PERSPECTIVES. State of the Art. Mobile Single Sign-On to Microsoft Exchange with OWA and ActiveSync
|
|
- Benjamin Montgomery
- 7 years ago
- Views:
Transcription
1 State of the Art Mobile Single Sign-On to Microsoft Exchange with OWA and ActiveSync This document describes a secure single sign-on (SSO) solution for accessing Microsoft Exchange on tablets and smartphones. It is based on Evidian Web Access Manager PERSPECTIVES
2 White Paper > June
3 Protecting Microsoft Exchange in a Cloud Environment An ing system such as Microsoft Exchange is one of the most critical resources of any business. It is therefore essential that its access be protected. This is all the more important since most web applications now use to transmit or reset passwords. The ing system, if not adequately protected, thus becomes a weak link in the information system. To protect and simplify access to web applications, single sign-on (SSO) solutions are growing in popularity. After an initial sign-on (password, smart card, OTP token), the user accesses all the applications for which he or she has rights, without having to know the passwords of the applications themselves. How can Microsoft Exchange be easily integrated into an SSO access security system? In practice, there are obstacles to overcome: Web access to Microsoft Exchange is not natively compatible with most modern strong authentication mechanisms. Microsoft Exchange web access requires the Windows password, which the user may not know. The IT department must therefore ensure that the corporate web authentication system can effectively protect Microsoft Outlook
4 What are Microsoft Outlook Web App and Microsoft ActiveSync? Microsoft supplies two main solutions to access Microsoft Exchange from outside the Windows ecosystem. One solution makes it possible to consult a mailbox via a web browser; the other one directly connects a native mail reader to the Microsoft Exchange server. Microsoft Outlook Web App (OWA) is the web interface used to access Microsoft Exchange mailboxes. The ergonomics differs according to the browser, e.g. Internet Explorer (which supports ActiveX), Firefox or Chrome (which do not support ActiveX). Microsoft ActiveSync is the protocol that enables a Microsoft Exchange mailbox to be synchronized on a mobile phone or another mobile device, such as a tablet. This protocol is based on OWA and IIS 1 ; it uses a subset of the HTTP protocol. Organizations using Microsoft Exchange must generally activate both solutions at the same time in order to cover the various uses of their employees. What is Evidian Web Access Manager? Evidian Web Access Manager is a single sign-on (SSO) solution for web applications. It requires no installation on the workstation, which can be a tablet or a smartphone. Evidian Web Access Manager can be used alone or in cooperation with Evidian Enterprise SSO, a solution based on a local Windows client that provides access to web and non-web applications. Evidian 1 Microsoft Internet Information Services - 4 -
5 Enterprise SSO and Evidian Web Access Manager can share information about a web application s user account and login as well as Windows login. This document uses Evidian Web Access Manager to illustrate examples of web access to Microsoft Outlook via single sign-on mechanisms
6 Use Case: Single Sign-On to Microsoft Outlook Outlook Web App and ActiveSync are web applications that can be controlled by a single sign-on web solution such as Evidian Web Access Manager. Evidian Web Access Manager can control access to Outlook Web App just like it does for any traditional web application. Evidian Web Access Manager can also control mobile accesses to the ing system, using the ActiveSync protocol. Use Case with Outlook Web App (OWA) A mobile user accesses his Outlook mailbox via the Outlook Web App interface. To log in to this interface, the Windows password must usually be entered. However, the user may not know the Windows password required by Outlook Web App: On his desktop PC, the user does not always use the Windows password. Access may be managed by a local tool, such as Evidian Enterprise SSO or Authentication Manager. Similarly, the user may enter a single-use password (One-Time Password, OTP RADIUS) or an X.509 certificate for remote web access via Evidian Web Access Manager. In this case, Evidian Web Access Manager uses the Windows password known by Evidian Enterprise SSO to authenticate on the OWA server. Result: once logged onto Evidian Web Access Manager, the user accesses OWA via his or her browser, without having to enter another password
7 Use Case with ActiveSync Via a mobile phone (iphone, Android, Windows Phone) or a tablet (ipad, Android, etc.), the user synchronizes his s and calendar with his OWA account via Wi-Fi or 3G. The ActiveSync client application must be able to authenticate and access the OWA resources using the ActiveSync protocol. However, as we have seen, the user does not necessarily know his Windows password. He may not therefore be able to use it to configure the ActiveSync client application. In this case, the user is provided with a password dedicated to ActiveSync authentication thanks to Evidian Web Access Manager. The ActiveSync client application, on the phone or tablet, is configured to use Evidian Web Access Manager as an server. Evidian Web Access Manager uses the dedicated Active Sync password to authenticate the user, then injects instead the Windows password known by Evidian Enterprise SSO for the authentication on the ActiveSync interface of the OWA server. Result: the client automatically logs on to Evidian Web Access Manager to access OWA, without de-synchronization risk when the Windows password is changed
