White Paper. McAfee Cloud Single Sign On Reviewer s Guide
|
|
- Noel Mosley
- 8 years ago
- Views:
Transcription
1 White Paper McAfee Cloud Single Sign On Reviewer s Guide
2 Table of Contents Introducing McAfee Cloud Single Sign On 3 Use Cases 3 Key Features 3 Provisioning and De-Provisioning 4 Single Sign On and Authentication 4 IP-initiated SSO 4 SP-initiated SSO 5 Multi-factor Authentication 5 Monitoring and Management 6 Pricing and Support 7 Getting Started 7 2 McAfee Cloud Single Sign On Reviewer s Guide
3 Organizations of all sizes around the world are adopting the Software-as-a-Service (SaaS) model, but many are concerned about protecting the security of their enterprise applications and data in the cloud. They also want to reduce the expense and IT administrative overhead of managing access to cloud applications. McAfee Cloud Single Sign On is an identity and access management (IAM) solution designed to enable enterprises to securely control and monitor employee (or other stakeholder) access to SaaS applications. Features include standards-based federated single sign-on; provisioning/de-provisioning of user accounts (automatically synchronized with enterprise identity repositories); fully integrated multi-factor authentication for stronger data protection; and a management console with dashboard for monitoring, management, and compliance reporting of all identity events. Introducing McAfee Cloud Single Sign On McAfee Cloud Single Sign On is an IAM solution for managing user accounts and access to SaaS applications. It s designed for companies that are outsourcing applications to the cloud to cut costs and provide users with access to industry-leading applications. But moving to the cloud comes with its own set of risks and IT management headaches. Use Cases Provisioning When a company outsources applications to the cloud, someone has to manage user access to those SaaS applications. Manual account administration can quickly become a big expense. For example, if an average administrator takes five minutes to create or delete a SaaS account, and each employee requires access to 10 SaaS applications, on average, that s 50 minutes required per hire or termination. If you multiply that by the rate of new hires, the time and expense involved quickly adds up. De-provisioning Similarly, it s vital to make sure those SaaS accounts are rapidly disabled or deleted when the user leaves the organization. Otherwise, a disgruntled ex-employee may still have access to sensitive information, which they could potentially share with your competitors. Password management If your organization is like most, each user has multiple user IDs and passwords. The problem becomes even worse if your security team requires strong password policies, like combining numbers and special characters or forcing arbitrary password changes. As a result, most users write down their passwords and store them in a convenient, insecure location; sticky notes with passwords adhered to keyboards or tacked to a bulletin board abound in many organizations or, because of strong password policies, users tend to use the same password for the majority of their applications. Strong authentication If you re moving sensitive data or applications into the cloud, you need to be concerned about how to verify that only known, authorized individuals or groups have access to those applications, so you can reduce the potential for a breach. Key Features Provides tools to automatically create and delete SaaS application accounts for users, making it easy for IT to add or terminate user accounts and ensure that ex-employees no longer have access Provides secure, standards-based single sign-on (SSO) for hundreds of popular SaaS applications to make life easier for users, while slashing the number of password-related helpdesk calls Includes multi-factor authentication using a one-time password (OTP) delivered via any mobile device (such as a mobile phone) to protect sensitive assets in the cloud by forcing the user to verify his identity 3 McAfee Cloud Single Sign On Reviewer s Guide
4 Provisioning and De-Provisioning McAfee Cloud Single Sign On provides connectors for Microsoft Active Directory (AD) and other lightweight directory access protocol (LDAP)-enabled directory services. Other identity profile sources include relational database management systems, enterprise IAM systems from vendors like IBM, Oracle, CA, NetIQ (Novell), web services, and file-based repositories. Identity repository connectors can be used for synchronized provisioning and de-provisioning as well as user authentication. Provisioning can be synchronized with identity repositories to automatically create and terminate SaaS applications for new hires or when a user leaves the organization. Policies can be defined to create SaaS accounts on specific applications, based on user profile elements. For example, the system administrator can create AD groups and define rules that new user accounts in sales are automatically provisioned with a Salesforce.com account, while those assigned to the marketing group are provided with a Marketo account. Just-in-time (JIT) provisioning allows you to dynamically create an account using the Security Assertion Markup Language (SAML) protocol. With JIT provisioning, you create an account the first time the user tries to access the application. However, since JIT provisioning is not synchronized with AD, it does not support automated de-provisioning. Single Sign-On and Authentication Single sign-on (SSO) has multiple advantages. Using SSO reduces or completely eliminates the need for a user to remember multiple combinations of user IDs and passwords. This removes the temptation to reuse the same password for multiple applications or to write down and post passwords in insecure locations. It also significantly eliminates the need to manage complex password