IDENTIKEY Product Family

Similar documents
Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper

INTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server

INTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN

OVERVIEW. DIGIPASS Authentication for Office 365

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

Strong Authentication in details

IDENTIKEY Authentication Server

IDENTIKEY Appliance Administrator Guide

INTEGRATION GUIDE. DIGIPASS Authentication for Juniper SSL-VPN

INTEGRATION GUIDE. DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server

IDENTIKEY Server DIGIPASS BY VASCO. VASCO s next generation authentication server

External Authentication with Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

nexus Hybrid Access Gateway

INTEGRATION GUIDE. DIGIPASS Authentication for VMware Horizon Workspace

External authentication with Astaro AG Astaro Security Gateway UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy

A Guide to New Features in Propalms OneGate 4.0

DIGIPASS Authentication for Sonicwall Aventail SSL VPN

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access

ipad or iphone with Junos Pulse and Juniper SSL VPN appliance Authenticating Users Using SecurAccess Server by SecurEnvoy

Hosting topology SMS PASSCODE 2015

INTEGRATION GUIDE. DIGIPASS Authentication for Office 365 using IDENTIKEY Authentication Server with Basic Web Filter

DIGIPASS Authentication for Citrix Access Gateway VPN Connections

DIGIPASS Authentication for Cisco ASA 5500 Series

What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4

Interact Intranet Version 7. Technical Requirements. August Interact

IDENTIKEY Server Windows Installation Guide 3.2

IDENTIKEY Server Windows Installation Guide 3.1

INTEGRATION GUIDE. DIGIPASS Authentication for F5 FirePass

HOTPin Integration Guide: Google Apps with Active Directory Federated Services

DIGIPASS Authentication for Check Point Connectra

INTEGRATION GUIDE. DIGIPASS Authentication for Citrix NetScaler (with AGEE)

HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services

ZyWALL OTPv2 Support Notes

External Authentication with Citrix Secure Gateway - Presentation server Authenticating Users Using SecurAccess Server by SecurEnvoy

FortiAuthenticator. User Authentication and Identity Management. Last Updated: 17 th April Copyright Fortinet Inc. All rights reserved.

Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief

INTEGRATION GUIDE. DIGIPASS Authentication for Cisco ASA 5505

DIGIPASS Authentication for Check Point Security Gateways

Step by Step Guide to implement SMS authentication to F5 Big-IP APM (Access Policy Manager)

PortWise Access Management Suite

Proof of Concept Guide

DIGIPASS Authentication for GajShield GS Series

ProtectID. for Financial Services

NCP Secure Enterprise Management Next Generation Network Access Technology

Hyper-V Installation Guide. Version 8.0.0

MIGRATION GUIDE. Authentication Server

Cloud Authentication. Getting Started Guide. Version

How To Integrate Watchguard Xtm With Secur Access With Watchguard And Safepower 2Factor Authentication On A Watchguard 2T (V2) On A 2Tv 2Tm (V1.2) With A 2F

External authentication with Fortinet Fortigate UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy

BlackShield ID Best Practice

Ultra-strong authentication to protect network access and assets

SECUREAUTH IDP AND OFFICE 365

External Authentication with Windows 2003 Server with Routing and Remote Access service Authenticating Users Using SecurAccess Server by SecurEnvoy

ADMINISTRATOR S GUIDE

Flexible Identity Federation

Barracuda SSL VPN Administrator s Guide

External Authentication with Cisco ASA Authenticating Users Using SecurAccess Server by SecurEnvoy

HOTPin Integration Guide: Microsoft Office 365 with Active Directory Federated Services

NCSU SSO. Case Study

Application Security Made in Switzerland

DIGIPASS Authentication for Windows Logon Product Guide 1.1

SAP Single Sign-On 2.0 Overview Presentation

Identikey Server Windows Installation Guide 3.1

Password Management Buyer s Guide. FastPass Password Manager V 3.3 Enterprise & Service Provider Editions

DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management

Ultra-strong authentication to protect network access and assets

IDENTIKEY Server Product Guide

Secure remote access to your applications and data. Secure Application Access

SAML Authentication Quick Start Guide

IDENTIKEY Server Administrator Reference 3.1

Single Sign On for ShareFile with NetScaler. Deployment Guide

Barracuda Networks Technical Documentation. Barracuda SSL VPN. Administrator s Guide. Version 2.x RECLAIM YOUR NETWORK

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

FortiAuthenticator - What's New Guide VERSION 4.0

300% increase 280 MILLION 65% re-use passwords $22 per helpdesk call Passwords can no longer protect you

Office 365 deploym. ployment checklists. Chapter 27

DIGIPASS Authentication for Juniper ScreenOS

RSA SecurID Ready Implementation Guide

RSA Authentication Manager 8.1 Setup and Configuration Guide. Revision 2

PortWise Access Management Suite

Office 365 deployment checklists

YubiRADIUS Deployment Guide for corporate remote access. How to Guide

Virtualization and Cloud Computing

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA

MANAGE SECURE ACCESS TO APPLICATIONS BASED ON USER IDENTITY. EMEA Webinar July 2013

Creation date: 09/05/2007 Last Review: 31/01/2008 Revision number: 3

INUVIKA OPEN VIRTUAL DESKTOP FOUNDATION SERVER

TECHNICAL WHITEPAPER. Author: Tom Kistner, Chief Software Architect. Table of Contents

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

Swivel Secure and the Cloud

External Authentication with Citrix Access Gateway Advanced Edition

SAP NetWeaver Single Sign-On. Product Management SAP NetWeaver Identity Management & Security June 2011

Identity. Provide. ...to Office 365 & Beyond

Administration Guide. BlackBerry Enterprise Service 12. Version 12.0

White Paper. McAfee Cloud Single Sign On Reviewer s Guide

Transcription:

IDENTIKEY Product Family Rik Swusten Product Manager

& VACMAN Controller GO 3 GO 6 250-251 260-261 270 270 XPress 275 GO 7 GO 100 301 CV 550 560 736 Virtual Nano for Mobile VACMA N Controll er 800 810 855 830 835A for Windows for Web 836 837 840A 865 920 2

IDENTIKEY Authentication Server IDENTIKEY Appliance IDENTIKEY Virtual Appliance IDENTIKEY Federation Server IDENTIKEY Tools

IDENTIKEY Authentication Server IDENTIK EY Features Ease of Use Performance Documentation Support Value for Money Overall Rating 4

IDENTIKEY Authentication Server Product Vision 1 authentication server for OTP validation with numerous options, features and interfaces that address the security needs of small and large enterprises that require control over access to their resources in various horizontal and vertical markets 5

IDENTIKEY Server Vision RADIUS Module SOAP API Module IIS Filter Modules (OWA, CWI, RDW) Provisioning Module Windows Logon Module IDENTIKEY Server CA SiteMinder Module SBR Module HSM Module (SafeNet) Federation Module (WebSSO) Virtual (SMS, Email) 6

1 for all applications Internet Hosted Applications 3 Webserver Internal Web- Applications Application Server 2 Remote Access 1 Internet 5 4 WiFi Access Windows Desktop & LAN 7

IDENTIKEY Authentication Server Roadmap Identikey Server 3.4 Identikey Server 3.5 ncipher HSM Temporally users Several improvements Identikey Server 3.3 PCI-DSS Identikey Server 3.2 RADIUS Attributes Wireless Identikey Server 3.1.6 EMV-CAP HSM Windows OTP Logon Identikey Server 3.1 Active Directory WS2008 LDAP Backend Easy install Identikey Server 3.0 Webbased admin interface WS 2003, Linux, 64Bits OS SOAP, e-signature Soft provisioning 2008 Q1 2009 Q2 2010 Q1 2010 Q3 2011 Q2 2012 Q3 2013 Q2 8