8 Architecture Principles with Outlook Web App The figure below shows a typical architecture to enable access via the web to mailboxes under Outlook Web App (OWA). Figure 1: Architecture for Outlook Web App The nomad user authenticates thanks to an OTP (one-time-password) type method, via a device or application synchronized with an OTP server. When he/she accesses the Evidian Web Access Manager portal, authentication is checked by the OTP server using RADIUS protocol. Then Evidian Web Access Manager identifies the user in the Active Directory. Evidian Web Access Manager can obtain the user s application passwords and Windows password from Evidian Enterprise SSO, if it is present. The Windows password is thus used to authenticate on the OWA servers. The authentication type may be integrated Microsoft authentication (NTLMv2), form-based authentication or basic HTTP authentication
9 Principles and Architecture with Microsoft ActiveSync The ActiveSync protocol is a sub-set of the HTTP protocol; it does not support: 301 and 302 redirections HTTP/HTTPS ports other than 80 and 443 ActiveSync therefore imposes constraints in its portalization via a web single sign-on solution such as Evidian Web Access Manager: It is not possible to redirect to an Evidian Web Access Manager authentication server or an external authentication server. Primary authentication must therefore be carried by the Web Access Manager gateway. Authentication to an external RADIUS or Kerberos server is not possible. The gateway must run on port 80 (HTTP) or 443 (HTTPS). URL translation is not possible. The Web Access Manager gateway must be a remote web agent. ActiveSync clients provide only one login and password field to manage authentication. The login and password values are sent for each HTTP Basic Authentication connection. There can be no further dialog between the gateway and the client to manage a one-time authentication. For ease-of-use reasons, it is not likely to frequently change the ActiveSync password saved in the smartphone. ActiveSync protocol constraints therefore prevent the use of an OTP server. But it is not possible to use the Windows password either if the user does not know it. In the architecture described here, the primary passwords are stored in a different LDAP directory than the Active Directory. The latter contains the real users/passwords
10 The user will enter a password that is not his actual Windows password, but that will be checked by Evidian Web Access Manager. Evidian Web Access Manager then injects the actual Windows password into the flow of data exchanged with the ActiveSync server. The false Windows password can then be modified independently from the change frequency of the Windows password. The figure below presents an Evidian Web Access Manager architecture that enables access to ActiveSync mailboxes via a mobile phone. Figure 2: Web Access Manager Architecture for ActiveSync This is what happens for an ActiveSync connection from a mobile phone: The user has a user1 login and a password The user1@domain.com account is configured on the mobile phone. The ing server is set as wam.domain.com, either encrypted (HTTPS) or not (HTTP) An ActiveSync connection towards the Evidian Web Access Manager server is activated and the ActiveSync client will automatically issue the user1 login and its password for each request
11 Evidian Web Access Manager intercepts the user login to perform the following: 1. User identification - i.e. determining the user s original directory. 2. Authenticating the user in his identification directory. 3. Identification in the directory containing the real reference to the user. 4. Recovery of primary and secondary passwords associated with the user identified in step (3). Evidian Web Access Manager then connects to the ActiveSync server and injects the user name and password expected by the OWA ing server. The user is then authenticated by the OWA server (5) in the Active Directory of the Windows domain. Authorization Management for ActiveSync Authorizations to access applications can be calculated dynamically using simple and, or, not rules applied to the user s attributes in the LDAP directory. These rules apply to the ActiveSync connections as well as to all other connections transiting via Evidian Web Access Manager. Static or dynamic groups can thus be created to authorize access to mailboxes on a mobile phone according to the users duties. Changing Passwords for ActiveSync The passwords used on mobile phones are separate from the Windows passwords. They can therefore be changed independently: Using a provisioning tool (such as Evidian Identity & Access Manager or Evidian ID Synchronization) which modifies the passwords in the LDAP directory. The new passwords must
