nexus Hybrid Access Gateway



Similar documents
PortWise Access Management Suite

PortWise Access Management Suite

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

INTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server

TrustedX - PKI Authentication. Whitepaper

Flexible Identity Federation

Cisco ASA Adaptive Security Appliance Single Sign-On: Solution Brief

etoken TMS (Token Management System) Frequently Asked Questions

The increasing popularity of mobile devices is rapidly changing how and where we

Adding Stronger Authentication to your Portal and Cloud Apps

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

STRONGER AUTHENTICATION for CA SiteMinder

White Paper. McAfee Cloud Single Sign On Reviewer s Guide

INUVIKA OPEN VIRTUAL DESKTOP FOUNDATION SERVER

ADDING STRONGER AUTHENTICATION for VPN Access Control

USING FEDERATED AUTHENTICATION WITH M-FILES

Google Identity Services for work

Introduction to SAML

An Overview of Samsung KNOX Active Directory and Group Policy Features

INTEGRATION GUIDE. DIGIPASS Authentication for VMware Horizon Workspace

API-Security Gateway Dirk Krafzig

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA

SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy

NCSU SSO. Case Study

PortWise 4.7. PortWise Sales FAQ. Sales FAQ & Licensing Guide

Deploying RSA ClearTrust with the FirePass controller

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

TRUSTED IDENTITIES, MANAGED ACCESS Implementing an Identity and Access Management Strategy for the Mobile Enterprise. Introduction.

Safewhere*Identify 3.4. Release Notes

Alex Wong Senior Manager - Product Management Bruce Ong Director - Product Management

How To Manage A Plethora Of Identities In A Cloud System (Saas)

"Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Salesforce

Securing access to Citrix applications using Citrix Secure Gateway and SafeWord. PremierAccess. App Note. December 2001

INTEGRATION GUIDE. IDENTIKEY Federation Server for Juniper SSL-VPN

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Outlook Web Access

Agent Configuration Guide

Directory Integration with Okta. An Architectural Overview. Okta White paper. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107

OpenAM. 1 open source 1 community experience distilled. Single Sign-On (SSO) tool for securing your web. applications in a fast and easy way

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Tableau Server

Flexible Identity Federation

INTEGRATION GUIDE. DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server

OVERVIEW. DIGIPASS Authentication for Office 365

Leverage Active Directory with Kerberos to Eliminate HTTP Password

White Paper Cybercom & Axiomatics Joint Identity & Access Management (R)evolution

The Cloud, Mobile and BYOD Security Opportunity with SurePassID

What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4

SAP Cloud Identity Service Document Version: SAP Cloud Identity Service

BlackShield ID Agent for Terminal Services Web and Remote Desktop Web

Configuration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Internet Information Services (IIS)

Authentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business

StoneGate Administrator's Guide SSL VPN 1.1

owncloud Architecture Overview

Introduction to the EIS Guide

Identity Management in Liferay Overview and Best Practices. Liferay Portal 6.0 EE

Out-of-Band Multi-Factor Authentication Cloud Services Whitepaper

BlackBerry Enterprise Service 10. Universal Device Service Version: Administration Guide

Dell World Software User Forum 2013

Step by Step Guide to implement SMS authentication to F5 Big-IP APM (Access Policy Manager)

Leveraging SAML for Federated Single Sign-on:

ADAPTIVE AUTHENTICATION ADAPTER FOR JUNIPER SSL VPNS. Adaptive Authentication in Juniper SSL VPN Environments. Solution Brief

CA Adapter. Installation and Configuration Guide for Windows. r2.2.9

Authentication: Password Madness

SAML-Based SSO Solution

SAML Authentication Quick Start Guide

The Top 5 Federated Single Sign-On Scenarios

Increase the Security of Your Box Account With Single Sign-On

Federated single sign-on (SSO) and identity management. Secure mobile access. Social identity integration. Automated user provisioning.

