Application Security Made in Switzerland
|
|
- Della Fisher
- 8 years ago
- Views:
Transcription
1 Application Security Made in Switzerland
2 Overview The problem of internet security is almost as old as the internet itself. But there is a reliable solution: Airlock Suite from Ergon. Airlock Suite is underpinned by superb Swiss engineering expertise, many years of experience and well thought-out concepts that master the most complex challenges. Airlock Suite deals with the issues of filtering and authentication in one complete and coordinated solution setting new standards for usability and services. WAF Login IAM Online banking, ecommerce, mobile access: the Airlock Web Application Firewall will reliably protect your internet applications thanks to systematic control and filtering mechanisms backed up by a diverse range of enhancement options. When combined with Airlock WAF, Airlock Login ensures reliable user authentication and authorization. But that s not all: as well as superlative security, Airlock Login delivers high usability and cost-efficiency. Airlock IAM is the suite s central authen tication platform, including enter prise functions. With this pro duct, customers, partners or employ ees log in just once for secure access to data and applications. Airlock IAM also automates user administration. Security at bank level Airlock is now the established Swiss standard for ebanking and that s a fact. Our lengthy experience of wor king in the international financial sector means that you benefit from the best possible online security reliable, efficient and process-optimized. Cutting cost Intelligent software architecture, central authentication functionalities and cutting-edge user self-services: these are the assets that make the Airlock solution so outstandingly attractive in terms of cost a solution that will permanently reduce your IT expenditure. Integrated solutions, one single source Individual components, perfectly coordinated in one complete package that s Airlock. No matter how varied your requirements are, Airlock Suite is your guarantee of well thought-out solutions from one single sourcescalable and flexible. Flexibility The Airlock Suite is just as flexible as your requirements. That s because Airlock can adapt to existing environments, new challenges and individual needs. The result: your investment is excellently protected, and you benefit from customized solutions. User self services Forgotten passwords, lost logins, new user accounts customer support has to deal with a host of routine tasks. That s why we opt for well-designed user self-services. Thanks to this approach, Airlock can cut costs while boosting your customer and employee satisfaction level. Swiss made No doubt about it: the highest qual ity that s what Airlock offers you, because our security applications are developed exclusively in Switzerland: your guarantee of maximum reliability, precision and perfection.
3 Product information WAF The Airlock Web Application Firewall offers a unique combination of protective mechanisms for web applications. Whether your objective is legal compliance, security for your applications or protection for ecommerce: Airlock WAF will upgrade security for your internet applications a permanent solution with a host of well thought-out functionalities. Thanks to Airlock WAF, businesses can exploit the potential of the internet without jeopardizing the security and availability of their web applications and services. Each access is systematically monitored and filtered at every level. Used in conjunction with an authentication solution such as Airlock Login or IAM, Airlock WAF can force upstream user authentication and authorization. This allows a uni - form, central single sign-on infrastructure. All information is also made available via monitoring and reporting functions. Airlock WAF is one of a few web application security solution on the market that provides superlative end-to-end protection for complex web environments. Reverse Proxy and Web Application Firewall Airlock WAF offers a unique protection mechanism by operating as a combined secure reverse proxy server and web application firewall. All access attempts are systematically controlled and filtered. Control via a central access point Airlock WAF is a central point of control for web access, avoiding anonymous interactions with applications that have user authentication. Airlock covers every layer reducing costs and dependencies. Shorter time to market thanks to virtual patching Secure now, fix later that s virtual patching in a nutshell. Airlock WAF s reverse proxy approach makes it very easy for you to virtualize servers and services. Virtual import of patches is also possible. The benefit: security-relevant weaknesses are quickly remedied at a central point over all applications. Improved availability and performance Web applications and web services deal only with authorised users and valid data traffic. High availability is guaranteed through load balancing and failover functions. SIEM