12 then be sent to users so that they can configure their mobile phones. By the users themselves, using Web Access Manager to modify their own passwords. Filtering based on the Phone Identifier for ActiveSync For each ActiveSync request, the mobile phone issues an identifier which syntax is specific to each manufacturer. The OWA server makes it possible to declare, register and filter ActiveSync connections according to these unique identifiers. Filtering enables a user account to be strongly associated with one or more mobile devices. This prevents fraudulent access based on the duplication of device content. Tracing all User Activity All access management policies require control. Evidian Web Access Manager logs all user access attempts. Administrators therefore know who accessed which application and when. Evidian Web Access Manager is compatible with web traffic analysis tools, such as Webtrends. This simplifies the analysis of security audit reports. Audit events are transmitted to Evidian Identity & Access Manager centralized audit database for each authentication and password transmission
13 Encryption of Confidential Data With Evidian Web Access Manager, all OWA and ActiveSync communications can be encrypted. The Evidian Web Access Manager gateway encrypts data itself using SSL. Users can therefore be sure of security when they consult their s, since they are protected by Evidian Web Access Manager. Protecting Web Resources against Attacks Evidian Web Access Manager helps you prevent attacks on web resources exposed on the Internet. The Evidian Web Access Manager gateway can mask the actual address of web resources. It modifies the URL of the web applications ( URL translation ), thus preventing hackers from finding out the network topology. Evidian Web Access Manager controls inputs for all web accesses. This facilitates the protection of web applications against attacks via the Internet. High Availability and Load Sharing The Evidian Web Access Manager gateway can be installed on two or more servers. In this case, the servers share the web traffic load and ensure disaster recovery if either server fails. This high availability solution is purely software-based. It therefore requires neither appliances nor shared disks; it works with standard servers. Similarly, load increases are managed by simply adding extra Evidian Web Access Manager gateways
14 39 A2 22LY 00 Evidian IAM Suite Our IAM solution is recognized by customers and analysts for its completeness. The Evidian IAM Suite offers the following components to make a fully integrated solution: Evidian Identity & Access Manager allows authorization governance and a full lifecycle management of identities and access to services, driven by a security policy combined with approval workflows. Evidian Web Access Manager is designed to manage access federation to Web applications, secure remote access for mobile users and replace all user passwords with a single and strong authentication method. Evidian Enterprise SSO facilitates access to enterprise and personal applications from workstations, mobile devices and smartphone and frees users from the password constraints. Evidian Authentication Manager provides strong authentication on workstations and mobile devices: smartcard or token, X509 certificate, contactless RFID cards, biometrics, one time password. Evidian SafeKit brings high availability, failover, file replication and load balancing to applications. For more information, please consult our website: Evidian The information contained in this document represents the view of Evidian on the issues discussed at the date of publication. Because Evidian must respond to changing market conditions, it should not be interpreted as a commitment on the part of Evidian, and Evidian cannot guarantee the accuracy of any information presented after the date of publication. This is for informational purposes only. EVIDIAN MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. We acknowledge the rights of the proprietors of trademarks mentioned in this book. This white paper is printed on paper combining 40% eco-certified fibers from sustainable forests management and 60% recycled fibers in line with current environment standards (ISO 14001). (ISO 14001).
Extranet Access Management Web Access Control for New Business Services
Extranet Access Management Web Access Control for New Business Services An Evidian White Paper Increase your revenue and the ROI for your Web portals Summary Increase Revenue Secure Web Access Control
More informationConfiguration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Outlook Web Access 1.06
SafeNet Authentication Service Configuration Guide 1.06 Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationOVERVIEW. DIGIPASS Authentication for Office 365
OVERVIEW DIGIPASS for Office 365 Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO Data Security assumes no responsibility
More informationSAS Agent for Outlook Web App
SAS Agent for Outlook Web App CUSTOMER RELEASE NOTES Version: 1.08 Build: 1.08.579 Issue Date: 17 November 2015 Document Part Number: 007-012888-001, Rev. F Contents Product Description... 2 Release Description...
More informationCisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief
Guide Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief October 2012 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 21 Contents
More informationSingle Sign-on Frequently Asked Questions
Single Sign-on Frequently Asked Questions Q1. What is Single Sign-on? Q2. How does SSO work? Q3. How do I access the SSO portal? Q4. Where can I find help on how to use the SSO portal? Q5. How do I reset
More informationWorkday Mobile Security FAQ
Workday Mobile Security FAQ Workday Mobile Security FAQ Contents The Workday Approach 2 Authentication 3 Session 3 Mobile Device Management (MDM) 3 Workday Applications 4 Web 4 Transport Security 5 Privacy
More informationBusiness mail 1 MS OUTLOOK CONFIGURATION... 2
Business mail Instructions for configuration of Outlook, 2007, 2010, 2013 and mobile devices CONTENT 1 MS OUTLOOK CONFIGURATION... 2 1.1 Outlook 2007, 2010 and 2013 adding new exchange account, automatic
More informationTechnical Brief ActiveSync Configuration for WatchGuard SSL 100
Introduction Technical Brief ActiveSync Configuration for WatchGuard SSL 100 October 2009 With ActiveSync, users get push functionality to keep email, calendar, tasks, and contacts up to date on a mobile
More information1 Outlook Web Access. 1.1 Outlook Web Access (OWA) Foundation IT Written approximately Dec 2010
Foundation IT Written approximately Dec 2010 1 Outlook Web Access With the new version of Exchange 2010 Outlook Anywhere has been enabled and configured with a secure socket layer (SSL) certificate from
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server
INTEGRATION GUIDE DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document
More informationWhite Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0
White Paper Enterprise File Serving 2.0 Anywhere, Any Device File Access with IT in Control Like it or not, cloud- based file sharing services have opened up a new world of mobile file access and collaborative
More informationSecure Web Access Solution
Secure Web Access Solution I. CONTENTS II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. E-CODE SECURE WEB ACCESS SOLUTION... 3 OVERVIEW... 3 PKI SECURE WEB ACCESS... 4 Description...
More informationConfiguration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Outlook Web App. Technical Manual Template
SafeNet Authentication Service Configuration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationBuilding an identity repository is at the heart of identity and access management.
State of the art ID Synchronization for a multi-directory identity repository Building an identity repository is at the heart of identity and access management. In fact, no matter the quality of an access
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More information1. What are the System Requirements for using the MaaS360 for Exchange ActiveSync solution?
MaaS360 FAQs This guide is meant to help answer some of the initial frequently asked questions businesses ask as they try to figure out the who, what, when, why and how of managing their smartphone devices,
More informationSingle Sign-On Portal User Reference (Okta Cloud SSO)
Single Sign-On Portal User Reference (Okta Cloud SSO) Contents Okta Single Sign-on Portal... 3 Initial account creation and configuration... 3 First time manual login to the Okta Single Sign-on Portal...
More informationAccessing Derbyshire County Council s Outlook Web Access (OWA) Service. Smart Phone App version
Accessing Derbyshire County Council s Outlook Web Access (OWA) Service Smart Phone App version Contents About this guide... 2 Before accessing Outlook Web Access... 3 Accessing Outlook Web Access (OWA)
More informationAgent Configuration Guide
SafeNet Authentication Service Agent Configuration Guide SAS Agent for Microsoft Internet Information Services (IIS) Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright
More informationQ. I use a MAC How do I change my password so I can send and receive my email?