Identity in the Cloud

A Guide to New Features in Propalms OneGate 4.0

SECURITY AND REGULATORY COMPLIANCE OVERVIEW

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

Building Secure Applications. James Tedrick

Mobile Device Management Version 8. Last updated:

QLIKVIEW SECURITY OVERVIEW

Okta/Dropbox Active Directory Integration Guide

Oracle Access Manager. An Oracle White Paper

SAP NetWeaver Single Sign-On. Product Management SAP NetWeaver Identity Management & Security June 2011

Cloud Single Sign-On and On-Premise Identity Federation with SAP NetWeaver Cloud White Paper

Secure remote access to your applications and data. Secure Application Access

Interwise Connect. Working with Reverse Proxy Version 7.x

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES

An Overview of Samsung KNOX Active Directory-based Single Sign-On

Introduction to the Mobile Access Gateway

PRIVACY, SECURITY AND THE VOLLY SERVICE

AVG Business SSO Partner Getting Started Guide

HOL9449 Access Management: Secure web, mobile and cloud access

W H IT E P A P E R. Salesforce CRM Security Audit Guide

SafeNet Authentication Service

WHITEPAPER SECUREAUTH IDP DEVICE FINGERPRINTING LOW-FRICTION, BYOD AUTHENTICATION

Securely. Mobilize Any Business Application. Rapidly. The Challenge KEY BENEFITS

IBM API Management Overview IBM Corporation

Contextual Authentication: A Multi-factor Approach

INTEGRATION GUIDE. DIGIPASS Authentication for Cisco ASA 5505

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

Novell Access Manager

300% increase 280 MILLION 65% re-use passwords $22 per helpdesk call Passwords can no longer protect you

F5 BIG-IP: Configuring v11 Access Policy Manager APM

Application Security Made in Switzerland

Transcription:

Product Sheet nexus Hybrid Access Gateway nexus Hybrid Access Gateway nexus Hybrid Access Gateway uses the inherent simplicity of virtual appliances to create matchless security, even beyond the boundaries of the corporate network. Access missioncritical data safely at any time using your favorite device! nexus Hybrid Access Gateway is an exceptional remote access solution that makes on-premises and cloud applications available on any device or platform. The solution also fits perfectly in Bring Your Own Device (BYOD) scenarios. You can easily deploy the Gateway Virtual Appliance into your virtual infrastructure from the cloud there is no need to install software or maintain an operating system. Imagine all your organization can gain with: Greater security Ease of use Minimal administration Versatile Risk-Appropriate Authentication The security and trust level of an authentication solution depends on the number of factors required for successful identification. An authentication solution capable of withstanding any type of identity fraud should consist of a combination of these factors: What you know a static username and password is the most basic authentication level What you have a unique possession, such as a hardware token, a mobile phone, or smartcard What you are some unique biological characteristic, such as a fingerprint or iris pattern 1

Strong multi-factor authentication protects against phishing, password cracking, key logging and many other types of identity theft. nexus Hybrid Access Gateway offers a number of authentication methods with different authentication strengths in one flexible, integrated solution. Organizations can empower their users with authentication technology that is easy to use, easy to manage, cost-effective and secure. The broadness of different authentication methods allows for a versatile authentication strategy. The benefit of using a platform supporting versatile authentication is that you can apply the most appropriate authentication method to each application. Practically, you can use simple password-based authentication to provide access to less sensitive applications, and more complex authentication to secure access to highly sensitive data. When an already authenticated user request access to a more sensitive application, you can apply step-up authentication, which requires the user to authenticate again with an additional credential. This is what the industry refers to as riskappropriate authentication. nexus Hybrid Access Gateway is easy to integrate with existing infrastructures. It uses standard authentication protocols and is extendible through a plug-in API, which facilitates the use of new or custom authentication methods. Open standards such as X.509, Open Authentication (OATH) and LDAP are supported. Mobile App Security The nexus solution also brings strong authentication and secure electronic identities to mobile apps by supporting OAuth 2.0 standards. The OAuth 2.0 authorization framework provides applications (web-based and mobile) with delegated and limited access to HTTP services and APIs. The authorization process is based on the exchange of access tokens, not credentials which eliminates the need to exchange credentials between applications. It is possible to to revoke access for specific applications without impact on other 2

authorized applications. Let the nexus solution manage the complex tasks of authentication and authorization and allow your developers to focus on your core development and core business. Policy Enforcement A secure encrypted channel between the user and the application is ensured by Single Sign-On (SSO) enforcement and remote access to applications via your web browser. No client software needs to be installed. Web SSL reverse proxy/ssl VPN functionality is used with session cookies to manage and track sessions from log-on until the connection is terminated. nexus Hybrid Access Gateway makes it easy to create secure deployments by using Distributed Mode. With Distributed Mode the Policy Enforcement and the Policy Decision Points are split into separate Virtual Appliances. In this way an optimal secure network architecture can be designed. nexus Hybrid Access Gateway makes it easier to satisfy your company s enforcement policies as it allows you to set access rules for various authentication levels and locations. Clientless client-server application access is supported using unique application virtualization based on HTLM5 and websocket technology. Application Portal The embedded webserver enhances both simplicity and security. The Application Portal features a highly responsive design that readily adapts to user devices to enable full use of touch-screens, tilting and similar features. Users can organize favorite applications under tabs, and policy-based access ensures that only authorized users can reach protected applications and proprietary data. 3

