CRYPTOCard. Strong Two Factor Authentication



Similar documents
Apache Server Implementation Guide

Cisco VPN Concentrator Implementation Guide

Juniper Networks SSL VPN Implementation Guide

Check Point FW-1/VPN-1 NG/FP3

RSA SecurID Two-factor Authentication

BlackShield ID PRO. Steel Belted RADIUS 6.x. Implementation Guide. Copyright 2008 to present CRYPTOCard Corporation. All Rights Reserved

CRYPTOLogon Agent. for Windows Domain Logon Authentication. Deployment Guide. Copyright , CRYPTOCard Corporation, All Rights Reserved.

BlackShield ID Best Practice

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

External Authentication with Cisco VPN 3000 Concentrator Authenticating Users Using SecurAccess Server by SecurEnvoy

NCP Secure Enterprise Management Next Generation Network Access Technology

Strong Authentication for Microsoft Windows Logon

2 factor + 2. Authentication. way

A brief on Two-Factor Authentication

CRESCENDO SERIES Smart Cards. Smart Card Solutions

DIGIPASS Authentication for Citrix Access Gateway VPN Connections

ADDING STRONGER AUTHENTICATION for VPN Access Control

Securing access to Citrix applications using Citrix Secure Gateway and SafeWord. PremierAccess. App Note. December 2001

Endpoint Security VPN for Mac

RSA SecurID Ready Implementation Guide

Strong Authentication for Microsoft SharePoint

DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication

Secure remote access to your applications and data. Secure Application Access

Authentication Solutions. Versatile And Innovative Authentication Solutions To Secure And Enable Your Business

A new Secure Remote Access Platform from Giritech. Page 1

Ultra-strong authentication to protect network access and assets

Authentication Solutions

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client

Ultra-strong authentication to protect network access and assets

SSL VPN Technical Primer

Strong Authentication for Microsoft TS Web / RD Web

A Guide to New Features in Propalms OneGate 4.0

ipad in Business Security

Ultra-strong authentication to protect network access and assets

Proven. Trusted.

STRONGER AUTHENTICATION for CA SiteMinder

INUVIKA OPEN VIRTUAL DESKTOP FOUNDATION SERVER

External Authentication with Windows 2003 Server with Routing and Remote Access service Authenticating Users Using SecurAccess Server by SecurEnvoy

White Paper: Managing Security on Mobile Phones

Authentication Solutions VERSATILE AND INNOVATIVE AUTHENTICATION SOLUTIONS TO SECURE AND ENABLE YOUR BUSINESS

BlackShield ID Agent for Remote Web Workplace

Open Directory. Apple s standards-based directory and network authentication services architecture. Features

RSA Authentication Agent 7.1 for Microsoft Windows Installation and Administration Guide

RSA Authentication Agent 7.2 for Microsoft Windows Installation and Administration Guide

iphone in Business Security Overview

PortWise Access Management Suite

Citrix MetaFrame XP Security Standards and Deployment Scenarios

ProtectID. for Financial Services

External Authentication with Citrix Secure Gateway - Presentation server Authenticating Users Using SecurAccess Server by SecurEnvoy

Agent Configuration Guide for Microsoft Windows Logon

Dell SonicWALL and SecurEnvoy Integration Guide. Authenticating Users Using SecurAccess Server by SecurEnvoy

Introducing etoken. What is etoken?

Virtual Private Networks (VPN) Connectivity and Management Policy

Data Sheet. NCP Secure Enterprise Management. Next Generation Network Access Technology

External authentication with Astaro AG Astaro Security Gateway UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

SSL VPN vs. IPSec VPN

YubiRADIUS Deployment Guide for corporate remote access. How to Guide

BlackShield ID Agent for Terminal Services Web and Remote Desktop Web

Deploying iphone and ipad Security Overview

Technical Brief ActiveSync Configuration for WatchGuard SSL 100

Secure web transactions system

Cisco Secure Access Control Server 4.2 for Windows

DualShield. for. Microsoft TMG. Implementation Guide. (Version 5.2) Copyright 2011 Deepnet Security Limited

Strong Authentication for Cisco ASA 5500 Series

ActivIdentity 4TRESS AAA Web Tokens and SSL VPN Fortinet Secure Access. Integration Handbook

DIGIPASS Authentication for GajShield GS Series

Ensuring the security of your mobile business intelligence

Clientless SSL VPN Users

Using Entrust certificates with VPN

CA Adapter. Installation and Configuration Guide for Windows. r2.2.9

Citrix Access Gateway

FileCloud Security FAQ

SSL SSL VPN

Secure Remote Access Give users in office remote access anytime, anywhere

SafeWord 2008 Customer Release Notes

REDCENTRIC N3 SECURE REMOTE ACCESS SERVICE DEFINITION. SD045 V4.1 Issue Date Page 1 Public

Implementation Guide for. Juniper SSL VPN SSO with OWA. with. BlackShield ID

Strong Authentication for Juniper Networks

Securing Citrix with SSL VPN Technology

Application Note. Intelligent Application Gateway with SA server using AD password and OTP

TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION

Remote Access Securing Your Employees Out of the Office

What s New in Juniper s SSL VPN Version 6.0

Cisco ASA. Implementation Guide. (Version 5.4) Copyright 2011 Deepnet Security Limited. Copyright 2011, Deepnet Security. All Rights Reserved.

