PortWise Access Management Suite



Similar documents
PortWise Access Management Suite

TRUSTED IDENTITIES, MANAGED ACCESS Implementing an Identity and Access Management Strategy for the Mobile Enterprise. Introduction.

Secure Remote Access Give users in office remote access anytime, anywhere

nexus Hybrid Access Gateway

PortWise 4.7. PortWise Sales FAQ. Sales FAQ & Licensing Guide

WatchGuard SSL 2.0 New Features

ADMINISTRATOR S GUIDE

Professional Integrated SSL-VPN Appliance for Small and Medium-sized businesses

BlackShield ID Agent for Remote Web Workplace

Controlling Web Access with BMC Web Access Manager WHITE PAPER

StoneGate Administrator's Guide SSL VPN 1.1

ADDING STRONGER AUTHENTICATION for VPN Access Control

NCSU SSO. Case Study

The Essential Security Checklist. for Enterprise Endpoint Backup

A brief on Two-Factor Authentication

Extranet Access Management Web Access Control for New Business Services

Permeo Technologies WHITE PAPER. HIPAA Compliancy and Secure Remote Access: Challenges and Solutions

Authentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business

Security Overview Enterprise-Class Secure Mobile File Sharing

Best Practices for Secure Remote Access. Aventail Technical White Paper

Dell SonicWALL Secure Virtual Assist: Clientless remote support over SSL VPN

Achieving PCI-Compliance through Cyberoam

BlackShield ID Agent for Terminal Services Web and Remote Desktop Web

White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution

STRONGER AUTHENTICATION for CA SiteMinder

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Contextual Authentication: A Multi-factor Approach

Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper

The Cloud, Mobile and BYOD Security Opportunity with SurePassID

FileCloud Security FAQ

Strong Authentication for Microsoft SharePoint

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)

Securing access to Citrix applications using Citrix Secure Gateway and SafeWord. PremierAccess. App Note. December 2001

Novell Access Manager SSL Virtual Private Network

Understanding Enterprise Cloud Governance

Using Entrust certificates with VPN

"Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary

TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION

SSL VPN Grows Up: Time to Demand More from Your Next SSL VPN

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

Entrust IdentityGuard Comprehensive

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

Identity in the Cloud

PCI Requirements Coverage Summary Table

GFI White Paper PCI-DSS compliance and GFI Software products

RSA SecurID Two-factor Authentication

External authentication with Astaro AG Astaro Security Gateway UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy

HOTPin Integration Guide: Google Apps with Active Directory Federated Services

Move over, TMG! Replacing TMG with Sophos UTM

How To Manage A Plethora Of Identities In A Cloud System (Saas)

SAP SECURITY AND AUTHORIZATIONS - RISK MANAGEMENT AND COMPLIANCE WITH LEGAL REGULATIONS IN THE SAP ENVIRONMENT

HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services

Client Security Risk Assessment Questionnaire

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

SAS Agent for Outlook Web App

What s New in Juniper s SSL VPN Version 6.0

Introduction to the Mobile Access Gateway

Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief

A Guide to New Features in Propalms OneGate 4.0

Dell SonicWALL and SecurEnvoy Integration Guide. Authenticating Users Using SecurAccess Server by SecurEnvoy

What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS

Did you know your security solution can help with PCI compliance too?

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

White Paper. FFIEC Authentication Compliance Using SecureAuth IdP

SAS Agent for Outlook Web Access

White Paper Secure Reverse Proxy Server and Web Application Firewall

ADAPTIVE USER AUTHENTICATION

HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services

Microsoft Windows Intune: Cloud-based solution

Quest InTrust. Version 8.0. What's New. Active Directory Exchange Windows

Enterprise Solution for Remote Desktop Services System Administration Server Management Server Management (Continued)...