integration The Airlock Operations app for Splunk Enterprise makes aggregated management reports available on security issues and application usage. Network administrators can use various dashboards to investigate security-critical events so application and performance problems are rapidly resolved. Simple operation Airlock is a linux-based software appliance with a hardened operating system. It runs on the common hardware platforms, in virtual machines and in the cloud. Airlock offers a fast and easy installation and allows cost efficient operation. Airlock system overview SAML Assertion Flickering Mobile TAN Client Certificate Cross Domain SSO with SAML or OAuth 2.0 Corporate Network Kerberos/ Smart Card Password Management/ Transaction Signing RADIUS Client A B C D Mobile TAN Mobile OTP Database/ Directory PKI Applications Application in other Domain
4 Product information Login Practical, lean and secure: Airlock Login is the ideal complement to Airlock WAF for reliable user authentication and authorization. Airlock Login offers efficient solutions and easy handling at an attractive price. Airlock Login features convincingly high usability and straightforward configuration. Solid basis for more Because it is directly integrated with Airlock WAF, Airlock Login allows fast and convenient implementation of strong upstream user authentications with in-company single sign-on. There may be a need for extensive additional functions such as web service interfaces, step-up authentication workflows, support for cross-domain SSO or user self services. In these cases, an upgrade from Airlock Login to Airlock IAM could not be easier: simply import a new license, and the Airlock IAM functions will be activated. Secure and strong access control Virtually every modern web application requires user identification to allow certain types and levels of access. Airlock Login provides upstream authentication and allows access control for customers and employees to be centralised and run independently of the business logic. Single sign-on (SSO) Airlock Login ensures that even legacy web applications with own user master records can be easily integrated in the standardised web single sign-on infrastructure. Easy configuration also in regard to running time Configurations can be efficiently processed using the graphic editor. Airlock Login has a flexible architecture that permits configuration changes at run-time without any session loss or operational disruption. Airlock Login and Airlock IAM compaired Components Web-based login application Web-based administration interface Integrated database for user profiles Service containers for batch jobs and letter generation Technical interfaces Authentication 1 and 2-factor authentication Password verification against directory (LDAP, MSAD), OTP token server via RADIUS, RSA SecurID, MTAN (SMS), client certificates Role-based access control (RBAC) Complex authentication workflows (e.g. step-up, step-down) Support for a wide range of additional authentication methods Dynamic access control (based on environment attributes) Login application Change and reset password via Portal funktion User self-services Various other functions (representation, GTCs, maintenance reports /notifications, etc.) Single Sign-on (SSO) and identity federation Simple SSO (using cookies, HTTP headers, on-behalf form login, back-side Kerberos, etc.) Cross-domain SSO and identity federation Identity Management Find and show users Manage, aggregate and provision identity and role information Deployment Integration in Airlock WAF Deployment is possible outside of Airlock WAF Client capability
5 Product information IAM Airlock IAM is the suite s central authentication platform, including enterprise functions. With this product, customers, partners or employees log in just once for secure access to data and applications. Airlock IAM also automates user administration and provides user self-services. SSO for heterogeneous application environments In addition to a large number of supported SSO mechanisms (e. g. SAML, OpenID Connect), Airlock IAM also accepts authentication tickets issued by other entities. Cross-domain single sign-on Airlock IAM supports Federated Identity Management (FIdM) and therefore facilitates cross-domain SSO. Acting as a central identity provider (IDP) in this case, Airlock IAM registers, reports and manages user data. User data are automatically synchronised with third-party systems via the standardised interface. This always ensures a consistent status of user data for all parties. Another advantage is maximum usability. The specific services (service providers) come from other domains and use identities transmitted via SAML, OAuth or OpenID Connect. Authentication services Airlock IAM has its own integrated authentication services for matrix cards, mobile TAN via SMS and mobile OTP. All these variants are very cheap since there is no need to purchase any tokens or any special operating hardware. Their administration is fully integrated in the