Best Practices Sastry Vedantam sastry.vedantam@oracle.com Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes
More informationChapter 10. Cloud Security Mechanisms
Chapter 10. Cloud Security Mechanisms 10.1 Encryption 10.2 Hashing 10.3 Digital Signature 10.4 Public Key Infrastructure (PKI) 10.5 Identity and Access Management (IAM) 10.6 Single Sign-On (SSO) 10.7 Cloud-Based
More informationVMWARE VIEW WITH JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES
APPLICATION NOTE VMWARE VIEW WITH JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES Configuring Secure SSL VPN Access in a VMware Virtual Desktop Environment Copyright 2010, Juniper Networks, Inc. 1 Table
More informationAdmin Quick Start Guide
Getting Started TIBCO Slingshot Admin Quick Start Guide v1.8.1 1. September 2, 2011 Configuring Slingshot Important Information SOME TIBCO SOFTWARE EMBEDS OR BUNDLES OTHER TIBCO SOFTWARE. USE OF SUCH EMBEDDED
More informationPowerChute TM Network Shutdown Security Features & Deployment
PowerChute TM Network Shutdown Security Features & Deployment By David Grehan, Sarah Jane Hannon ABSTRACT PowerChute TM Network Shutdown (PowerChute) software works in conjunction with the UPS Network
More informationApplication Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )
Application Note Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder ) This document describes how to configure McAfee Firewall Enterprise to provide
More informationPacket Capture. Document Scope. SonicOS Enhanced Packet Capture
Packet Capture Document Scope This solutions document describes how to configure and use the packet capture feature in SonicOS Enhanced. This document contains the following sections: Feature Overview
More informationhttp://docs.trendmicro.com/en-us/enterprise/safesync-for-enterprise.aspx
Trend Micro Incorporated reserves the right to make changes to this document and to the product described herein without notice. Before installing and using the product, review the readme files, release
More informationHow To Understand And Understand The Security Of A Key Infrastructure
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used
More informationSecurity in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity
Basic Security Requirements and Techniques Confidentiality The property that stored or transmitted information cannot be read or altered by an unauthorized party Integrity The property that any alteration
More informationConfiguring Security Features of Session Recording
Configuring Security Features of Session Recording Summary This article provides information about the security features of Citrix Session Recording and outlines the process of configuring Session Recording
More informationXerox DocuShare Security Features. Security White Paper
Xerox DocuShare Security Features Security White Paper Xerox DocuShare Security Features Businesses are increasingly concerned with protecting the security of their networks. Any application added to a
More informationUBS KeyLink Quick reference WEB Installation Guide
ab UBS KeyLink Quick reference WEB Installation Guide Table of contents 1. Introduction 3 1.1. Why is an Installation needed? 3 1.2. Is UBS KeyLink secure? 3 1.3. Information about Secure Sockets Layer
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server
INTEGRATION GUIDE DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Microsoft Exchange ActiveSync 2007
INTEGRATION GUIDE DIGIPASS Authentication for Microsoft Exchange ActiveSync 2007 Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server
INTEGRATION GUIDE DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document
More informationHow Reflection Software Facilitates PCI DSS Compliance
Reflection How Reflection Software Facilitates PCI DSS Compliance How Reflection Software Facilitates PCI DSS Compliance How Reflection Software Facilitates PCI DSS Compliance In 2004, the major credit
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Cisco ASA 5505
INTEGRATION GUIDE DIGIPASS Authentication for Cisco ASA 5505 Disclaimer DIGIPASS Authentication for Cisco ASA5505 Disclaimer of Warranties and Limitation of Liabilities All information contained in this
More informationAgenda. How to configure
dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services
More informationGuidance Regarding Skype and Other P2P VoIP Solutions
Guidance Regarding Skype and Other P2P VoIP Solutions Ver. 1.1 June 2012 Guidance Regarding Skype and Other P2P VoIP Solutions Scope This paper relates to the use of peer-to-peer (P2P) VoIP protocols,
More informationComputer Networks. Secure Systems