Secure remote access to your applications and data. Secure Application Access

SAP Single Sign-On 2.0 Overview Presentation

Cisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release

F5 BIG-IP: Configuring v11 Access Policy Manager APM

Adding Stronger Authentication to your Portal and Cloud Apps

CA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam

Interwise Connect. Working with Reverse Proxy Version 7.x

Symantec Mobile Management 7.1

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

DIGIPASS Authentication for Citrix Access Gateway VPN Connections

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

White paper. Four Best Practices for Secure Web Access

Mobile Access R Administration Guide. 13 August Classification: [Protected]

Clavister InSight TM. Protecting Values

RSA Authentication Manager 7.1 Security Best Practices Guide. Version 2

PCI Requirements Coverage Summary Table

OVERVIEW. DIGIPASS Authentication for Office 365

Enterprise Mobility Management Migration Migrating from Legacy EMM to an epo Managed EMM Environment. Paul Luetje Enterprise Solutions Architect

Step by step guide to implement SMS authentication to Cisco ASA Clientless SSL VPN and Cisco VPN

How To Integrate Watchguard Xtm With Secur Access With Watchguard And Safepower 2Factor Authentication On A Watchguard 2T (V2) On A 2Tv 2Tm (V1.2) With A 2F

Transcription:

Create secure virtual access for your employees, partners and customers from any location and any device. With todays global and homogenous economy, the accuracy and responsiveness of an organization s business processes play a key role in its ability to execute and reach its overall business goals. Many companies realize that they need to increase the efficiency and productivity of their workforce, and in order to do so they need to provide their employees with solutions for more flexible working. However, security considerations often prevent a successful deployment of corporate remote access services. For a successful remote access rollout, the following questions need to be addressed: How do we guarantee the user is who he claims to be? How do we know the connecting device is free from Trojans and other malicious software? Is the connection secure? How do we ensure data and application integrity when the network boundary effectively moves beyond the corporate network premises? PortWise Access Management Unlike most remote access solution vendors, PortWise offers a security solution that effectively addresses all of the issues mentioned above. PortWise provides a six-step process to ensure secure and convenient remote connections without compromising security. These six steps include: Assessment of end-user devices Authentication of user s identity Authorization to access applications Access through an encrypted connection Audit of user activity Abolishment of user data PortWise Access Manager and Authentication Server is an integrated software suite developed to help organizations make 1

business applications available for remote users in a secure and convenient manner. The product suite includes a comprehensive security feature set. Application Delivery PortWise utilizes clientless SSL VPN technology enabling access to applications by remote users, without having to install proprietary client software on the user s device. And, PortWise utilizes web browser technology to access corporate data. Hence, PortWise supports every device or handset with a built-in web browser. Applications are made available to the end-user though a userfriendly web portal interface and every data transaction is secured with industry standard SSL encryption. Three different access modes are available: Web Access provides remote access to web applications through an SSL proxy. The PortWise SSL proxy mechanism is based on an advanced link translation engine to ensure support for all web applications. Port Access provides access to non-web applications that run on specific IP ports. Port-based access is handled through an on-demand SSL VPN client based on Java or ActiveX technology. Internet Demilitarized Zone (DMZ) Corporate Network Portwise Access Manager SSL VPN SSO Access Enforcement Secure remote connections Customer Employees Partners WebPasswords PKI Token OTP via SMS OTP Token Soft Token Authentication & Policy Server Web Forms WinLogon SOAP-Ticket SAML2.0 Groupware Web-Applications Terminal Server WebServices File Access Cloud 2

The PortWise client is transparently installed on the user s device when needed. Network Access provides access to a specific range of IP ports, servers, or networks. End-point Integrity To ensure that malicious software never gets access to the internal network, the integrity of the end-user devices must be checked to guarantee that they meet the security requirements set forth by the organization. This is a crucial step in providing in-depth security since more threats focus on the end-point rather than the network firewall today. Before a user is allowed access, a device scan can be performed to guarantee that the device complies with the corporate security requirements in terms of anti-virus software, personal firewall configurations, and software upgrades. When the user ends a PortWise session, a cleanup procedure can be performed on the end-point to remove all traces of the session, including cookies, URL history, cached pages, registry entries, and downloaded components. Integrated Strong Authentication Identities can easily be faked or stolen. Static passwords are either passed on to non-trusted parties by unknowing users or by malicious software tools. Any organization providing remote access based on static passwords is vulnerable and most likely unable to withstand intrusion attempts. To guarantee a user s true identity, authentication should be based on multiple factors. A multi-factor authentication model can not easily be compromised as it combines a user password/pin with a personal possession, such as a security token. The integrated authentication service in the PortWise Access Management suite provides a framework for multi-factor user authentication that allows deployment of secure and convenient strong user authentication throughout the whole organization. PortWise authentication mechanisms can also be utilized by 3