Single Sign-On Enforcement One user and a single login is a breakthrough with advantages for everyone. In addition to providing seamless access to applications, it also reduces password management and significantly improves the user experience. The user only needs to sign in once any subsequent authentication to back-end applications is automatically handled within the system. All traditional web applications remain accessible. HTML5 and websockets enable the use of non-web applications in browsers and support the ability to offer remote desktops. The SAML 2.0 standard is supported to secure identities, Federation integrity and Cloud Applications, both inside and outside your system. Supported SAML 2.0 standards: SAML Identity and Service Provider Web Browser SSO profile with redirect and POST bindings Basic Attribute Profile SAML Metadata SAML Single Log-out as Service Provider Identity Orchestration Using standards like SAML and SCIM or proprietary APIs, first-time users are automatically provisioned for application access. nexus Identity Orchestration provides life-cycle identity management together with access control for on-premises services as well as public and private cloud services. The result is reduced cost, account control and privacy compliance all while enhancing the end-user experience. Authorization and Policy-Based Access All access in the system is based on dynamic evaluation policies for optimal security policy management. Fine-grained authorization, both individual- and application-specific, is available so that you can decide what a user should gain access to at any given time and location. Single Sign-On works throughout the system all access decisions are made by the 4

authorization engine using role-based and attribute-based access controls. User storage integration enables the reuse of roles and user attributes. Access rules are evaluated based on numerous decision parameters including user role, authentication method, device type and trusted or untrusted location/ip address. Identity Orchestration integrates with SCIM, Google API and POST-based API making it possible to reduce user account administration by automatically pushing user details, for example to create, authenticate and auto-link new accounts. Enterprise Administration As a virtual appliance, nexus Hybrid Access Gateway boasts simplified administration with easier deployments, upgrades and maintenance all via web-based automation. A Central Management Console features a comprehensive platform for consolidating your administrative tasks. Delegated Management shifts administration rights from one organizational level/department to another, and real-time alerts can be sent via email and SMS. The web-based administration interface provides wizards for common tasks and aids the creation of users, access rules and resources. Rollback functionality tracks the history of published configurations and makes it possible to revert back to prior configurations. The interface automatically adapts to the features included in your nexus Hybrid Access Gateway license. Support is included for delegated administration, graphical reporting and the publication of service configurations to the Gateway. Logs and events stored locally by nexus Hybrid Access Gateway s components are collected to a central log repository. 5

Auditing When it is time to audit, all data is at your fingertips. Consolidated and comprehensive auditing functionality tells you who did what, when, where and how. This is particularly useful for compliance officers and corporate governance teams. All statistical data from the logging system is stored in a central repository for single-point retrieval. Real-time and historical reporting can be shown in many different graphical formats, such as pie charts, line charts, 3D charts and bar graphs. All data is exportable in text format so that it can be easily processed in, e.g., Excel. User Data User objects in nexus Hybrid Access Gateway are designed to hold crucial information such as authentication method settings, user storage references, Single Sign-On credentials and custom user attributes. These objects are, by default, stored in a built-in LDAP-based Directory Service. The option of storing in a third-party Microsoft Active Directory (AD), Novell edirectory, SUN, ADAM, or OpenLDAP is also available. 6

Authentication The Hybrid Access Gateway features strong authentication supporting a wide range of methods: 1-factor authentication Web Token, Password 2-factor authentication Invisible Token Mobile Text Soft OTP Token (TruID Syncronized/Challenge) OATH HOTP SOTA, Secure Online Token Activation for TruID Soft OTP Token QR code activation url:s support for TruID on Android and ios Devices (iphone/ipad) PKI/Certificates X.509, e-id, BankID, SITHS, SmartCards etc. 3rd-party authentication Radius, LDAP, Active Directory, Basic, NTLM Creation of custom authentication plug-ins XPI:am APIs for third party integration XPI:am, to create custom authentication plugins XPI:ws, to Integrate applications doing authentication, authorisation and session, user and OATH token management 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information