product. In addition other authentication services as well as many different hardware or software tokens are supported. Centralisation of user data Airlock IAM is the central point of control for the administration of authentication data. For other applications or com - ponents in SOA environments Airlock IAM provides a web service interface (SOAP or REST) which offers actions related to authentication: for example, Airlock IAM can enforce complex password policies while password changes are still made remotely in a business application. User self-services In addition to user administration, there are a number of user self-services which cover the entire lifecycle of a user account for single sign-on. The workflows for self-administration of user data cover self-registration, self-migration, self-provisioning of external logins, password changes and user profile data editing. Features Airlock WAF Secure Reverse Proxy Termination of TCP / IP SSL, SSL VPN, HTTP / S, AMF, JSON and SOAP / XML filter Multi-level filtering Dynamic whitelisting URL encryption Smart form protection Cookie protection Load balancing ICAP content filtering Content rewriter (Raw, HTML) Access control, authentication & SSO HSM support Airlock Operations App for Splunk Airlock Login Supported tokens OTP token via Radius (RSA SecurID, Kobil SecOVID, VASCO Digipass, etc.), Client certificates (X.509, SuisseID, etc.) Integrated tokens Password, Mobile TAN, -OTP Single sign-on Kerberos, HTTP Cookies, HTTP Headers, URL-Tickets, Basic Auth, Form Post on behalf User directories JDBC databases, LDAP directories / MS ActiveDirectory User self-services automatic password reset, portal function Operational features failover, audit log, log viewer, web-based administration console, hot deployment without restart Operatingsystems Java-based: Linux, Windows, VMWare Airlock IAM additional to Airlock Login Supported tokens CrontoSign, Kobil AST, Swisscom MobileID, OATH -Tokens Integrated tokens Mobile OTP, matrix card Identity Federation SAML 2.0 IDP / SP, OAuth 2.0, OpenID Connect Single sign-on NTLM Integrated database for user extension User administration / IAM User, token and role administration, report engine, password policy enforcement User self-services Self-registration, self-migration, self-administration, kiosk and portal function for own user data Interfaces Webapplication, RADIUS, SOAP, REST, EAP / TLS 802.1X Operational features Multitenancy, statistical evaluations
6 Ergon Informatik AG Merkurstrasse 43 CH 8032 Zurich twitter.com/ergonairlock Copyright Notice Copyright 2015 Ergon Informatik AG. All Rights Reserved. All technical documentation that is made available by Ergon Informatik AG is the copyrighted work of Ergon Informatik AG and is owned by Ergon Informatik AG. Ergon, the Ergon logo, smart people smart software and Airlock are registered trademarks of Ergon Informatik AG. Microsoft and ActiveDirectory are registered trademarks or trademarks of Microsoft Corporation in the United States and / or other countries. Other products or trademarks mentioned are the property of their respective owners. smart people smart software Founded in 1984, Ergon Informatik AG now has workforce of 235 and numbers among the most long-standing and successful IT service providers in Switzerland. Over 80 % of our employees are graduate software developers, and most of them have trained as IT engineers at the Swiss Federal Institute of Technology (ETH), Zurich one of the world s top ten universities. Ergon Informatik AG has also won multiple awards for its sustainable personnel policy. Ergon Informatik AG is a broadly diversified company that provides services to a wide variety of sectors. Ergon has exceptional expertise in sectors such as financial services, ebanking, telecommunications and security. In 1997, Ergon developed Switzerland s first ebanking system for a well-known Swiss bank. Airlock Suite, our security product, was launched on the market in 2002 and is now used by 300 customers around the globe. For more information visit
White Paper Secure Reverse Proxy Server and Web Application Firewall
White Paper Secure Reverse Proxy Server and Web Application Firewall 2 Contents 3 3 4 4 8 Losing control Online accessibility means vulnerability Regain control with a central access point Strategic security
More informationnexus Hybrid Access Gateway
Product Sheet nexus Hybrid Access Gateway nexus Hybrid Access Gateway nexus Hybrid Access Gateway uses the inherent simplicity of virtual appliances to create matchless security, even beyond the boundaries
More informationOVERVIEW. DIGIPASS Authentication for Office 365
OVERVIEW DIGIPASS for Office 365 Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO Data Security assumes no responsibility
More informationTrustedX - PKI Authentication. Whitepaper
TrustedX - PKI Authentication Whitepaper CONTENTS Introduction... 3 1... 4 Use Scenarios... 5 Operation... 5 Architecture and Integration... 6 SAML and OAuth 7 RESTful Web Services 8 Monitoring and Auditing...