reset processes (such as creating and responding to a series of private questions) or maintaining a helpdesk unit to reset passwords for users. McAfee Cloud Single Sign On includes more than 400 SSO and provisioning connectors. Unlike other competing products, McAfee Cloud Single Sign On supports multiple SSO models, providing the broadest range of authentication models in the industry. Federated SSO The default, preferred SSO security model is federated SSO using well-known, mature industry standards, such as SAML. Other SSO or authentication standards that are supported include OpenID and OAuth. API Some applications that don t support standards expose a proprietary SSO API, which McAfee Cloud Single Sign On can use Agent-based There are also applications which can be SSO-enabled by deploying an agent on the platform. McAfee Cloud Single Sign On provides the ability to deploy.net, Java, or PHP agents. HTTP POST Finally, the lowest common denominator is the SaaS application that requires the user to enter credentials via an HTML form. In this use case, McAfee Cloud Single Sign On provides the ability to capture the user ID and password the first time the user attempts to log on and then encrypts and vaults the credentials and replays them using the HTTP POST protocol whenever the user accesses the application after that. McAfee Cloud Single Sign On also includes generic connectors that can be used to create customized SSO connectors, where one is not available for a target SaaS application. IP-initiated SSO McAfee Cloud Single Sign On supports both identity provider (IP)-initiated SSO and service provider (SP)-initiated SSO. In IP-initiated SSO, the user logs directly into the SSO portal (see Figure 1). If Integrated Windows Authentication (IWA) is enabled by the system administrator, the user can access the SSO portal without entering any further credentials. (McAfee Cloud Single Sign On picks up the IWA Kerberos ticket and uses it to authenticate the user to the portal.) Once the user is authenticated to the portal, a dynamically generated landing page is displayed that contains links to all the SaaS applications that the user has access to. Note that the user can t see an application that he doesn t have access to. At that point, the user simply clicks on the link and is transparently redirected to the target application, without being required to enter a user ID or password. 4 McAfee Cloud Single Sign On Reviewer s Guide
5 Figure 1. End-user McAfee Cloud Single Sign On portal. SP-initiated SSO Alternatively, in the SP-initiated scenario, when users try to access the SaaS application directly, they are redirected to the SSO portal, where they must enter their credentials before being given access to the application. Multi-factor Authentication McAfee Cloud Single Sign On administrators can configure two different multi-factor authentication scenarios. The system administrator can protect the SSO portal itself with multi-factor authentication and require the user to enter an OTP before gaining access. 1 Alternatively, the system administrator can configure any individual SaaS application with OTP protection, requiring the user to enter an OTP in order to gain access. The OTP server included in McAfee Cloud Single Sign On is based on McAfee One Time Password. The software can be used for out-of-band authentication using a variety of channels, including: Smartphone app: Apple iphone, Apple ipad, Android, BlackBerry, Windows Mobile SMS text message PC-based client application , IM, or chat Third-party device, such as YubiKey USB token 5 McAfee Cloud Single Sign On Reviewer s Guide
6 Figure 2. OTP smart phone app. Figure 3. McAfee Cloud Single Sign On console. Figure 2 shows an example of the McAfee One Time Password app installed on a smartphone. Note that, unlike a hardware token, a soft token can be used to manage access to multiple SaaS applications. When the user is prompted to enter a one-time password, he goes to his phone, taps the Generate one-time password button on the app, retrieves the OTP created by the app, and enters it into the screen prompt. The app does not require the user to have an active cell phone link with the OTP server. If the user has an ordinary cell phone, rather than a smartphone, the OTP server can send it to the user as a short message service (SMS) text message, which requires the user to have an active cell signal. McAfee Cloud Single Sign On supports other forms of multi-factor authentication, such as Intel Identity Protection Technology (Intel IPT). Intel IPT is a chip embedded on the motherboard of Intel Ultrabook computers. It enables an administrator to restrict access to a known, registered, properly configured laptop. The PC itself becomes another form of two-factor authentication. Monitoring and Management McAfee Cloud Single Sign On includes a management console (see Figure 3) that is used by the administrator to: Add and configure SaaS applications, including SSO and provisioning connectors, application-specific multi-factor authentication, and other application-specific parameters Add and configure user accounts Monitor use activity through a live dashboard showing current activity, such as logins, logouts, errors, and more McAfee Cloud Single Sign On collects comprehensive data on all identity events, which can be used to generate reports used to track historical activity or for compliance/audit reporting. 6 McAfee Cloud Single Sign On Reviewer s Guide
