Odyssey Access Client FIPS Edition



Similar documents
Odyssey Access Client

Managing Wireless Clients with the Administrator Tool. Intel PROSet/Wireless Software 10.1

SBR Enterprise Series Steel-Belted Radius Servers

SA Series SSL VPN Virtual Appliances

What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4

Securing Data on Portable Media.

Network Services One Washington Square, San Jose, CA

PULSE SECURE FOR GOOGLE ANDROID

Only Athena provides complete command over these common enterprise mobility needs.

Zone Labs Integrity Smarter Enterprise Security

RSA AUTHENTICATION AGENTS FOR MICROSOFT WINDOWS

Enterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH. White Paper February

User Guide. FIPS Mode. For use with epolicy Orchestrator 4.6.x Software

The governance IT needs Easy user adoption Trusted Managed File Transfer solutions

White Paper. BD Assurity Linc Software Security. Overview

Compliance series Guide to meeting requirements of USGCB

Solutions for Encrypting Data on Tape: Considerations and Best Practices

Whitepaper Enhancing BitLocker Deployment and Management with SimplySecure. Addressing the Concerns of the IT Professional Rob Weber February 2015

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks

ADVANCED TWO-FACTOR AUTHENTICATION VIA YOUR MOBILE PHONE

Symantec Client Management Suite 8.0

BBM Protected Secure mobile

ARCHITECT S GUIDE: Comply to Connect Using TNC Technology

U.S. Federal Information Processing Standard (FIPS) and Secure File Transfer

Efficient Key Management for Oracle Database 11g Release 2 Using Hardware Security Modules

ACER ProShield. Table of Contents

SECURE ACCESS TO THE VIRTUAL DATA CENTER

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

Citrix MetaFrame XP Security Standards and Deployment Scenarios

How To Set Up Hopkins Wireless On Windows 7 On A Pc Or Mac Or Ipad (For A Laptop) On A Network Card (For Windows 7) On Your Computer Or Ipa (For Mac Or Mac) On An Ipa Or

Kaseya IT Automation Framework

Deployment Guide for Maximum Security Environments Polycom HDX Systems, Version 3.0.5

CA IT Client Manager. Desktop Migration

RSA ACCESS MANAGER. Web Access Management Solution ESSENTIALS SECURE ACCESS TO WEB APPLICATIONS WEB SINGLE SIGN-ON CONTEXTUAL AUTHORIZATION

Johns Hopkins

BANKING SECURITY and COMPLIANCE

Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption

Enhancing Organizational Security Through the Use of Virtual Smart Cards

ProtectV. Securing Sensitive Data in Virtual and Cloud Environments. Executive Summary

Security White Paper The Goverlan Solution

Pulse Policy Secure. RADIUS Server Management Guide. Product Release 5.1. Document Revision 1.0. Published:

Using BitLocker As Part Of A Customer Data Protection Program: Part 1

ARCHITECT S GUIDE: Mobile Security Using TNC Technology

Active Directory Compatibility with ExtremeZ-IP. A Technical Best Practices Whitepaper

AT&T Global Network Client Client Features Guide. Version 9.6

Client side. DESlock + Data Encryption

Systems Manager Cloud Based Mobile Device Management

The Cisco Mobility Express Solution

What s New in AppliDis Fusion 4 Service Pack 1

Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access

McAfee Firewall Enterprise 8.2.1

Securing Wireless LANs with LDAP

Open Directory. Apple s standards-based directory and network authentication services architecture. Features

CA Tape Encryption Key Manager

BlackBerry Enterprise Solution and RSA SecurID

Axway Validation Authority Suite

INTEGRATION GUIDE MS OUTLOOK 2003 VERSION 2.0

2X SecureRemoteDesktop. Version 1.1

Wireless Network Configuration Guide

Compulink Advantage Cloud sm Software Installation, Configuration, and Performance Guide for Windows