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationAgent Configuration Guide
SafeNet Authentication Service Agent Configuration Guide SAS Agent for Microsoft Internet Information Services (IIS) Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright
More informationsolution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service?
solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service? provides identity and access management capabilities as a hosted cloud service. This allows you to quickly
More informationPRIVACY, SECURITY AND THE VOLLY SERVICE
PRIVACY, SECURITY AND THE VOLLY SERVICE Delight Delivered by EXECUTIVE SUMMARY The Volly secure digital delivery service from Pitney Bowes is a closed, secure, end-to-end system that consolidates and delivers
More informationVMware Identity Manager Administration
VMware Identity Manager Administration VMware Identity Manager 2.4 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationSAP Single Sign-On 2.0 Overview Presentation
SAP Single Sign-On 2.0 Overview Presentation March 2016 Public Agenda SAP security portfolio Overview SAP Single Sign-On Single sign-on main scenarios Capabilities Summary 2016 SAP SE or an SAP affiliate
More informationAPI-Security Gateway Dirk Krafzig
API-Security Gateway Dirk Krafzig Intro Digital transformation accelerates application integration needs Dramatically increasing number of integration points Speed Security Industrial robustness Increasing
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server
INTEGRATION GUIDE DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document
More informationConfiguration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Internet Information Services (IIS)
SafeNet Authentication Service Configuration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationPortWise Access Management Suite
Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s
More informationOPENIAM ACCESS MANAGER. Web Access Management made Easy
OPENIAM ACCESS MANAGER Web Access Management made Easy TABLE OF CONTENTS Introduction... 3 OpenIAM Access Manager Overview... 4 Access Gateway... 4 Authentication... 5 Authorization... 5 Role Based Access
More informationHosting topology SMS PASSCODE 2015
Hosting topology SMS PASSCODE 2015 Hosting Topology In a hosting environment, you have a backend and a several front end (clients). In the example below, there is a backend at the right side. At the left
More informationAlex Wong Senior Manager - Product Management Bruce Ong Director - Product Management
Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management 1 Product Roadmap Disclaimer Any forward-looking indication of plans for products is preliminary and all future release
More informationThe Top 5 Federated Single Sign-On Scenarios
The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3
More informationINTEGRATION GUIDE. DIGIPASS Authentication for VMware Horizon Workspace
INTEGRATION GUIDE DIGIPASS Authentication for VMware Horizon Workspace Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is';
More informationTrustedX: eidas Platform
TrustedX: eidas Platform Identification, authentication and electronic signature platform for Web environments. Guarantees identity via adaptive authentication and the recognition of either corporate,
More informationIDENTIKEY Product Family
IDENTIKEY Product Family Rik Swusten Product Manager & VACMAN Controller GO 3 GO 6 250-251 260-261 270 270 XPress 275 GO 7 GO 100 301 CV 550 560 736 Virtual Nano for Mobile VACMA N Controll er 800 810
More informationHow To Use Salesforce Identity Features
Identity Implementation Guide Version 35.0, Winter 16 @salesforcedocs Last updated: October 27, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of
More informationCore Feature Comparison between. XML / SOA Gateways. and. Web Application Firewalls. Jason Macy jmacy@forumsys.com CTO, Forum Systems
Core Feature Comparison between XML / SOA Gateways and Web Application Firewalls Jason Macy jmacy@forumsys.com CTO, Forum Systems XML Gateway vs Competitive XML Gateways or Complementary? and s are Complementary
More informationINTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN
INTEGRATION GUIDE IDENTIKEY Federation Server for Juniper SSL-VPN Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO
More informationEntrust IdentityGuard Comprehensive
Entrust IdentityGuard Comprehensive Entrust IdentityGuard Comprehensive is a five-day, hands-on overview of Entrust Course participants will gain experience planning, installing and configuring Entrust
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server
INTEGRATION GUIDE DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is
More informationControlling Web Access with BMC Web Access Manager WHITE PAPER
Controlling Web Access with BMC Web Access Manager WHITE PAPER Table of Contents Executive Summary...2 The BMC Identity and Access Management Approach...3 BMC Enforcement Agent Deployment Flexibility...3
More informationWHITE PAPER. Identikey Server 3.1 Strong Authentication solution for On-Demand Applications and SaaS
WHITE PAPER Identikey Server 3.1 Strong Authentication solution for On-Demand Applications and SaaS Emerging trend: SaaS and Online Applications for every market Software deployments are shifting from
More informationLeveraging SAML for Federated Single Sign-on:
Leveraging SAML for Federated Single Sign-on: Seamless Integration with Web-based Applications whether cloudbased, private, on-premise, or behind a firewall Single Sign-on Layer v.3.2-006 PistolStar, Inc.
More informationCisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief
Guide Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief October 2012 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 21 Contents
More informationWHITE PAPER. Identikey Server 3.1 Strong Authentication solution against MITM Attacks for e-banking
WHITE PAPER Identikey Server 3.1 Strong Authentication solution against MITM Attacks for e-banking Protection against Man-in-the-Middle attacks As the global leader in two-factor authentication solutions
More informationOpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere.
OpenAM All-In-One solution to securely manage access to digital enterprise and customer services, anytime and anywhere. OpenAM, the only all-in-one open source access management solution, provides the
More informationArchitecture Guidelines Application Security
Executive Summary These guidelines describe best practice for application security for 2 or 3 tier web-based applications. It covers the use of common security mechanisms including Authentication, Authorisation
More informationA Guide to New Features in Propalms OneGate 4.0
A Guide to New Features in Propalms OneGate 4.0 Propalms Ltd. Published April 2013 Overview This document covers the new features, enhancements and changes introduced in Propalms OneGate 4.0 Server (previously
More informationAn Overview of Samsung KNOX Active Directory-based Single Sign-On
C E N T R I F Y W H I T E P A P E R. S E P T E M B E R 2013 An Overview of Samsung KNOX Active Directory-based Single Sign-On Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationAgenda. How to configure
dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services
More informationIntegrating IBM Cognos 8 BI with 3rd Party Auhtentication Proxies
Guideline Integrating IBM Cognos 8 BI with 3rd Party Auhtentication Proxies Product(s): IBM Cognos 8 BI Area of Interest: Security Integrating IBM Cognos 8 BI with 3rd Party Auhtentication Proxies 2 Copyright
More informationCA Performance Center
CA Performance Center Single Sign-On User Guide 2.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is
More informationSEC100 Secure Authentication and Data Transfer with SAP Single Sign-On. Public
SEC100 Secure Authentication and Data Transfer with SAP Single Sign-On Public Speakers Las Vegas, Oct 19-23 Christian Cohrs, Area Product Owner Barcelona, Nov 10-12 Regine Schimmer, Product Management
More informationPortWise Access Management Suite
Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s
More informationDIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access
DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access With IDENTIKEY Server / Axsguard IDENTIFIER Integration Guidelines Disclaimer Disclaimer of Warranties and Limitations
More informationDeploying RSA ClearTrust with the FirePass controller
Deployment Guide Deploying RSA ClearTrust with the FirePass Controller Deploying RSA ClearTrust with the FirePass controller Welcome to the FirePass RSA ClearTrust Deployment Guide. This guide shows you
More informationDualShield. for. Microsoft TMG. Implementation Guide. (Version 5.2) Copyright 2011 Deepnet Security Limited
DualShield for Implementation Guide (Version 5.2) Copyright 2011 Deepnet Security Limited Copyright 2011, Deepnet Security. All Rights Reserved. Page 1 Trademarks DualShield Unified Authentication, MobileID,
More informationRSA SecurID Ready Implementation Guide
RSA SecurID Ready Implementation Guide Partner Information Last Modified: December 18, 2006 Product Information Partner Name Microsoft Web Site http://www.microsoft.com/isaserver Product Name Internet
More informationFrom the Intranet to Mobile. By Divya Mehra and Stian Thorgersen
ENTERPRISE SECURITY WITH KEYCLOAK From the Intranet to Mobile By Divya Mehra and Stian Thorgersen PROJECT TIMELINE AGENDA THE OLD WAY Securing monolithic web app relatively easy Username and password
More informationProposal Document TitleDocument Version 1.0 TitleDocument
G-Cloud - Strong Authentication Service - Service Definition Proposal Document Author TitleDocument Version 1.0 TitleDocument Document publication date - 02/12/2014 Title Document Classification - Public
More informationCopyright Pivotal Software Inc, 2013-2015 1 of 10
Table of Contents Table of Contents Getting Started with Pivotal Single Sign-On Adding Users to a Single Sign-On Service Plan Administering Pivotal Single Sign-On Choosing an Application Type 1 2 5 7 10
More informationFederated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.