Expertcity GoToMyPC and GraphOn GO-Global XP Enterprise Edition

An Analysis of Propalms TSE and Microsoft Remote Desktop Services

Replacing legacy twofactor. with YubiRADIUS for corporate remote access. How to Guide

DigitalPersona Pro Enterprise

identity management in Linux and UNIX environments

INTEGRATION GUIDE. DIGIPASS Authentication for Cisco ASA 5505

Compiled By: Chris Presland v th September. Revision History Phil Underwood v1.1

Transcription:

CRYPTOCard Strong Two Factor Authentication

CRYPTOCard Solutions Overview Cybercrime is a serious, real, and all-to-prevalent threat to networked assests. With the abundance of deployed workers requiring network access from a variety of devices, and the sheer value and volume of online assets, the need for strong reliable network protection has never been greater. The CRYPTOCard Solution CRYPTOCard provides an authentication solution that can offer peace of mind when it comes to the protection of your organizations valuable materials. Two-factor authentication is a critical element in successful identity management. It allows you to let in the good and keep out the bad. CRYPTOCard s authentication options provide the most flexible two-factor authentication solution on the market to eliminate password theft and protect your organization. The following outlines the flexibility of the CRYPTOCard solution for use in conjunction with today s leading technology. VPN and SSL VPN In today s deployed workforce employees need the ability to keep in contact with networked resources and services away from the office. Relying on SSL VPN when protected by only typical username and password leaves your Virtual Private Network vulnerable and easily compromised by outsiders. CRYPTOCard s award winning technology can easily protect your online assets by utilizing two-factor authentication: a user combines their security Personal Identification Number, something only they know, with a one-time password, newly generated by their unique token for each logon. Outlook Web Access Email is regarded as the most important component of business. The value and volume of information that travels back and forth on the internet is staggering. This is an appealing target and your email communications may be at risk. CRYPTO-Logon for windows OWA 2003 agent delivers strong two-factor authentication for the Microsoft OWA 2003 Logon form to ensure Outlook resources are protected. Once implemented CRYPTO-Logon replaces static passwords with a one-time password and the user enjoys a simple and consistent logon procedure with no need to worry about remembering passwords. Citrix All of the enterprise capabilities that the Citrix Access Platform brings to an organization require a strong authentication solution. CRYPTO-Shield can provide strong two-factor authentication for Citrix that uses one-time passwords to identify users attempting logon and authenticate them. The ease of use and flexibility of Citrix solutions make them more vulnerable to password theft. Authentication Solutions Two-Factor Authentication using One-Time Passwords adds a layer of security that makes a system near foolproof. CRYPTO-Shield is an all-in-one, end to end solution. It includes everything you need to secure every access point to your network. CRYPTO-Shield protects VPNs, SSL VPNs, Apache, LANs and IIS.

CRYPTOCard s Citrix Access Suite (protecting Presentation Server, Web Interface, Access Gateway, MetaFrame Secure Access Manager, MetaFrame Password Manager) provides strong two-factor authentication to secure confidential corporate applications. share a common password. CRYPTOCard s CRYPTO-Shield product suite eliminates static passwords and offers a comprehensive authentication solution for securing valuable corporate resources against intentional and unintentional compromise. Apache and IIS Web Portals Web servers and portals may be at the hub of your organizations communications strategy. These are used to provide access to information for customers, vendors, business partners and employees. To provide strong security for the information located on these servers CRYPTOCard has developed a unique and effective authentication solution that provides the capability to maintain granular control over access to restricted areas and content on web sites powered by Apache or IIS. CRYPTO-Web is an Apache module or ISAPI filter (on IIS) for Web servers that sits in the data stream between the user s browser and the Web application residing on the Web server where it intercepts all resource requests. When a user requests access to a resource CRYPTO-Web checks if the resource is protected and access is granted only after the user is authenticated and access is verified. It can be configured to protect domain namebased and IP address-based virtual hosts. Administrator Access If a system administrator s password is compromised the consequences to an organization could be huge. Every user could be locked out if the password is changed and important data could be stolen or destroyed. In order to protect each individual administrator s account passwords must be changed immediately after they leave an organization. This constant changing of passwords will create notification/logon problems for all the other administrators. It also makes it difficult to track security breaches as multiple users Managed Authentication Service-CRYPTO- MAS Many companies recognize the need for strong authentication to protect their data and other digital assets but lack the requisite manpower, infrastructure, skills or budget to implement the needed twofactor authentication solution. CRYPTOCard s Managed Authentication Service offers the benefits of strong two-factor authentication without the need to implement the infrastructure in house. CRYPTO-MAS requires no additional investment in infrastructure nor does it require employees to have technical skill in two-factor authentication. It provides all the security benefits of CRYPTOCard s strong authentication solution in an easy to implement manner. CRYPTOCard North America 340 March Road Suite 600 Ottawa, Ontario K2K 2E4 Canada Toll Free: 800-307-7042 Tel: +1-613-599-2441 Fax: +1-613-599-2442 www.cryptocard.com CRYPTOCard Europe Eden Park, Ham Green Bristol BS20 0EB, United Kingdom Tel: +44 870 7077 700 Fax: +44 870 7077 711 www.cryptocard.co.uk CRYPTOCard and CRYPTO-Server are registered trademarks or trademarks of CRYPTOCard Inc. in Canada, the U.S.A. and/ or other countries. Microsoft and Windows are registered trademarks or trademarks of Microsoft Corporation in the U.S. and/or other countries. All other trademarks mentioned herein are the property of their respective owners. 2006 CRYPTOCard Inc. All rights reserved. 20061103