Computer Networks Secure Systems Summary Common Secure Protocols SSH HTTPS (SSL/TSL) IPSec Wireless Security WPA2 PSK vs EAP Firewalls Discussion Secure Shell (SSH) A protocol to allow secure login to
More informationNetwork-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2
Contents Introduction--1 Content and Purpose of This Guide...........................1 User Management.........................................2 Types of user accounts2 Security--3 Security Features.........................................3
More informationMANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But
More informationAPNIC elearning: IPSec Basics. Contact: training@apnic.net. esec03_v1.0
APNIC elearning: IPSec Basics Contact: training@apnic.net esec03_v1.0 Overview Virtual Private Networks What is IPsec? Benefits of IPsec Tunnel and Transport Mode IPsec Architecture Security Associations
More informationOpenText Fax Servers and Microsoft Office 365
OpenText Fax Servers and Microsoft Office 365 Integrating Fax with Office 365 E N T E R P R I S E I N F O R M A T I O N M A N A G E M E N T 1 Abstract Cloud-based information technologies promise a number
More information2007 Microsoft Office System Document Encryption
2007 Microsoft Office System Document Encryption June 2007 Table of Contents Introduction 1 Benefits of Document Encryption 2 Microsoft 2007 Office system Document Encryption Improvements 5 End-User Microsoft
More informationWEBROOT EMAIL ARCHIVING SERVICE. Getting Started Guide North America. The best security in an unsecured world. TM
WEBROOT EMAIL ARCHIVING SERVICE Getting Started Guide North America Webroot Software, Inc. World Headquarters 2560 55th Street Boulder CO 80301 USA www.webroot.com 800.870.8102 Table of Contents Create
More informationGetting Started Guide
Snap-Link Mobile allows you to monitor and control lights, security, audio, temperatures and webcams on handheld mobile devices, such as Smartphones, PDAs or other devices running Windows Mobile operating
More informationWhite Paper. Software version: 5.0 www.wmsoftware.com
Safe AutoLogon Password Server Using Safe AutoLogon Password Server to manage Safe AutoLogon clients for seamless and centrally managed automatic logons White Paper Software version: 5.0 www.wmsoftware.com
More informationWICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise
WICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise WICKSoft Corporation http://www.wicksoft.com Copyright WICKSoft 2007. WICKSoft Mobile Documents
More informationOpenText Managed File Transfer
OpenText Managed File Transfer Technical Overview October 2011 Abstract The Email integrated Manage File Transfer Solution from OpenText is a comprehensive file exchange medium that provides an extensive
More informationDIGIPASS Authentication for Citrix Access Gateway VPN Connections
DIGIPASS Authentication for Citrix Access Gateway VPN Connections With VASCO Digipass Pack for Citrix 2006 VASCO Data Security. All rights reserved. Page 1 of 31 Integration Guideline Disclaimer Disclaimer
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
More informationBlackShield ID Agent for Terminal Services Web and Remote Desktop Web
Agent for Terminal Services Web and Remote Desktop Web 2010 CRYPTOCard Corp. All rights reserved. http:// www.cryptocard.com Copyright Copyright 2010, CRYPTOCard All Rights Reserved. No part of this publication
More informationProtocol Security Where?
IPsec: AH and ESP 1 Protocol Security Where? Application layer: (+) easy access to user credentials, extend without waiting for OS vendor, understand data; (-) design again and again; e.g., PGP, ssh, Kerberos
More informationMANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both.
More informationHow To Use Netscaler As An Afs Proxy
Deployment Guide Guide to Deploying NetScaler as an Active Directory Federation Services Proxy Enabling seamless authentication for Office 365 use cases Table of Contents Introduction 3 ADFS proxy deployment
More informationConfiguration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Outlook Web Access 1.06
SafeNet Authentication Service Configuration Guide 1.06 Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationEVault Endpoint Protection 7.0 Single Sign-On Configuration
Revision: This manual has been provided for Version 7.0 (July 2014). Software Version: 7.0 2014 EVault Inc. EVault, A Seagate Company, makes no representations or warranties with respect to the contents
More informationMicrosoft Office Live 2007 R2. Guide. Published: August 2008
Microsoft Office Live 2007 R2 Meeting Service Security Guide Published: August 2008 Information in this document, including URL and other Internet Web site references, is subject to change without notice.