7 Pricing and Support McAfee Cloud Single Sign On is sold as an annual subscription. Subscription pricing varies from a maximum of just under $5/user/month down to below $1/user/month, depending on the number of user licenses and the subscription duration (one, two, or three years). The license includes: Unlimited use of more than 400 cloud connectors for provisioning and SSO Some competitors charge extra for additional connectors Tools to create custom connectors McAfee Professional Services is also available to create customer connectors Built-in multi-factor authentication using McAfee One Time Password soft token technology Some competitors charge extra for multi-factor authentication 24/7 support services Some competitors charge extra for support outside normal business hours Integration with McAfee Web Protection Users can log onto McAfee Web Gateway and directly log onto the McAfee Cloud Single Sign On portal without re-entering credentials. McAfee also has developed a roadmap for adding integration with other McAfee cloud security solutions. The assurance that comes from dealing with the largest independent security software vendor in the world Getting Started McAfee Cloud Single Sign On can be installed on a Windows or Linux server, in either 32-bit or 64-bit configurations. The installation package includes all McAfee Cloud Single Sign On services: Identity and SSO service Provisioning service Built-in OTP server The software can be installed: On-premises or in the cloud On any virtual appliance, Amazon EC2, or DMZ-ready hardware appliance System requirements: Browsers: Internet Explorer 6, 8, or higher; Firefox 3.6 or higher; Chrome 16 or higher; Safari or higher Mobile browsers: Android 2.0 devices; ios devices and Safari browser Server operating system: 32-bit or 64-bit Red Hat Enterprise Linux Server and Advanced Platform 5.0 Microsoft Windows Server 2003 or Windows Server 2008 Hardware requirements: Intel multi-core server with 2 GB RAM Title Provisioning Guide Product Guide Installation Guide Integration Guide Description A complete guide to the management console; covers the configuration tasks needed to administer McAfee Cloud Single Sign On. Provides information for software developers who want to write custom Java code that extends McAfee Cloud Single Sign On functionality. Includes the tasks and procedures that you need to install and uninstall McAfee Cloud Single Sign On as a stand-alone server on Microsoft Windows and Linux operating system platforms. The guide also includes how to start and stop the McAfee Cloud Single Sign On service after it is installed. Offers instructions on how to integrate Java-based and.net web applications that do not support SAML2 authentication with McAfee Cloud Single Sign On. Note: In addition to these guides, there are separate guides that document how to configure the different cloud connectors. For more information, see the Provisioning Guide. 7 McAfee Cloud Single Sign On Reviewer s Guide
8 About McAfee McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world s largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse, and shop the web more securely. Backed by its unrivaled global threat intelligence, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe. 1 McAfee One Time Password can also be deployed to deliver multi-factor authentication for VPN access and other use cases not related to McAfee Cloud Single Sign On. 2 For more information, visit Mission College Boulevard Santa Clara, CA McAfee and the McAfee logo are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications, and descriptions herein are provided only for information and are subject to change without notice. They are provided without warranty of any kind, expressed or implied. Copyright 2013 McAfee, Inc wp_cloud-sso-rev-gde_0413_fnl_ASD
Identity in the Cloud
White Paper Identity in the Cloud Use the cloud without compromising enterprise security Table of Contents The Cloud Conundrum 3 Managing Cloud Identity 3 The Identity Lifecycle 4 SaaS Single Sign-On 4
More informationHow To Manage A Plethora Of Identities In A Cloud System (Saas)
TECHNICAL WHITE PAPER Intel Cloud SSO How Intel Cloud SSO Works Just as security professionals have done for ages, we must continue to evolve our processes, methods, and techniques in light of the opportunities
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationEmail Encryption Made Simple
White Paper For organizations large or small Table of Contents Who Is Reading Your Email? 3 The Three Options Explained 3 Organization-to-organization encryption 3 Secure portal or organization-to-user
More informationService Updates and Enhancements
Service Updates and Enhancements May 8, 2013 McAfee understands that providing the tools for a trusted communication environment is our primary directive. Accomplishing this goal requires listening to
More informationMcAfee Cloud Single Sign On
Setup Guide Revision B McAfee Cloud Single Sign On COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee, the McAfee logo, McAfee Active Protection, McAfee
More informationMcAfee Cloud Identity Manager
SAML2 Cloud Connector Guide McAfee Cloud Identity Manager version 1.2 or later COPYRIGHT Copyright 2013 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed,
More informationMcAfee Cloud Identity Manager
Salesforce Cloud Connector Guide McAfee Cloud Identity Manager version 1.1 or later COPYRIGHT Copyright 2013 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted,
More informationAdding Stronger Authentication to your Portal and Cloud Apps
SOLUTION BRIEF Cyphercor Inc. Adding Stronger Authentication to your Portal and Cloud Apps Using the logintc April 2012 Adding Stronger Authentication to Portals Corporate and consumer portals, as well
More informationAn Overview of Samsung KNOX Active Directory-based Single Sign-On
C E N T R I F Y W H I T E P A P E R. S E P T E M B E R 2013 An Overview of Samsung KNOX Active Directory-based Single Sign-On Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationLeveraging SAML for Federated Single Sign-on:
Leveraging SAML for Federated Single Sign-on: Seamless Integration with Web-based Applications whether cloudbased, private, on-premise, or behind a firewall Single Sign-on Layer v.3.2-006 PistolStar, Inc.