Market feedback, latest trends Virtualisation Mobile and Out-of-Band delivery SAML support Migration from competing products security vs flexibility Windows Desktop Logon 9

next release IDENTIKEY Authentication Server 3.5 Support WS2012 Support Hyper-V Support for Mobile 4.0 Support creation and emailing of offline activation codes, also with QR Code Device binding (device registration, device re-activation) Expand Virtual functionality See next page Other enhancements: Support Automatic Token Disabling Function to search user accounts by name (now: UserID) Customisation of the auditing filename in ADUC snapin Option to duplicate the rights of a user into a new user. Improvement for Administrator priviliges assignment Option to set Web Services port during installation Option to Switch off "DISABLE " button 10

Virtual support Support latest generation SMS Gateways support SMPP protocol Improved delivery combinations send out OTP via SMS or Email PER USER send out OTP via SMS AND Email Improved support delivery methods send out OTP via email towards SMS Gateway (SMTP) send out OTP via PBX send out OTP via VASCO services include SMS provider templates 11

Virtual Request OTP 1 2 LogOn 5 3 SMS Gateway Email Server PBX Vasco Services 4 Out Of Band OTP Delivery 12

IDENTIKEY Editions Reference and Comparison Card Included Authentication Clients Standard Edition Gold Edition Enterprise Edition RADIUS authentication (+WAP) Webfilters (OWA, CWI, RDWebAccess, Generic) (10 each) (10 each) Desktop Windows Logon SOAP authentication SOAP e-signature option (see pricelist) SOAP Provisioning option (see pricelist) EMV-CAP HSM Interface SBR Module (2) (2) Included Virtual option (see pricelist) option (see pricelist) option (see pricelist) Included Servers Primary Backup Replica (5) Total 1 2 7 Extra Server (>7) 13

IDENTIKEY Standard Edition License for Primary Server (1 IP) License for RADIUS Authentication (Firewalls, VPN, SSL- VPN) 14

IDENTIKEY Gold Edition License for Primary and Backup Server (2 IP s) License for RADIUS Authentication (Firewalls, VPN, SSL- VPN) License for 10 instances of all Webfilters (10 IP s each) Outlook Web Access Citrix Web Interface New! Citrix Receiver Generic IIS6/IIS7 Web Interface New! Microsoft Remote Desktop Web Access Includes Microsoft Remote Desktop Gateway License for Authentication for SBR Primary and Backup Server (2 IP s) License for Authentication for Windows Logon for every user 15

IDENTIKEY Enterprise Edition License for 7 Servers (7 IP s) License for RADIUS Authentication (Firewalls, VPN, SSL-VPN) License for 10 instances of all Webfilters (10 IP s each) Outlook Web Access Citrix Web Interface New! Citrix Receiver Generic IIS6/IIS7 Web Interface New! Microsoft Remote Desktop Web Access Includes Microsoft Remote Desktop Gateway License for Authentication for SBR Primary and Backup Server (2 IP s) License for Authentication for Windows Logon for every user License for SOAP Authentication (Web-based applications) Optional: More servers, SOAP e-signature, SOAP Provisioning 16

Drivers Remote Access VPN, SSL, webmail, intranet, LAN access network, desktop logon Web applications portal, webshop, ecrm, 17

IDENTIKEY Tools 18

Update Tools & Webfilters, release with IDENTIKEY 3.5 Authentication for CWI Authentication for OWA Authentication for RDWA Authentication for SBR support WS2012 Authentication for Windows Logon Support for Windows 8 Backup system for offline mode Password Synchronisation Manager LDAP Sync Tool Data Migration Tool support IDENTIKEY 3.5 19