PingFederate We went with PingFederate because it s based on standards like SAML, which are important for a secure implementation. John Davidson Senior Product Manager, Opower PingFederate is the leading
More informationWHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS
WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user
More informationIQS Identity and Access Management
IQS Identity and Access Management Identity Management Authentication Authorization Administration www.-center.com The next generation security solution 2003 RSA Security Conference IAM is a combination
More informationmanaging SSO with shared credentials
managing SSO with shared credentials Introduction to Single Sign On (SSO) All organizations, small and big alike, today have a bunch of applications that must be accessed by different employees throughout
More informationCisco Secure Access Control Server 4.2 for Windows
Cisco Secure Access Control Server 4.2 for Windows Overview Q. What is Cisco Secure Access Control Server (ACS)? A. Cisco Secure ACS is a highly scalable, high-performance access control server that operates
More informationConnected Data. Connected Data requirements for SSO
Chapter 40 Configuring Connected Data The following is an overview of the steps required to configure the Connected Data Web application for single sign-on (SSO) via SAML. Connected Data offers both IdP-initiated
More informationSeptember 9 11, 2013 Anaheim, California 507 Demystifying Authentication and SSO Options in Business Intelligence
September 9 11, 2013 Anaheim, California 507 Demystifying Authentication and SSO Options in Business Intelligence Greg Wcislo Introduction We will not go into detailed how-to, however links to multiple
More informationWeb Application Security
Web Application Security Erwin Huber Head of Research & Development Web Application Security Web Application Security Unit Strong Focus on Web Application Security since 1996 Protection of Web Applications
More informationELM Manages Identities of 4 Million Government Program Users with. Identity Server
ELM Manages Identities of 4 Million Government Program Users with Identity Server ELM Implements Single Sign-on With WSO2 Identity Server to Streamline Administration, Improve Productivity, and Reduce
More informationSecuring Citrix with SSL VPN Technology
Securing Citrix with SSL VPN Technology An AEP Networks Solution Summary For years, Citrix Systems has dominated the server-based computing market as the solution of choice for application access across
More informationSecuring access to Citrix applications using Citrix Secure Gateway and SafeWord. PremierAccess. App Note. December 2001
Securing access to Citrix applications using Citrix Secure Gateway and SafeWord PremierAccess App Note December 2001 DISCLAIMER: This White Paper contains Secure Computing Corporation product performance
More informationBarracuda Networks Technical Documentation. Barracuda SSL VPN. Administrator s Guide. Version 2.x RECLAIM YOUR NETWORK
Barracuda Networks Technical Documentation Barracuda SSL VPN Administrator s Guide Version 2.x RECLAIM YOUR NETWORK Copyright Notice Copyright 2004-2011, Barracuda Networks, Inc. www.barracuda.com v20-110511w-02-110915jc
More informationPingFederate. Identity Menu Builder. User Guide. Version 1.0
Identity Menu Builder Version 1.0 User Guide 2011 Ping Identity Corporation. All rights reserved. Identity Menu Builder User Guide Version 1.0 April, 2011 Ping Identity Corporation 1099 18th Street, Suite
More informationTIBCO Spotfire Platform IT Brief
Platform IT Brief This IT brief outlines features of the system: Communication security, load balancing and failover, authentication options, and recommended practices for licenses and access. It primarily
More informationCA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam
CA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam (CAT-140) Version 1.4 - PROPRIETARY AND CONFIDENTIAL INFORMATION - These educational materials (hereinafter referred to as
More informationSAML Security Option White Paper
Fujitsu mpollux SAML Security Option White Paper Fujitsu mpollux Version 2.1 February 2009 First Edition February 2009 The programs described in this document may only be used in accordance with the conditions
More informationSimplify and Secure Cloud Access to Critical Business Data
SAP Brief SAP Technology SAP Cloud Identity Objectives Simplify and Secure Cloud Access to Critical Business Data Gain simplicity and security in a single cloud solution Gain simplicity and security in
More informationBarracuda SSL VPN Administrator s Guide
Barracuda SSL VPN Administrator s Guide Version 1.5.x Barracuda Networks Inc. 3175 S. Winchester Blvd. Campbell, CA 95008 http://www.barracuda.com Copyright Notice Copyright 2004-2009, Barracuda Networks,
More informationA viable alternative to TMG / UAG Web Application security, acceleration and authentication with DenyAll s DA-WAF