Password Change FAQ Q. I use a MAC How do I change my password so I can send and receive my email? A. First point a browser to http://www.redlands.edu/passwordmanager and change your password. Afterward,
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Office 365 using IDENTIKEY Authentication Server with Basic Web Filter
INTEGRATION GUIDE DIGIPASS Authentication for Office 365 using IDENTIKEY Authentication Server with Basic Web Filter Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained
More informationConfiguration Guide BES12. Version 12.2
Configuration Guide BES12 Version 12.2 Published: 2015-07-07 SWD-20150630131852557 Contents About this guide... 8 Getting started... 9 Administrator permissions you need to configure BES12... 9 Obtaining
More informationMelbourneOnline Hosted Exchange Setup
MelbourneOnline Hosted Exchange Setup Your email on our Hosted Exchange servers can be accessed by multiple devices including PC, Mac, iphone, IPad, Android, Windows Phone and of course webmail. It s all
More informationSingle Sign On for ShareFile with NetScaler. Deployment Guide
Single Sign On for ShareFile with NetScaler Deployment Guide This deployment guide focuses on defining the process for enabling Single Sign On into Citrix ShareFile with Citrix NetScaler. Table of Contents
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationBlackShield ID Agent for Remote Web Workplace
Agent for Remote Web Workplace 2010 CRYPTOCard Corp. All rights reserved. http:// www.cryptocard.com Copyright Copyright 2010, CRYPTOCard All Rights Reserved. No part of this publication may be reproduced,
More informationDirX Identity V8.5. Secure and flexible Password Management. Technical Data Sheet
Technical Data Sheet DirX Identity V8.5 Secure and flexible Password Management DirX Identity provides a comprehensive password management solution for enterprises and organizations. It delivers self-service
More informationUNIFIED COMMUNICATIONS POST-MIGRATION INSTRUCTIONS
UNIFIED COMMUNICATIONS POST-MIGRATION INSTRUCTIONS (PURPOSE): The purpose of this document is to prepare the email user for post email migration activities to ensure a successful email migration with no
More informationBusiness mail 1 MS OUTLOOK RECONFIGURATION DUE TO SYSTEM MIGRATION... 2
Business mail Instructions for configuration of Outlook, 2007, 2010, 2013 and mobile devices CONTENT 1 MS OUTLOOK RECONFIGURATION DUE TO SYSTEM MIGRATION... 2 1.1 Deleting existing Exchange e-mail accounts...
More informationUser Guide. Time Warner Cable Business Class Cloud Solutions Control Panel. Hosted Microsoft Exchange 2007 Hosted Microsoft SharePoint 2007
Chapter Title Time Warner Cable Business Class Cloud Solutions Control Panel User Guide Hosted Microsoft Exchange 2007 Hosted Microsoft SharePoint 2007 Version 1.1 Table of Contents Table of Contents...
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationTwo-Factor Authentication
Two-Factor Authentication IT Professional & Customer Service Desk Feature Guide Two-Factor Authentication for Exchange Online Office 365 Dedicated & ITAR-Support Plans April 26, 2013 The information contained
More informationConfiguration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Internet Information Services (IIS)
SafeNet Authentication Service Configuration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationConfiguration Guide BES12. Version 12.3
Configuration Guide BES12 Version 12.3 Published: 2016-01-19 SWD-20160119132230232 Contents About this guide... 7 Getting started... 8 Configuring BES12 for the first time...8 Configuration tasks for managing
More informationINTEGRATION GUIDE. General Radius Config
INTEGRATION GUIDE General Radius Config Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as is'; VASCO Data Security assumes no
More informationCA Performance Center
CA Performance Center Single Sign-On User Guide 2.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is
More informationHOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services
HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided
More informationEntrust IdentityGuard Comprehensive
Entrust IdentityGuard Comprehensive Entrust IdentityGuard Comprehensive is a five-day, hands-on overview of Entrust Course participants will gain experience planning, installing and configuring Entrust
More informationAgenda. How to configure
dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services
More informationSAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)
SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) A RSACCESS WHITE PAPER 1 Microsoft Forefront Unified Access Gateway Overview 2 Safe-T RSAccess Secure Front-end Overview
More informationHotSpot Enterprise Mobile Printing Solution. Security Whitepaper
HotSpot Enterprise Mobile Printing Solution Security Whitepaper August, 2012 2012, Ricoh Americas Corporation. All rights reserved. Ricoh and the Ricoh logo are registered trademarks of Ricoh Company,
More informationWHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS
WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user
More informationIntegrating Hitachi ID Suite with WebSSO Systems
Integrating Hitachi ID Suite with WebSSO Systems 2015 Hitachi ID Systems, Inc. All rights reserved. Web single sign-on (WebSSO) systems are a widely deployed technology for managing user authentication
More informationBell Mobile Device Management (MDM)
Bell MDM Technical FAQs 1 Bell Mobile Device Management (MDM) Frequently Asked Questions INTRODUCTION Bell Mobile Device Management provides business customers an all in one device administration tool
More informationCortado Corporate Server
Cortado Corporate Server 100 % On Premise Installed & Run Entirely On Your Corporate Network Feature Mobile Device Device Policy Application E-mail Push Wi-Fi Configuration Push Enable secure BYOD and
More informationHosted Microsoft Exchange Client Setup & Guide Book
Hosted Microsoft Exchange Client Setup & Guide Book Section 1 Microsoft Outlook Web Access (OWA) access directions Section 2 Windows 10 Mail App setup & configuration Section 3 Windows Mobile Phone ActiveSync
More informationBlackShield ID Agent for Terminal Services Web and Remote Desktop Web
Agent for Terminal Services Web and Remote Desktop Web 2010 CRYPTOCard Corp. All rights reserved. http:// www.cryptocard.com Copyright Copyright 2010, CRYPTOCard All Rights Reserved. No part of this publication
More informationOffice 365 deployment checklists
Chapter 128 Office 365 deployment checklists This document provides some checklists to help you make sure that you install and configure your Office 365 deployment correctly and with a minimum of issues.