IDENTIKEY Appliance 20

Convenience platform Complete authentication server pre-installed Plug&Play solution Managed Authentication Server Integrates latest IDENTIKEY Authentication Server (semi-) automated upgrades Programmable backup functions Logging, Auditing, Reporting Appliance Product Vision 19 Rack FormFactor Selected components for 24x7 operation, long availability, longevity Hardened OS Built-in database & Webserver Separate administration interface (GUI) Additional SNMP functionality (hardware monitoring) 21

Available Hardware Models 3000 Series (AG3442) Upto 500 users 5000 Series (AG5502) Upto 10.000 users 7000 Series (AG7552) Upto 100.000 users 2 Hot Swappable Power Supplies 2 Hot Swappable Hard Disks 22

Current release IDENTIKEY Appliance 3.4.6.0 integration of IDENTIKEY V3.4SR1 Including patches upto IK 3.4.7 Option to select local time for auditing Option to edit the SMS message for Virtual IDENTIKEY Appliance Patch 3.4.6.1 Several bug fixes (license, audit date, etc) 23

IDENTIKEY Virtual Appliance 24

New Product IDENTIKEY Virtual Appliance 3.4.6.0 integration of IDENTIKEY Authentication Server V3.4SR1 (upto IK3.4.7) Software-only appliance Supported on VMWare environments Available in 4 models (license driven) 25

GoToMarket 4 Models with different performance and pricing 1000 Series Limited to 1 CPU Core and 1GB RAM Installations <= 100 users 2000 Series Limited to 2 CPU Core and 4GB RAM Installations <= 5000 users 4000 Series Limited to 4 CPU Core and 8 GB RAM Installations <= 50000 users 8000 Series Limited to 8 CPU Core and 16 GB RAM Installations <= 200000 users Upgrade to the next model by updating the license demo license appliance (IDENTIKEY demo license can be used) 26

VACMAN Controller, IDENTIKEY Server, Appliance VC IAS IA IVA 27

IDENTIKEY Platform Comparison IDENTIKEY Authentication Server brings a solution where: The customer wants complete flexibility IDENTIKEY Appliance brings a solution where: The customer wants a managed server The customer wants a plug&play solution The customer has a preference for appliances Avoid technical intervention IDENTIKEY Virtual Appliance can bring a solution where: The number of users is larger than 100.000 (performance) The number of users is lower than 500 (low ROI) The customer is located outside Europe (shipments, RMA) Changing environment, newer technologies & trends 28

IDENTIKEY Platform Comparison Small Deploym ent Large Deploym ent Flexibility (DB,OS, HSM) Manag ed Server Plug&Play Convenien ce Easy shipmen ts Virtualisati on IDENTIKEY Authenticatio n Server IDENTIKEY Appliance IDENTIKEY Virtual Appliance 29

IDENTIKEY Federation Server 30

SAML2.0 User Application Server SOAP User Application Server 31

SAML2.0 WebSSO User Application Server Web SSO Application Application 32

User s login to multiple webapplications Users and Static Passwords IDENTIKEY Value Add The multiple login process is time consuming difficult to remember many different static passwords There is big chance that applications will not be used The secure handling and storage of user credentials is in the hands of the application owner The enforcement of password policies is managed by the application owner SSO increases user productivity OTP login: The number of password resets can be greatly reduced. Automated login increases user experience and improves collaboration The security is managed by own staff Password policies can easily be implemented 33

Administration painpoints Users have to be managed in several applications Employees that leave can still login to the applications Licenses have to be managed in every application separately The management of several applications means complex auditing Adding applications means a lot of manual tasks User s login to multiple webapplications IDENTIKEY Value Add One central point to manage all users, no administration overhead One central point to manage leaving employees Licenses can be easily managed, accounted and optimised One central point for auditing facilitates compliancy Central management of applications 34

SAML2.0 Federation User Application Server Federated Authentication Application Trusted Federation SAML User Application (any compatible federation server) Server 35