A viable alternative to TMG / UAG Web Application security, acceleration and authentication with DenyAll s DA-WAF Whitepaper 08/17/2015 Summary 1. Introductio... 3 1.1 What is TMG / UAG?... 3 2. How can
More informationSession Code*: 0310 Demystifying Authentication and SSO Options in Business Intelligence. Greg Wcislo
Session Code*: 0310 Demystifying Authentication and SSO Options in Business Intelligence Greg Wcislo Introduction We will not go into detailed how-to, however links to multiple how-to whitepapers will
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationEXECUTIVE VIEW. SecureAuth IdP. KuppingerCole Report
KuppingerCole Report EXECUTIVE VIEW by Dave Kearns March 2015 SecureAuth IdP SecureAuth IdP combines cloud single sign-on capabilities with strong authentication and risk-based access control while focusing
More informationNevis Secure Web Interaction
Nevis Secure Web Interaction Your Challenges Role-based Access Control End-to-End Security End-to-End Audit Trail Data Protection Delegated Administration Unauthorized Access Access Collaboration User
More informationAuthentication. Authentication in FortiOS. Single Sign-On (SSO)
Authentication FortiOS authentication identifies users through a variety of methods and, based on identity, allows or denies network access while applying any required additional security measures. Authentication
More informationOracle Access Manager. An Oracle White Paper
Oracle Access Manager An Oracle White Paper NOTE: The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any
More informationSingle Sign On. SSO & ID Management for Web and Mobile Applications
Single Sign On and ID Management Single Sign On SSO & ID Management for Web and Mobile Applications Presenter: Manish Harsh Program Manager for Developer Marketing Platforms of NVIDIA (Visual Computing
More informationCreating a Strong Security Infrastructure for Exposing JBoss Services
Creating a Strong Security Infrastructure for Exposing JBoss Services JBoss Enterprise SOA Platform Service Clients Service Gateway Enterprise Services Blake Dournaee, Product Management, Intel SOA Products
More informationPirean Access: One. integration with IBM Security Systems Software
Pirean Access: One Enhancing The Access Management User Experience through integration with IBM Security Systems Software Welcome to Pirean Insight Guides, our series of regular papers by Pirean s expert
More informationNew Single Sign-on Options for IBM Lotus Notes & Domino. 2012 IBM Corporation
New Single Sign-on Options for IBM Lotus Notes & Domino 2012 IBM Corporation IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM s sole
More informationThe PortalGuard All-In-One Authentication Solution-set: A Comparison Guide of Two-Factor Capabilities vs. the Competition
The PortalGuard All-In-One Authentication Solution-set: A Comparison Guide of Two-Factor Capabilities vs. the Competition Find out what organizations need to know to compare two-factor vendors and check
More informationProduct overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities
PRODUCT SHEET: CA SiteMinder CA SiteMinder we can CA SiteMinder provides a centralized security management foundation that enables the secure use of the web to deliver applications and cloud services to
More informationEXECUTIVE VIEW. EmpowerID 2013. KuppingerCole Report. By Peter Cummings October 2013. By Peter Cummings pc@kuppingercole.
KuppingerCole Report EXECUTIVE VIEW By Peter Cummings October 2013 EmpowerID 2013 By Peter Cummings pc@kuppingercole.com October 2013 Content 1 Vendor Profile... 3 2 Product Description... 4 2.1 Single
More informationAPI Management: Powered by SOA Software Dedicated Cloud
Software Dedicated Cloud The Challenge Smartphones, mobility and the IoT are changing the way users consume digital information. They re changing the expectations and experience of customers interacting
More informationTwo-Factor Authentication
Two-Factor Authentication A Total Cost of Ownership Viewpoint CONTENTS + Two-Factor Authentication 3 A Total Cost of Ownership Viewpoint + Introduction 3 + Defining Total Cost of Ownership 3 + VeriSign
More informationAn Overview of Samsung KNOX Active Directory and Group Policy Features
C E N T R I F Y W H I T E P A P E R. N O V E M B E R 2013 An Overview of Samsung KNOX Active Directory and Group Policy Features Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationHOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services
1 HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided
More informationSingle Sign-On. Security and comfort can be friend. Arnd Langguth. alangguth@novell.com. September, 2006
Single Sign-On Security and comfort can be friend. Arnd Langguth alangguth@novell.com September, 2006 Identity proliferation in the enterprise Password management problem How many passwords do you have?