More informationFederated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.
PingFederate We went with PingFederate because it s based on standards like SAML, which are important for a secure implementation. John Davidson Senior Product Manager, Opower PingFederate is the leading
More informationMcAfee Enterprise Mobility Management Versus Microsoft Exchange ActiveSync
McAfee Enterprise Mobility Management Versus Microsoft Secure, easy, and scalable mobile device management Table of Contents What Can Do? 3 The smartphone revolution is sweeping the enterprise 3 Can enterprises
More informationGoogle Identity Services for work
INTRODUCING Google Identity Services for work One account. All of Google Enter your email Next Online safety made easy We all care about keeping our data safe and private. Google Identity brings a new
More informationIntegrating Single Sign-on Across the Cloud By David Strom
Integrating Single Sign-on Across the Cloud By David Strom TABLE OF CONTENTS Introduction 1 Access Control: Web and SSO Gateways 2 Web Gateway Key Features 2 SSO Key Features 3 Conclusion 5 Author Bio
More informationMcAfee Cloud Identity Manager
NetSuite Cloud Connector Guide McAfee Cloud Identity Manager version 2.0 or later COPYRIGHT Copyright 2013 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted,
More informationnexus Hybrid Access Gateway
Product Sheet nexus Hybrid Access Gateway nexus Hybrid Access Gateway nexus Hybrid Access Gateway uses the inherent simplicity of virtual appliances to create matchless security, even beyond the boundaries
More informationWHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS
WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user
More informationAn Overview of Samsung KNOX Active Directory and Group Policy Features
C E N T R I F Y W H I T E P A P E R. N O V E M B E R 2013 An Overview of Samsung KNOX Active Directory and Group Policy Features Abstract Samsung KNOX is a set of business-focused enhancements to the Android
More informationHow To Use Salesforce Identity Features
Identity Implementation Guide Version 35.0, Winter 16 @salesforcedocs Last updated: October 27, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of
More informationEmail Encryption Made Simple
Email Encryption Made Simple For organizations large or small Table of Contents Who Is Reading Your Email?....3 The Three Options Explained....3 Organization-to-organization encryption....3 Secure portal
More informationSECUREAUTH IDP AND OFFICE 365
WHITEPAPER SECUREAUTH IDP AND OFFICE 365 STRONG AUTHENTICATION AND SINGLE SIGN-ON FOR THE CLOUD-BASED OFFICE SUITE EXECUTIVE OVERVIEW As more and more enterprises move to the cloud, it makes sense that
More informationThe increasing popularity of mobile devices is rapidly changing how and where we
Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to
More informationSTRONGER AUTHENTICATION for CA SiteMinder
STRONGER AUTHENTICATION for CA SiteMinder Adding Stronger Authentication for CA SiteMinder Access Control 1 STRONGER AUTHENTICATION for CA SiteMinder Access Control CA SITEMINDER provides a comprehensive
More informationp@$5w0rd??_ 300% increase 280 MILLION 65% re-use passwords $22 per helpdesk call Passwords can no longer protect you
Freja is an innovative solution to one of the biggest problems in the Internet era: How do you securely manage identities, access and credentials for a large number of users without costs going haywire?