Software Update Bulletin

What s New in Juniper s SSL VPN Version 6.0

FISMA / NIST REVISION 3 COMPLIANCE

Federation At Fermilab. Al Lilianstrom National Laboratories Information Technology Summit May 2015

Security Services. Benefits. The CA Advantage. Overview

SafeNet Network Encryption Solutions Safenet High-Speed Network Encryptors Combine the Highest Performance With the Easiest Integration and

IT Networking and Security

Accelerating Microsoft Windows 7 migrations with Citrix XenApp

EMC DATA DOMAIN ENCRYPTION A Detailed Review

Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance

Use the below instructions to configure your wireless settings to connect to the secure wireless network using Microsoft Windows Vista/7.

Complying with PCI Data Security

How To Use Cisco Identity Based Networking Services (Ibns)

MS MCITP: Windows 7 Enterprise Desktop Support Technician Boot Camp

A Strategic Approach to Enterprise Key Management

Remote Desktop Services

Wireless Robust Security Networks: Keeping the Bad Guys Out with i (WPA2)

NetIQ Identity Manager

BlackShield ID Agent for Terminal Services Web and Remote Desktop Web

Steel-Belted Radius. Product Description. Product Overview DATASHEET

PRODUCT CATEGORY BROCHURE. Juniper Networks SA Series

CA Encryption Key Manager r14.5

Transcription:

Odyssey Access Client FIPS Edition Data Sheet Published Date July 2015

Product Overview The need today is greater than ever to ensure that systems are securely configured. Government agencies and secure enterprises must provide reliable, secure, and timely network access to employees and contractors while protecting sensitive information and resources. Many government agencies and ministries are also required to procure only IT offerings certified compliant with rigorous, government-set standards while at the same time under mandate to cut costs, driving them in many cases to use commercial off-theshelf (COTS) products. Pulse Secure is uniquely positioned to deliver on these needs with proven commercially available security solutions that provide the most flexible, secure network access available among federal government certified solutions. Your ideas. Connected. One Client for Complete, Government-Approved Wired and Wireless Network Protection Pulse Secure Odyssey Access Client (OAC) is an enterprise-class 802.1X access client software that delivers comprehensive support for the advanced protocols required for secure network access. Together with an 802.1X-compatible RADIUS server such as Pulse Secure SBR Enterprise Series Steel-Belted Radius Servers, OAC secures the authentication and connection of network users, ensuring only authorized users are able to connect, that user login credentials are not compromised, and that data privacy is maintained. FIPS-Compliance with the Power of Odyssey Access Client Pulse Secureprovides a version of OAC that meets the most stringent IT and communications requirements set forth by the U.S. federal government, while maintaining OAC s unparalleled feature set. Pulse Secure Odyssey Access Client FIPS Edition (OAC FIPS Edition) incorporates a FIPS 140-2 Level 1 certified cryptographic module and offers the advanced management features required by government and secure enterprise organizations with multiple facilities and deployments. Value Proposition Enterprise-Level, Government-Certified Security Best-in-class, FIPS 140-2 Level 1 validated cryptography (Validated by the National Institute of Standards and Technology (NIST) and the Canada Communications Security Establishment (CSE)) Powerful, government-approved cryptography in a COTS product Supports the latest security protocols and standards 2