More informationSecure the Web: OpenSSO
Secure the Web: OpenSSO Sang Shin, Technology Architect Sun Microsystems, Inc. javapassion.com Pat Patterson, Principal Engineer Sun Microsystems, Inc. blogs.sun.com/superpat 1 Agenda Need for identity-based
More informationABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES
CONTENTS About Tools4ever... 3 About Deloitte Risk Services... 3 HelloID... 4 Microsoft Azure... 5 HelloID Security Architecture... 6 Scenarios... 8 SAML Identity Provider (IDP)... 8 Service Provider SAML
More informationCloud Services Catalog with Epsilon
Cloud Services Catalog with Epsilon Modern IT enterprises face several challenges while building a service catalog for their data center. Provisioning with a cloud management platform solves some of these
More informationCybersecurity and Secure Authentication with SAP Single Sign-On
Solution in Detail SAP NetWeaver SAP Single Sign-On Cybersecurity and Secure Authentication with SAP Single Sign-On Table of Contents 3 Quick Facts 4 Remember One Password Only 6 Log In Once to Handle
More informationCA Adapter. Installation and Configuration Guide for Windows. r2.2.9
CA Adapter Installation and Configuration Guide for Windows r2.2.9 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationTRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE
White Paper TRANSITIONING ENTERPRISE CUSTOMERS TO THE CLOUD WITH PULSE SECURE Pulse Connect Secure Enables Service Providers to Deliver Scalable and On-Demand, Cloud-Based Deployments with Simplicity and
More informationProtect Everything: Networks, Applications and Cloud Services
Protect Everything: Networks, Applications and Cloud Services Tokens & Users Cloud Applications Private Networks Corporate Network API LDAP / Active Directory SAML RADIUS Corporate Network LDAP / Active
More informationSecurity Overview Enterprise-Class Secure Mobile File Sharing
Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud
More informationApplication Note. Intelligent Application Gateway with SA server using AD password and OTP
Application Note Intelligent Application Gateway with SA server using AD password and OTP ii Preface All information herein is either public information or is the property of and owned solely by Gemalto
More informationINTEGRATE SALESFORCE.COM SINGLE SIGN-ON WITH THIRD-PARTY SINGLE SIGN-ON USING SENTRY A GUIDE TO SUCCESSFUL USE CASE
INTEGRATE SALESFORCE.COM SINGLE SIGN-ON WITH THIRD-PARTY SINGLE SIGN-ON USING SENTRY A GUIDE TO SUCCESSFUL USE CASE Legal Marks No portion of this document may be reproduced or copied in any form, or by
More informationHow To Use Netscaler As An Afs Proxy
Deployment Guide Guide to Deploying NetScaler as an Active Directory Federation Services Proxy Enabling seamless authentication for Office 365 use cases Table of Contents Introduction 3 ADFS proxy deployment
More informationThe increasing popularity of mobile devices is rapidly changing how and where we
Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to
More informationTenrox. Single Sign-On (SSO) Setup Guide. January, 2012. 2012 Tenrox. All rights reserved.
Tenrox Single Sign-On (SSO) Setup Guide January, 2012 2012 Tenrox. All rights reserved. About this Guide This guide provides a high-level technical overview of the Tenrox Single Sign-On (SSO) architecture,
More informationHOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services
HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided
More informationUnderstanding Enterprise Cloud Governance
Understanding Enterprise Cloud Governance Maintaining control while delivering the agility of cloud computing Most large enterprises have a hybrid or multi-cloud environment comprised of a combination
More informationCA Single Sign-On Migration Guide
CA Single Sign-On Migration Guide Web access management (WAM) systems have been a part of enterprises for decades. It is critical to control access and audit applications while reducing the friction for
More information