other access solutions through a standard RADIUS interface. The following authentication mechanisms are available: Mobile Two-Factor Authentication uses a consumer device the user already owns, such as a mobile, PDA, or Blackberry, to generate or receive a unique one-time password. Strong One-Factor Authentication The unique PortWise Web Keypad protects the user and the enterprise from Trojans and spyware. External authentication solutions, such as hard tokens, smartcards, and PKI solutions, can be used by PortWise in addition to the built-in authentication mechanisms. Any OATH HOTP compliant security token can be imported and used for user authentication in PortWise. OATH is an initiative to provide an open architecture for tokenbased user authentication that enables customers to replace existing proprietary security solutions and lower their TCO. Single Sign-On During a session, users normally interact with multiple backend systems and data resources, many of which require additional user logins. To create a secure and user-friendly access environment, PortWise includes Single Sign-On mechanisms to provide transparent login to back-end applications. The user signs in once to the PortWise Authentication Service, and subsequent authentication to back-end applications is then handled by the system, without any user interaction. To extend the concept of Single Sign-On, PortWise includes functionality for identity federation between separate administrative domains. With identity federation, a single identity can be used to access applications and resources from multiple departments or external business partners, ideal for easy information sharing in a B2B environment or in company merger scenarios. Policy Management Integrating all aspects of Identity and Access Management into a single, cohesive and integrated policy delivers significant security, 4

scale and auditing benefits to an organization. Leveraging the different core technologies included in the PortWise platform, a granular access control policy can be created that effectively determines what a user should gain access to, at any given time. Access policies can be applied on specific applications, IP/port sets and networks and are evaluated using both real-time and static information, such as: User device Grant access based on device type and end-point integrity. Authentication How did the user authenticate? User s role Who is the user, and what is the user s role in the organization? User roles can be defined in PortWise, or provided by an external user directory through PortWise user directory service integration. Network Create access rules based on the user s MAC address or IP address. Audit & Reporting Whether for corporate governance or regulatory compliance with standards such as ISO1771, Sarbanes-Oxley, or Gramm- Leach-Bliley HIPPA, knowing who did what in the enterprise, and which application was accessed from where, is imperative. PortWise includes a number of features to help compliance officers, and corporate governance teams. Consolidated and Comprehensive Audit PortWise collects indepth information about any identity or access activity in a central repository for easy access. Find out exactly who did what when, where and how. PortWise is fully compliant with Sarbanes-Oxley, Gramm-Leach-Bliley, HIPAA, Basel II, and 21 CFR Part 11, among many others. Graphical Reporting All information in the PortWise audit logs can be shown in many different graphical formats (pie charts, line charts, 3D charts, bar charts, etc.) in both real-time and over a historical period. For further data mining and asset management, PortWise can export audit data to Excel or Crystal Reports. 5

Audit Policy Management Comprehensive security feature set is included in the Product Suite End-point Security Identity Federation Single Sign-On SSL VPN Strong Authentication Enterprise Administration PortWise provides a central console for the administration of all features included in the PortWise Access Management suite. Real-time alerts can be defined to provide proactive awareness through email and SMS. Support for delegated management allows an organization to create administrator roles with limited privileges to shift administrative rights from one organizational level/department to another. User account management can be partly or completely automated with the PortWise user self-service module to offload the corporate IT administration. With support for multi-domains, an organization can host multiple virtual application portals within one single PortWise system. An organization or service provider can customize the user interface and access policy rule sets for separate user domains and administrate them through a single administration interface. 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information