Ensures credentials and data stay secure over a wireless link Low Total Cost of Ownership (TCO) Decreases operational costs and increases return on investment by simplifying user and administrative controls Delivers auto-configuration tools and processes that ease deployment, distribution, and provisioning Lowers training and support costs through consistent user interface, intuitive operation, and powerful diagnostic tools A single interface for authentication and access control in wired and wireless deployments Multi-platform, multi-vendor compatibility Enhanced Control Enables pre-defined or automated preferred and priority connection capabilities Offers support for sophisticated network logon schemes Client lockdown permits enforcement of security policies Certified Support for Government Protocols Pulse Secure Odyssey Access Client FIPS Edition incorporates the Odyssey Security Component, a cryptographic module that is Federal Information Processing Standard (FIPS) 140-2 Level 1 validated by both the NIST and the CSE, Canada s national cryptologic agency. OAC FIPS Edition was developed specifically to conform to government Information Assurance (IA) requirements. OAC FIPS Edition is compatible with U.S. Department of Defense (DoD) Common Access Card (CAC) standards and certificates. Also, OAC FIPS Edition has recently been evaluated and certified for conformance to the Common Criteria (ISO/IEC 15408), the international security standard. The claims being validated include the U.S. Government Protection Profile for Wireless LAN Clients for Basic Robustness Environments. OAC FIPS Edition has been awarded an assurance level of EAL 3 Augmented ALC_ FLR.2. Please contact Pulse Secure for the version number of the evaluated client. OAC FIPS Edition provides 802.11i and TLS-based 802.1X methods that use FIPS-certified cryptography. Please note that using the 802.11i protocol in FIPS mode requires a modified driver for the wireless adapter. Please contact your Pulse Secure sales representative for the latest list of available drivers. OAC FIPS Edition also supports the xsec protocol, a slight variation on 802.11i that can run in FIPS mode on any existing wireless adapter driver. As with 802.11i, all cryptographic operations in xsec are performed using the Odyssey Security Component cryptographic module. xsec also uses longer Advanced Encryption Standard (AES) keys than 802.11i and encrypts Layer 2 header information that is not encrypted in 802.11i. 3

Table 1: Support for U.S. Government Standards Feature Benefits FIPS-certified cryptography Uses Pulse Secure Odyssey Security Component cryptographic module FIPS 140-2 Level 1, Certificate #569 Conforms to NIST and DoD guidelines for the use of 802.11i and TLS-based EAP methods Supports the xsec protocol, with 256-bit AES and Layer 2 header encryption Enables government agencies to deploy secure, scalable wireless or wired network access Recently completed evaluation and certification for conformance to the Common Criteria (ISO/IEC 15408) (Please contact Pulse Secure for the evaluation status and the version number of the evaluated client) Adheres to government and international standards when deploying robust, safe wireless and/or wired network access Ensures FIPS mode enforcement Client lockdown features prohibit users from editing some or all 802.1X connection settings Can be installed as a background task without user interaction With Client Stealth Mode, can be made transparent to users (if desired) by hiding icons and splash screen Ensures and maintains compliance with agency security policies Figure 1: OAC FIPS Edition protects network credentials and transmitted data from breach with government certified encryption, delivering secure network access. Industry Tested, Government-Certified Odyssey Access Client FIPS Edition s combination of standards-based, enterprise-driven features and strict, federally-regulated and certified cryptography delivers a government-approved wireless and wired 802.1X/802.11i client with strong security. Easily implemented and maintained across client devices, OAC FIPS Edition enables the rapid deployment of secure, FIPS-certified 802.1X network access to users saving time at initial installation and in the distribution of updates. 4

Table 2: Features and Benefits of OAC FIPS Edition Feature Benefits Enterprise-class security Controls how users access the network Works securely across wired or wireless connections Protects government and secure enterprise credentials and data from attack, hack, or theft Supports heterogeneous hardware environments, including laptops, desktops, and other wired and wireless devices Enjoy the same level of support with consistent user interfaces, terminology, and operation independent of device and network environment Simple, quick configuration and distribution Auto-configuration tools Client deployment and update capabilities with automated distribution via common enterprise deployment tools Command line export to script, preserving network configurations across installs and uninstalls Silent installation Initial configuration, subsequent changes to network and security settings, and changes to network security policies are easily made and deployed, without the need to touch each device Enhanced user experience Automatic association to the correct network even if location and security requirements change Auto-scan lists allow the user to associate with any listed network; can automatically connect to the network with the highest priority Users can move seamlessly between different networks No user interaction required Dramatic savings in training, administrative, maintenance, and support costs Emphasizes network security and client usability Automatically disables wireless interface when a wired connection is available, if configured Define specific networks to which the user may connect, pre-empting other networks or auto-scan lists selected Enables the configuration of priority networks with which to be associated when in range Can be configured to prompt the user for a user name and password, which is very useful for shared devices Increased security controls assure network security and administrator peace-of-mind Support for advanced network logon schemes Supports Windows GINA and Novell Client for Windows GINA module Allows the use of logon scripts, making it easy to use a single device for multiple users Also enables network administrators to access resources on a device to perform maintenance Machine connections Allows startup scripts to be run Facilitates off hours system maintenance, such as Systems Management Server (SMS) pushes Significantly enhances network connection and administration processes 5