User Convenience Logging in to several websites is troublesome Web SSO brings automated sign-on Added Value Security Using static passwords is dangerous, especially in combination with SSO Replace static passwords by 2FA TCO Using static passwords can result in less productivity Using static passwords can result in increasing administration costs Managing all users in 1 software reduces admin overhead Compliancy Easy to comply to and enforce password policies Easy to manage users and licenses Easy to create security reports and audits 36

IDENTIKEY Federation Server Extension to IDENTIKEY Authentication Server Brings 2FA-supported SSO to Internet Applications Largely enhances user experience Reduces admin overhead User management, password management, licenses, password policies, auditing Cost reduction results in higher ROI Virtual appliance, available for VMWare and Citrix environments Separate user-based license User Applications Server 37

2FA support via IDENTIKEY Server One-Button Keypad OTP validation User Mobile platforms Application Server SMS, Email delivery 38

Functions Authentication Manager: User Authentication Provider: Validation of user credentials. Identity Provider: Assign an identity ticket to the user It is valid for a pre-defined time and can be re-used for logon It has an authentication level that should match to what the application requires. Manages access to internet hosted applications Distributes user identity to requesting applications Manages flow of user attributes if requested by the application WebSSO The identity ticket can be re-used to gain access to other applications or service providers The above conditions apply (ticket is still valid and level is high enough) Federated Authentication Validated users can access applications from another service provider in the same federation The user validation can be delegated to another Identity Provider for remote applications Another Identity provider can delegate validated users to local applications 39

Specifications Supported protocols: SAML2.0 for IFS as IdP (incoming requests), SAML2.0 for IFS as Client/SP (outgoing requests) ASelect protocol for IFS as IdP and SP (incoming/outgoing requests), ASelect WS protocol for IFS as Client/SP (incoming requests) OpenID for IFS as IdP (incoming requests) OAuth V2 Supported Web Applications: Any application that supports SAML2.0 and/or OpenID Preconfigured Application GoogleApps (IFS as IdP) Preconfigured Application Salesforce.com (IFS as IdP) ADFS2 as RP (IFS as IdP/RPG) -> Office365

current release IDENTIKEY Federation Server V1.2 Standard support GoogleApps Standard support Salesforce.com Standard support ADFS2.0 Office365 Support OAuth V2 MyDigipass.com IDENTIKEY Federation Server V1.3 Account Linking for OAuth Identity Providers Self Management Admin Management Application API Upgrade OS to the latest version Support Hyper-V 41

OAuth support Employees SAML User Application Partners Customers Application OAuth User 42

IFS as Relying Party Gateway to ADFS2 Application Server ADFS2 (SAML2+MS spec) WS-Fed User Office 365 Windows DC / WS2008 Dir Sync 43

next release IDENTIKEY Federation Server V1.4 Support for Office365 Rich Clients 44

Vasco Labs Demo SAML GoogleApps Salesforce.com OAuth User ADFS2 (SAML2+MS spec) WS-Fed Office365 Windows DC / WS2008 45

Identikey Family Roadmap (2013) IDENTIKEY Authentication Server 3.4SR1 IDENTIKEY Authentication Server 3.5 IDENTIKEY Appliance 3.4.6.0 IDENTIKEY Appliance 3.4.6.2 IDENTIKEY Appliance 3.5.7.0 IDENTIKEY Virtual Appliance 3.4.6.0 IDENTIKEY Virtual Appliance 3.4.6.2 IDENTIKEY Virtual Appliance 3.5.7.0 IDENTIKEY Federation Server 1.2 IDENTIKEY Federation Server 1.3 IDENTIKEY Federation Server 1.4 2012 2013 46

On-Premise Solution - What to offer? -Hardware -Software [maintenance] + Standard Gold Enterprise [maintenance] Learn: Technical training Sell: Sales training Demo: Vasco Labs Install: Integration Guides Help: Professional Services + + Appliance Platform [maintenance] Web SSO [maintenance] 47

48

Thank you! Rik Swusten Product Manager IDENTIKEY 49

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information