More informationCentrify Cloud Management Suite
Centrify Cloud Management Suite Installation and Configuration Guide April 2013 Centrify Corporation Legal notice This document and the software described in this document are furnished under and are subject
More informationABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES
CONTENTS About Tools4ever... 3 About Deloitte Risk Services... 3 HelloID... 4 Microsoft Azure... 5 HelloID Security Architecture... 6 Scenarios... 8 SAML Identity Provider (IDP)... 8 Service Provider SAML
More informationSolutions Guide. Deploying Citrix NetScaler with Microsoft Exchange 2013 for GSLB. citrix.com
Deploying Citrix NetScaler with Microsoft Exchange 2013 for GSLB Table of Contents Introduction 3 Overview of Microsoft Exchange 2013 3 Why NetScaler GSLB for Exchange 2013? 3 Topology 3 Single Namespace
More informationOffice 365 deploym. ployment checklists. Chapter 27
Chapter 27 Office 365 deploym ployment checklists This document provides some checklists to help you make sure that you install and configure your Office 365 deployment correctly and with a minimum of
More informationConfiguration Guide BES12. Version 12.1
Configuration Guide BES12 Version 12.1 Published: 2015-04-22 SWD-20150422113638568 Contents Introduction... 7 About this guide...7 What is BES12?...7 Key features of BES12... 8 Product documentation...
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Microsoft Exchange ActiveSync 2007
INTEGRATION GUIDE DIGIPASS Authentication for Microsoft Exchange ActiveSync 2007 Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided
More informationVMware Identity Manager Administration
VMware Identity Manager Administration VMware Identity Manager 2.4 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationBlackBerry Enterprise Service 10 version 10.2 preinstallation and preupgrade checklist
BlackBerry Enterprise Service version.2 preinstallation and preupgrade checklist Verify that the following requirements are met before you install or upgrade to BlackBerry Enterprise Service version.2.
More informationProof of Concept Guide
Proof of Concept Guide Version 4.0 Published: OCT-2013 Updated: 2005-2013 Propalms Ltd. All rights reserved. The information contained in this document represents the current view of Propalms Ltd. on the
More informationProtecting Microsoft Internet Information Services Web Servers with ISA Server 2004
Protecting Microsoft Internet Information Services Web Servers with ISA Server 2004 White Paper Published: June 2004 For the latest information, please see http://www.microsoft.com/isaserver/ Contents
More informationFortiMail Server Mode SOLUCIÓN INTEGRAL DE CORREO SEGURO
FortiMail Server Mode SOLUCIÓN INTEGRAL DE CORREO SEGURO FortiMail Server All-in-one Secured Email Platform SMTP, POP3, IMAP Secured Webmail access Security benefits from FortiMail advanced Antivirus and
More informationSAS Agent for Outlook Web Access
SAS Agent for Outlook Web Access CUSTOMER RELEASE NOTES Version: 1.06 Build: 1.06.27725 Issue Date: 4 February 2015 Document Part Number: 007-012888-001, Rev. D Contents Product Description... 2 Release
More informationHow to configure your mobile devices post migrating to Microsoft Office 365
How to configure your mobile devices post migrating to Microsoft Office 365 1 Contents Purpose... 3 Document support boundaries... 3 Examples used in this document... 3 ipad and iphone (ios 4.x and 5.x)...