Feature Benefits Works with wired or wireless networks, and is compatible with RADIUS servers that support 802.1X Simplifies deployment of client software in a new or existing network infrastructure, enabling deployment of a single 802.1X client to work in wired, wireless, and mixed networks OAC FIPS Edition and Unified Access Control The latest versions of OAC FIPS Edition are also compatible and interoperate with Pulse Secure s dynamic, comprehensive, standardsbased network access control (NAC) solution, Unified Access Control (UAC). The OAC FIPS Edition can interface to and interact with UAC, serving as the UAC Agent, including with FIPS mode enabled. The Odyssey Security Component, the cryptographic module that is FIPS validated, operates with UAC to provide a FIPS-certified cryptologic module for network access control. OAC FIPS Edition also provides xsec support for the UAC Agent s Microsoft Windows Vista edition, delivering robust, governmentapproved encryption, via the Advanced Encryption Standard (AES) for in-transit data when operating over Microsoft Windows Vista and with 802.11 adapters and drivers. System Requirements Odyssey Access Client FIPS Edition supports the: Microsoft Windows 2000, Windows Vista, and Windows XP operating systems. Microsoft Windows Mobile 6, Windows Mobile 5, Windows Mobile 2003 (Second Edition) for Pocket PC, Windows 2003 for Pocket PC, and Windows CE 5.0 software. For more information on platforms supported by OAC, please contact your Pulse Secure sales representative or authorized reseller. Pulse Securesupplies modified drivers for Windows 2000 and Windows XP. For a current list of drivers supported for all operating systems please contact your Pulse Secure sales representative or authorized reseller. Note: OAC FIPS Edition requires a modified driver to enable the wireless adapter to run 802.11i in FIPS mode. Note: No special adapter or driver requirements are needed torun xsec in FIPS mode. For more information and a 30-day FREE trial of Odyssey Access Client FIPS Edition, please go to: https://www.pulsesecure.net/products/. 6

Pulse Secure Services and Support Pulse Secure is the leader in performance-enabling services that are designed to accelerate, extend, and optimize yourhigh-performance network. Our services allow you to maximize operational efficiency while reducing costs and minimizing risk, achieving a faster time to value for your network. Pulse Secure ensures operational excellence by optimizing the network to maintain required levels of performance, reliability, and availability. For more details, please visit https://www.pulsesecure.net/products/. Ordering Information To purchase Pulse Secure Odyssey Access Client (OAC), please contact your Pulse Secure sales representative or your Pulse Secure authorized reseller. About Pulse Secure Pulse Secure is in the business of network innovation. From devices to data centers, from consumers to cloud providers, Pulse Secure delivers the software, silicon and systems that transform the experience and economics of networking. The company serves customers and partners worldwide. Additional information can be found at https://www.pulsesecure.net. Pulse Secure, LLC 2700 Zanker Road, Suite 200 San Jose, CA 95134 Copyright 2015 Pulse Secure, LLC. All rights reserved. Pulse Secure and the Pulse Secure logo are registered trademarks or Pulse Secure, LLC. All trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Pulse Secure assumes no responsibility for any inaccuracies in this document. Pulse Secure reserves the right to change, modify, transfer, or otherwise revise this publication without notice. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information