More informationThe Top 5 Federated Single Sign-On Scenarios
The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3
More informationPingFederate. SSO Integration Overview
PingFederate SSO Integration Overview 2006-2012 Ping Identity Corporation. All rights reserved. PingFederate SSO Integration Overview Version 6.6 January, 2012 Ping Identity Corporation 1001 17th Street,
More informationNew Single Sign-on Options for IBM Lotus Notes & Domino. 2012 IBM Corporation
New Single Sign-on Options for IBM Lotus Notes & Domino 2012 IBM Corporation IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM s sole
More informationThe Cloud, Mobile and BYOD Security Opportunity with SurePassID
The Cloud, Mobile and BYOD Security Opportunity with SurePassID Presentation for MSPs and MSSPs January 2014 SurePassID At A Glance Founded 2009 Headquartered in Orlando, FL 6 sales offices in North America,
More informationIdentity. Provide. ...to Office 365 & Beyond
Provide Identity...to Office 365 & Beyond Sponsored by shops around the world are increasingly turning to Office 365 Microsoft s cloud-based offering for email, instant messaging, and collaboration. A
More informationWhen your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.
Deployment Guide Revision C McAfee Web Protection Hybrid Introduction Web Protection provides the licenses and software for you to deploy Web Gateway, SaaS Web Protection, or a hybrid deployment using
More informationConnecting Users with Identity as a Service
Ping Identity has demonstrated support for multiple workforce and external identity use cases, as well as strong service provider support. Gregg Kreizman Gartner 1 Connecting Users with Identity as a Service
More informationMcAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software
McAfee Global Threat Intelligence File Reputation Service Best Practices Guide for McAfee VirusScan Enterprise Software Table of Contents McAfee Global Threat Intelligence File Reputation Service McAfee
More informationWhite paper December 2008. Addressing single sign-on inside, outside, and between organizations
White paper December 2008 Addressing single sign-on inside, outside, and between organizations Page 2 Contents 2 Overview 4 IBM Tivoli Unified Single Sign-On: Comprehensively addressing SSO 5 IBM Tivoli
More informationmanaging SSO with shared credentials
managing SSO with shared credentials Introduction to Single Sign On (SSO) All organizations, small and big alike, today have a bunch of applications that must be accessed by different employees throughout
More informationCloud Identity Buyer s Guide
WHITE PAPER Cloud Identity Buyer s Guide Identity & Access Management In the Cloud Paper Focus: Outsourcing identity and access management to the cloud IAM for SaaS apps tradeoffs and concerns Implementation,
More informationEmail Encryption Made Simple
Email Encryption For Organizations Large or Small Table of Contents Introduction 3 Who is reading your email? 3 The Three Options Explained 3 Organization-to-organization encryption 3 Secure portal or
More informationDirectory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA 94107. info@okta.
Directory Integration with Okta An Architectural Overview Okta Inc. 301 Brannan Street San Francisco, CA 94107 info@okta.com 1-888-722-7871 Contents 1 User Directories and the Cloud: An Overview 3 Okta
More informationRSA SecurID Software Token 1.3 for iphone and ipad Administrator s Guide
RSA SecurID Software Token 1.3 for iphone and ipad Administrator s Guide Contact Information See the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks
More informationEXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES
pingidentity.com EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES Best practices for identity federation in AWS Table of Contents Executive Overview 3 Introduction: Identity and Access Management in Amazon
More informationsolution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service?
solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service? provides identity and access management capabilities as a hosted cloud service. This allows you to quickly
More informationRSA SecurID Two-factor Authentication
RSA SecurID Two-factor Authentication Today, we live in an era where data is the lifeblood of a company. Now, security risks are more pressing as attackers have broadened their targets beyond financial
More informationOut-of-Band Multi-Factor Authentication Cloud Services Whitepaper
Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper StrikeForce Technologies, Inc. 1090 King Georges Post Rd. Edison, NJ 08837, USA Tel: 732 661-9641 Fax: 732 661-9647 http://www.sftnj.com
More informationFor details about using automatic user provisioning with Salesforce, see Configuring user provisioning for Salesforce.