More informationSecure Data Transfer
Secure Data Transfer INSTRUCTIONS 3 Options to SECURELY TRANSMIT DATA 1. FTP 2. WinZip 3. Password Protection Version 2.0 Page 1 Table of Contents Acronyms & Abbreviations...1 Option 1: File Transfer Protocol
More informationWhite Paper BMC Remedy Action Request System Security
White Paper BMC Remedy Action Request System Security June 2008 www.bmc.com Contacting BMC Software You can access the BMC Software website at http://www.bmc.com. From this website, you can obtain information
More informationSecure IIS Web Server with SSL
Secure IIS Web Server with SSL EventTracker v7.x Publication Date: Sep 30, 2014 EventTracker 8815 Centre Park Drive Columbia MD 21045 www.eventtracker.com Abstract The purpose of this document is to help
More informationWeb Application Security Assessment and Vulnerability Mitigation Tests
White paper BMC Remedy Action Request System 7.6.04 Web Application Security Assessment and Vulnerability Mitigation Tests January 2011 www.bmc.com Contacting BMC Software You can access the BMC Software
More informationSophos UTM. Remote Access via PPTP. Configuring UTM and Client
Sophos UTM Remote Access via PPTP Configuring UTM and Client Product version: 9.000 Document date: Friday, January 11, 2013 The specifications and information in this document are subject to change without
More informationIs your data safe out there? -A white Paper on Online Security
Is your data safe out there? -A white Paper on Online Security Introduction: People should be concerned of sending critical data over the internet, because the internet is a whole new world that connects
More informationQliqDIRECT Active Directory Guide
QliqDIRECT Active Directory Guide QliqDIRECT is a Windows Service with Active Directory Interface. QliqDIRECT resides in your network/server and communicates with Qliq cloud servers securely. QliqDIRECT
More informationSecuring the Exchange of Information Inside and Outside the Organisation. Joe Combs EMEA Solution Consultant, edocs
Securing the Exchange of Information Inside and Outside the Organisation Joe Combs EMEA Solution Consultant, edocs OpenText Confidential. 2015 All Rights Reserved. 3 OpenText Confidential. 2015 All Rights
More informationfåíéêåéí=péêîéê=^çãáåáëíê~íçêûë=dìáçé
fåíéêåéí=péêîéê=^çãáåáëíê~íçêûë=dìáçé Internet Server FileXpress Internet Server Administrator s Guide Version 7.2.1 Version 7.2.2 Created on 29 May, 2014 2014 Attachmate Corporation and its licensors.
More informationActive Directory Self-Service FAQ
Active Directory Self-Service FAQ General Information: info@cionsystems.com Online Support: support@cionsystems.com CionSystems Inc. Mailing Address: 16625 Redmond Way, Ste M106 Redmond, WA. 98052 http://www.cionsystems.com
More informationSecurity Technology: Firewalls and VPNs
Security Technology: Firewalls and VPNs 1 Learning Objectives Understand firewall technology and the various approaches to firewall implementation Identify the various approaches to remote and dial-up
More informationInterwise Connect. Working with Reverse Proxy Version 7.x
Working with Reverse Proxy Version 7.x Table of Contents BACKGROUND...3 Single Sign On (SSO)... 3 Interwise Connect... 3 INTERWISE CONNECT WORKING WITH REVERSE PROXY...4 Architecture... 4 Interwise Web
More informationOpenText Managed File Transfer
OpenText Managed File Transfer Technical Overview Abstract The Email-integrated Manage File Transfer solution from OpenText provides an extensive and well-balanced solution to file-transfer problems. Unbound
More informationWS_FTP Professional 12. Security Guide
WS_FTP Professional 12 Security Guide Contents CHAPTER 1 Secure File Transfer Selecting a Secure Transfer Method... 1 About SSL... 1 About SSH... 2 About OpenPGP... 2 Using FIPS 140-2 Validated Cryptography...
More informationDecryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks
Decryption Palo Alto Networks PAN-OS Administrator s Guide Version 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us
More informationFolder Proxy + OWA + ECP/EAC Guide. Version 2.0 April 2016
Version 2.0 April 2016 Folder Proxy + OWA + ECP/EAC Guide Copyright 2016 iwebgate. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system,
More informationConfiguration Guide. SafeNet Authentication Service AD FS Agent
SafeNet Authentication Service AD FS Agent Configuration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document
More informationSSL VPN Technical Primer
4500 Great America Parkway Santa Clara, CA 95054 USA 1-888-NETGEAR (638-4327) E-mail: info@netgear.com www.netgear.com SSL VPN Technical Primer Q U I C K G U I D E Today, small- and mid-sized businesses
More informationThe biggest challenges of Life Sciences companies today. Comply or Perish: Maintaining 21 CFR Part 11 Compliance
S E P T E M B E R 2 0 1 3 Comply or Perish: The biggest challenges of Life Sciences companies today are maintaining a robust product pipeline and reducing time to market while complying with an increasing
More informationCTS2134 Introduction to Networking. Module 8.4 8.7 Network Security
CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by
More informationSECURE MESSAGING PLATFORM
SECURE MESSAGING PLATFORM WEB ADMIN CONSOLE ADMIN USER GUIDE Introduction... 2 Customer Management... 3 Dashboard... 3 User Account... 5 General & Feature Settings... 7 Secure Message Disclaimers... 9
More information