More informationWhite Paper. McAfee Cloud Single Sign On Reviewer s Guide
White Paper McAfee Cloud Single Sign On Reviewer s Guide Table of Contents Introducing McAfee Cloud Single Sign On 3 Use Cases 3 Key Features 3 Provisioning and De-Provisioning 4 Single Sign On and Authentication
More informationOffice of Information Technology Connecting to Microsoft Exchange User Guide
OVERVIEW The Office of Information Technology is migrating its messaging infrastructure from Microsoft Exchange 2003 to Microsoft Exchange 2010. Moving to the latest technology will provide many enhancements
More informationMaaS360 Mobile Enterprise Gateway
MaaS360 Mobile Enterprise Gateway Administrator Guide Copyright 2013 Fiberlink Communications Corporation. All rights reserved. Information in this document is subject to change without notice. The software
More informationEmail: support@apps4rent.com Toll Free: 1-866-716-2040 International: 1-646-506-9354
1. Check your Welcome e-mail for login credentials for the control panel. 2. Using the login details in the welcome e-mail; login at https://cp.hostallapps.com Adding Domain: 1. On the Home Page of the
More informationSophos Mobile Control User guide for Android
Sophos Mobile Control User guide for Android Product version: 2.5 Document date: July 2012 Contents 1 About Sophos Mobile Control... 3 2 Login to the Self Service Portal... 4 3 Set up Sophos Mobile Control
More informationMaaS360 Mobile Enterprise Gateway
MaaS360 Mobile Enterprise Gateway Administrator Guide Copyright 2014 Fiberlink, an IBM Company. All rights reserved. Information in this document is subject to change without notice. The software described
More informationAPI-Security Gateway Dirk Krafzig
API-Security Gateway Dirk Krafzig Intro Digital transformation accelerates application integration needs Dramatically increasing number of integration points Speed Security Industrial robustness Increasing
More informationGuidelines to setup mobile devices to a UOITnet account Google Apps for Education. Information Technology Services
Guidelines to setup mobile devices to a UOITnet account Google Apps for Education Information Technology Services Contents Support for UOITnet email set up on a Mobile Device... 2 Generate Google Token...
More informationDIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access
DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access With IDENTIKEY Server / Axsguard IDENTIFIER Integration Guidelines Disclaimer Disclaimer of Warranties and Limitations
More informationInteract Intranet Version 7. Technical Requirements. August 2014. 2014 Interact
Interact Intranet Version 7 Technical Requirements August 2014 2014 Interact Definitions... 3 Licenses... 3 On-Premise... 3 Cloud... 3 Pulic Cloud... 3 Private Cloud... 3 Perpetual... 3 Self-Hosted...
More informationHOTPin Integration Guide: Google Apps with Active Directory Federated Services
HOTPin Integration Guide: Google Apps with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as
More informationInformation Technology Department. Exchange 2010 E-Mail Migration
Information Technology Department Exchange 2010 E-Mail Migration Please note: accessing your mailbox during its migration could result in irreparable damage to your email. Please read the instructions
More informationDirectory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA 94107. info@okta.
Directory Integration with Okta An Architectural Overview Okta Inc. 301 Brannan Street San Francisco, CA 94107 info@okta.com 1-888-722-7871 Contents 1 User Directories and the Cloud: An Overview 3 Okta
More informationNeoMail Guide. Neotel (Pty) Ltd
NeoMail Guide Neotel (Pty) Ltd NeoMail Connect Guide... 1 1. POP and IMAP Client access... 3 2. Outlook Web Access... 4 3. Outlook (IMAP and POP)... 6 4. Outlook 2007... 16 5. Outlook Express... 24 1.
More informationConvenience and security
Convenience and security ControlSphere is a computer security and automation solution designed to protect user data and automate most of authentication tasks for the user at work and home environments.
More informationID Director for Windows
2016 ID Director for Windows FINGERPRINT AUTHENTICATION FOR MICROSOFT NETWORKS BIO-key International www.bio-key.com Introduction Fingerprint biometrics are commonly deployed by organizations seeking to
More informationOWA vs. MDM. Once important area to consider is the impact on security and compliance policies by users bringing their own devices (BYOD) to work.
OWA vs. MDM Introduction SmartPhones and tablet devices are becoming a common fixture in the corporate environment. As feature phones are replaced with new devices such as iphone s, ipad s, and Android
More informationLync SHIELD Product Suite
Lync SHIELD Product Suite The Natural Solution For Securing Lync Connectivity For today s mobile enterprise, the need to connect smartphones to the corporate network has become a vital business requirement.
More informationFileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution.
FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution. In today s world the potential for ready access to data from virtually any device over any type of network connection creates
More informationAdministrator Guide. v 11
Administrator Guide JustSSO is a Single Sign On (SSO) solution specially developed to integrate Google Apps suite to your Directory Service. Product developed by Just Digital v 11 Index Overview... 3 Main
More informationBlackBerry Enterprise Server for Microsoft Office 365 preinstallation checklist
BlackBerry Enterprise Server for Microsoft Office 365 preinstallation checklist This document lists the preinstallation requirements that must be met before you install the BlackBerry Enterprise Server
More informationHosted Exchange 2010
Hosted Exchange 2010 More email flexibility. Less server hassle and cost. Add/remove mailboxes at any time to suit your needs Unlimited web traffic Choice of Premium or Basic mailboxes Hosted Exchange
More informationSingle Sign-on (SSO) technologies for the Domino Web Server
Single Sign-on (SSO) technologies for the Domino Web Server Jane Marcus December 7, 2011 2011 IBM Corporation Welcome Participant Passcode: 4297643 2011 IBM Corporation 2 Agenda USA Toll Free (866) 803-2145
More informationMod 3: Office 365 DirSync, Single Sign-On & ADFS
Office 365 for SMB Jump Start Mod 3: Office 365 DirSync, Single Sign-On & ADFS Chris Oakman Managing Partner Infrastructure Team Eastridge Technology Stephen Hall CEO & SMB Technologist District Computers
More informationSTRONGER AUTHENTICATION for CA SiteMinder
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
More informationWhite paper December 2008. IBM Tivoli Access Manager for Enterprise Single Sign-On: An overview
White paper December 2008 IBM Tivoli Access Manager for Enterprise Single Sign-On: An overview Page 2 Contents 2 Executive summary 2 The enterprise access challenge 3 Seamless access to applications 4
More informationStrong Authentication for Microsoft TS Web / RD Web
Strong Authentication for Microsoft TS Web / RD Web with Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright Copyright 2011. CRYPTOCard
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationBTC STUDENT EMAIL GUIDE
BTC STUDENT EMAIL GUIDE All students have a BTC email account. If you are unable to access your account, please contact your instructor. Student Email Each student has an email account. Your email address
More informationINUVIKA OPEN VIRTUAL DESKTOP FOUNDATION SERVER
INUVIKA OPEN VIRTUAL DESKTOP FOUNDATION SERVER OVERVIEW OF OPEN VIRTUAL DESKTOP Mathieu SCHIRES Version: 1.0.2 Published April 9, 2015 http://www.inuvika.com Contents 1 Introduction 2 2 Terminology and
More informationHow To Manage A Plethora Of Identities In A Cloud System (Saas)
TECHNICAL WHITE PAPER Intel Cloud SSO How Intel Cloud SSO Works Just as security professionals have done for ages, we must continue to evolve our processes, methods, and techniques in light of the opportunities
More informationExchange 2010 ActiveSync: Connection
Westlands School Exchange 2010 ActiveSync: Connection Staff mobile phone email access Exchange 2010 ActiveSync provides Westlands School Staff with external access to their school email account from a
More information2 Configuring GroupWise Mobility Service to Support Microsoft Outlook Clients
GroupWise Mobility Service 2.1 for Microsoft Outlook 2013 First Look - February 2015 GroupWise Mobility Service 2.1 allows the Microsoft Outlook 2013 client for Windows and the Microsoft Outlook app to
More informationRequirements Collax Security Gateway Collax Business Server or Collax Platform Server including Collax SSL VPN module
Collax SSL VPN Howto This howto describes the easy configuration of a Collax server as SSL VPN gateway in order to enable external access to selected applications in the company network. Except for a common
More informationPostFiles. The file sharing and synchronization solution dedicated to professionals. www.oodrive.com
PostFiles The file sharing and synchronization solution dedicated to professionals www.oodrive.com Share all file types, regardless of size or format. Synchronize and read files across several devices.
More informationThe increasing popularity of mobile devices is rapidly changing how and where we
Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to
More informationStrong Authentication for Microsoft SharePoint
Strong Authentication for Microsoft SharePoint with Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright Copyright 2011. CRYPTOCard
More informationINTRODUCTION OF IPAD USE AT UT. Introduction of ipad use at the University of Twente... 1. Content... 1. 1. Introduction... 2
CONTENT INTRODUCTION OF IPAD USE AT UT Introduction of ipad use at the University of Twente... 1 Content... 1 1. Introduction... 2 2. BEFORE YOU GET STARTED... 2 3. Setting to work... 2 3.1. Purchase...
More information