Chapter 41 Configuring Salesforce The following is an overview of how to configure the Salesforce.com application for singlesign on: 1 Prepare Salesforce for single sign-on: This involves the following:
More informationADDING STRONGER AUTHENTICATION for VPN Access Control
ADDING STRONGER AUTHENTICATION for VPN Access Control Adding Stronger Authentication for VPN Access Control 1 ADDING STRONGER AUTHENTICATION for VPN Access Control A VIRTUAL PRIVATE NETWORK (VPN) allows
More informationUsing SAML for Single Sign-On in the SOA Software Platform
Using SAML for Single Sign-On in the SOA Software Platform SOA Software Community Manager: Using SAML on the Platform 1 Policy Manager / Community Manager Using SAML for Single Sign-On in the SOA Software
More informationSAP Cloud Identity Service Document Version: 1.0 2014-09-01. SAP Cloud Identity Service
Document Version: 1.0 2014-09-01 Content 1....4 1.1 Release s....4 1.2 Product Overview....8 Product Details.... 9 Supported Browser Versions....10 Supported Languages....12 1.3 Getting Started....13 1.4
More informationIntegration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Salesforce
SafeNet Authentication Service Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationConfiguring Salesforce
Chapter 94 Configuring Salesforce The following is an overview of how to configure the Salesforce.com application for singlesign on: 1 Prepare Salesforce for single sign-on: This involves the following:
More informationIdentity as a Service Powered by NetIQ IdentityAccess Service Configuration and Administration Guide
Identity as a Service Powered by NetIQ IdentityAccess Service Configuration and Administration Guide December 2015 www.netiq.com/documentation Legal Notice For information about NetIQ legal notices, disclaimers,
More informationGOOD PRACTICE GUIDE 13 (GPG13)
GOOD PRACTICE GUIDE 13 (GPG13) GPG13 - AT A GLANCE Protective Monitoring (PM) is based on Good Practice Guide 13 Comprises of 12 sections called Proactive Monitoring Controls 1-12 Based on four Recording
More informationInteroperate in Cloud with Federation
Interoperate in Cloud with Federation - Leveraging federation standards can accelerate Cloud computing adoption by resolving vendor lock-in issues and facilitate On Demand business requirements Neha Mehrotra
More informationAutomating User Management and Single Sign-on for Salesforce.com OKTA WHITE PAPER. Okta Inc. 400 2nd Street Suite 350 San Francisco CA, 94107
OKTA WHITE PAPER Automating User Management and Single Sign-on for Salesforce.com Okta Inc. 400 2nd Street Suite 350 San Francisco CA, 94107 info@okta.com 1-888-722-7871 Table of Contents 1 The Growth
More informationPingFederate. Salesforce Connector. Quick Connection Guide. Version 4.1
PingFederate Salesforce Connector Version 4.1 Quick Connection Guide 2011 Ping Identity Corporation. All rights reserved. PingFederate Salesforce Quick Connection Guide Version 4.1 June, 2011 Ping Identity
More informationIdentity Implementation Guide
Identity Implementation Guide Version 37.0, Summer 16 @salesforcedocs Last updated: May 26, 2016 Copyright 2000 2016 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com,
More informationSalesforce1 Mobile Security Guide
Salesforce1 Mobile Security Guide Version 1, 1 @salesforcedocs Last updated: December 8, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of salesforce.com,
More informationIncrease the Security of Your Box Account With Single Sign-On
A Box White Paper Increase the Security of Your Box Account With Single Sign-On Box s high level of security, 24x7 support and 99.9% uptime are critical for us. The biggest benefits are the reliability
More informationCopyright 2013, 3CX Ltd. http://www.3cx.com E-mail: info@3cx.com
Manual Copyright 2013, 3CX Ltd. http://www.3cx.com E-mail: info@3cx.com Information in this document is subject to change without notice. Companies names and data used in examples herein are fictitious
More informationExtend and Enhance AD FS
Extend and Enhance AD FS December 2013 Sponsored By Contents Extend and Enhance AD FS By Sean Deuby Introduction...2 Web Service SSO Architecture...3 AD FS Overview...5 Ping Identity Solutions...7 Synergy
More informationChoosing an SSO Solution Ten Smart Questions
Choosing an SSO Solution Ten Smart Questions Looking for the best SSO solution? Asking these ten questions first can give your users the simple, secure access they need, save time and money, and improve
More informationThe Who, What, When, Where and Why of IAM Bob Bentley
The Who, What, When, Where and Why of IAM Bob Bentley Product Management Director October 2014 It s a Jungle Out There IAM is more than just provisioning user accounts and managing access to web pages
More informationBlending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access
Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access Vikas Jain Director, Product Management Intel Corporation Jesper Tohmo CTO, Nordic Edge (an Intel company) Session ID:
More informationDirectory Integration with Okta. An Architectural Overview. Okta White paper. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107
Okta White paper Directory Integration with Okta An Architectural Overview Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107 info@okta.com 1-888-722-7871 wp-dint-053013 Table of Contents
More informationand the software then detects and automates all password-related events for the employee, including:
Reduce costs, simplify access and audit access to applications with single sign-on IBM Single Sign-On Highlights Reduce password-related helpdesk Facilitate compliance with pri- costs by lowering the vacy
More informationGoogle Apps Deployment Guide
CENTRIFY DEPLOYMENT GUIDE Google Apps Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as a critical component of your corporate
More informationCybersecurity and Secure Authentication with SAP Single Sign-On
Solution in Detail SAP NetWeaver SAP Single Sign-On Cybersecurity and Secure Authentication with SAP Single Sign-On Table of Contents 3 Quick Facts 4 Remember One Password Only 6 Log In Once to Handle
More informationMobile Admin Security
Mobile Admin Security Introduction Mobile Admin is an enterprise-ready IT Management solution that generates significant cost savings by dramatically increasing the responsiveness of IT organizations facing
More informationOkta/Dropbox Active Directory Integration Guide
Okta/Dropbox Active Directory Integration Guide Okta Inc. 301 Brannan Street, 3rd Floor San Francisco CA, 94107 info@okta.com 1-888- 722-7871 1 Table of Contents 1 Okta Directory Integration Edition for
More informationWhite Paper. Getting ahead in the cloud. the need for better identity and access controls
White Paper Getting ahead in the cloud A White Paper by Bloor Research Author : Fran Howarth Publish date : March 2013 Users are demanding access to applications and services from wherever they are, whenever
More informationWHITEPAPER. NAPPS: A Game-Changer for Mobile Single Sign-On (SSO)
WHITEPAPER NAPPS: A Game-Changer for Mobile Single Sign-On (SSO) INTRODUCTION The proliferation of mobile applications, including mobile apps custom to an organization, makes the need for an SSO solution
More informationCA SiteMinder SSO Agents for ERP Systems
PRODUCT SHEET: CA SITEMINDER SSO AGENTS FOR ERP SYSTEMS CA SiteMinder SSO Agents for ERP Systems CA SiteMinder SSO Agents for ERP Systems help organizations minimize sign-on requirements and increase security
More informationMcAfee Cloud Identity Manager
SharePoint Cloud Connector Guide McAfee Cloud Identity Manager version 2.0 or later COPYRIGHT Copyright 2013 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted,
More informationCA Adapter. Installation and Configuration Guide for Windows. r2.2.9
CA Adapter Installation and Configuration Guide for Windows r2.2.9 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation
More informationRSA SecurID Software Token 1.0 for Android Administrator s Guide
RSA SecurID Software Token 1.0 for Android Administrator s Guide Contact Information See the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks RSA,
More informationWHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES
WHITEPAPER SECUREAUTH AND CAC HSPD-12 AUTHENTICATION TO WEB, NETWORK, AND CLOUD RESOURCES Executive Overview U.S. Federal mandates dictates that personal with defense related initiatives must prove access
More informationMobile Device Management Version 8. Last updated: 17-10-14
Mobile Device Management Version 8 Last updated: 17-10-14 Copyright 2013, 2X Ltd. http://www.2x.com E mail: info@2x.com Information in this document is subject to change without notice. Companies names
More informationIBM Tivoli Federated Identity Manager
IBM Tivoli Federated Identity Manager Employ user-centric federated access management to enable secure online business collaboration Highlights Enhance business-to-business and business-to-consumer collaborations
More informationWorkday Mobile Security FAQ
Workday Mobile Security FAQ Workday Mobile Security FAQ Contents The Workday Approach 2 Authentication 3 Session 3 Mobile Device Management (MDM) 3 Workday Applications 4 Web 4 Transport Security 5 Privacy
More informationPROVIDING SINGLE SIGN-ON TO AMAZON EC2 APPLICATIONS FROM AN ON-PREMISES WINDOWS DOMAIN
PROVIDING SINGLE SIGN-ON TO AMAZON EC2 APPLICATIONS FROM AN ON-PREMISES WINDOWS DOMAIN CONNECTING TO THE CLOUD DAVID CHAPPELL DECEMBER 2009 SPONSORED BY AMAZON AND MICROSOFT CORPORATION CONTENTS The Challenge:
More informationOracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009
Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009 EXECUTIVE OVERVIEW Enterprises these days generally have Microsoft Windows desktop users accessing diverse enterprise applications
More informationCA Mobile Device Management 2014 Q1 Getting Started
CA Mobile Device Management 2014 Q1 Getting Started This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is
More informationSAP NetWeaver Single Sign-On. Product Management SAP NetWeaver Identity Management & Security June 2011
NetWeaver Single Sign-On Product Management NetWeaver Identity Management & Security June 2011 Agenda NetWeaver Single Sign-On: Solution overview Key benefits of single sign-on Solution positioning Identity
More informationIT@Intel. Improving Security and Productivity through Federation and Single Sign-on
White Paper Intel Information Technology Computer Manufacturing Security Improving Security and Productivity through Federation and Single Sign-on Intel IT has developed a strategy and process for providing
More informationRSA ACCESS MANAGER. Web Access Management Solution ESSENTIALS SECURE ACCESS TO WEB APPLICATIONS WEB SINGLE SIGN-ON CONTEXTUAL AUTHORIZATION
RSA ACCESS MANAGER Web Access Management Solution ESSENTIALS Secure Access Enforces access to Web applications based on risk and context Centralizes security and enforces business policy Web Single Sign-on
More informationProposal Document TitleDocument Version 1.0 TitleDocument
G-Cloud - Strong Authentication Service - Service Definition Proposal Document Author TitleDocument Version 1.0 TitleDocument Document publication date - 02/12/2014 Title Document Classification - Public
More informationTenrox. Single Sign-On (SSO) Setup Guide. January, 2012. 2012 Tenrox. All rights reserved.
Tenrox Single Sign-On (SSO) Setup Guide January, 2012 2012 Tenrox. All rights reserved. About this Guide This guide provides a high-level technical overview of the Tenrox Single Sign-On (SSO) architecture,
More informationSingle Sign On for ShareFile with NetScaler. Deployment Guide
Single Sign On for ShareFile with NetScaler Deployment Guide This deployment guide focuses on defining the process for enabling Single Sign On into Citrix ShareFile with Citrix NetScaler. Table of Contents
More informationCritical Issues with Lotus Notes and Domino 8.5 Password Authentication, Security and Management
Security Comparison Critical Issues with Lotus Notes and Domino 8.5 Password Authentication, Security and Management PistolStar, Inc. PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200 Fax: 603.546.2309
More informationSaaS at Pfizer. Challenges, Solutions, Recommendations. Worldwide Business Technology
SaaS at Pfizer Challenges, Solutions, Recommendations Agenda How are Cloud and SaaS different in practice? What does Pfizer s SaaS footprint look like? Identity is the Issue: Federation (SSO) and Provisioning/De-provisioning
More informationFlexible Identity Federation
Flexible Identity Federation Administration guide version 1.0.1 Publication history Date Description Revision 2015.09.24 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationSophos Mobile Control SaaS startup guide. Product version: 6
Sophos Mobile Control SaaS startup guide Product version: 6 Document date: January 2016 Contents 1 About this guide...4 2 About Sophos Mobile Control...5 3 What are the key steps?...7 4 Change your password...8
More informationCentrify Cloud Management Suite
Centrify Cloud Management Suite Installation and Configuration Guide April 2013 Centrify Corporation Legal notice This document and the software described in this document are furnished under and are subject
More informationTrustedX - PKI Authentication. Whitepaper
TrustedX - PKI Authentication Whitepaper CONTENTS Introduction... 3 1... 4 Use Scenarios... 5 Operation... 5 Architecture and Integration... 6 SAML and OAuth 7 RESTful Web Services 8 Monitoring and Auditing...
More informationTop Eight Identity & Access Management Challenges with SaaS Applications. Okta White Paper
Top Eight Identity & Access Management Challenges with SaaS Applications Okta White Paper Table of Contents The Importance of Identity for SaaS Applications... 2 1. End User Password Fatigue... 2 2. Failure-Prone
More informationTop 8 Identity and Access Management Challenges with Your SaaS Applications. Okta White paper
Okta White paper Top 8 Identity and Access Management Challenges with Your SaaS Applications Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107 info@okta.com 1-888-722-7871 wp-top8-113012
More informationVMware Identity Manager Administration
VMware Identity Manager Administration VMware Identity Manager 2.4 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new
More informationHP Software as a Service
HP Software as a Service Software Version: 6.1 Federated SSO Document Release Date: August 2013 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty
More informationhttp://docs.trendmicro.com
Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the product, please review the readme files,
More informationHP Software as a Service. Federated SSO Guide
HP Software as a Service Federated SSO Guide Document Release Date: July 2014 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty statements accompanying
More information