Introducing CRYPTO-Shield 6.4 Smaller. More flexible. More powerful. More options. The new upgrade to CRYPTOCard s award winning two-factor authentication (2FA) suite is now shipping! An upgrade for users of CRYPTO-Shield 6.x (with active support contract), our new solution extends our reach with Disconnected Authentication, enhances existing services and delivers new tokens to make it easier than ever to take full advantage of our powerful and adaptable authentication and ID management tool. Faster, smaller, better... Faster, smaller and less of a drain on system resources, the newest release features M2M (Machine to Machine) architecture that uses only a tiny fraction of the client side resources of previous versions. With a footprint of just a few K and using minimal RAM, 6.4 is a greatly streamlined authentication solution. NEW ST-1 Token for BlackBerry The newest member of our software token family allows BlackBerry users to access their two-factor authentication protected network without carrying an extra device! A new home screen icon will, when selected, launch the password generating token application. You supply your PIN and away you go. Disconnected Authentication On the road? Unable to connect to the network (where the CRYPTO-Server resides)? You can still protect your laptop with a local or disconnected authentication. Up to 100 logons (configureable) are possible until you must reconnect to the network to replenish your bank of one-time passwords. (The supply of passwords for disconnected authentication is, of course, safely encrypted!) Enhanced CRYPTO-Logon When logging on to your OS Domain, a static password may still be required (by the OS). You now can configure CRYPTO-Logon to automatically manage the OS logon (in one of two ways) after you are authenticated by the CRYPTO-Server. Or you can choose to enforce that users manually enter their static password following a successful CRYPTO-Logon. Enhanced CRYPTO-Web Improvements to CRYPTO-Web provide a Standalone Mode for protecting single web servers and a Web Farm Mode for customers who wish to implement CRYPTOCard technology amongst a group of web servers. PAM 64-bit support on Linux Speed daemons beware! Keeping pace with advancements on the Linux front. Support for Intel-based Macintoshes Our Universal Binary solution will run natively on either Intel or Power PC macs running OS X Tiger. New Getting Started Documentation Light reading to get you up and running QUICKLY! CRYPTO-Shield 6.4 Includes: Full CRYPTO-Server software CRYPTO-VPN CRYPTO-Logon CRYPTO-Web CRYPTO-Console CRYPTO-Kit It s a Heterogeneous World! CRYPTO-Shield 6.4 is the only two-factor authentication solution that will operate seamlessly in a real-world mixed OS network. Any Mac, Linux or WIndows server can serve any Mac, Linux or Windows clients. (See systems specifications for supported versions.)

Server Platform Coverage Windows 2000 Server SP4 Windows 2003 Server SP1 RedHat Linux Enterprise Server 3/4 SuSe Linux Enterprise Server 9 Mac OS X Tiger Scalability The solution encompasses internal users, standalone computers, Web servers, VPNs, and virtually every other form of network access. It is scalable up to 255 realms and hundreds of thousands of users. CRYPTO- Shield is designed for high availability to respond to peak demands as well as network outages through RADIUS load balancing, mirrored servers, and an authentication process that is not sensitive to timesynchronization or network transit delays. CRYPTO-Shield can be implemented as a stand-alone system or installed on existing RADIUS servers. It is designed for high availability to respond to peak demands, as well as network outages, with: RADIUS load balancing Mirrored servers Authentication process is not sensitive to time synchronization or network transit delays Up to 250,000 users per system Replication Supports local and remote replica servers for hot standby/failover Directory Support (user data storage) CRYPTO-Server internal Active Directory Open LDAP Open Directory Database Support (token data storage) Native MySQL External MySQL MS-SQL Oracle Reporting and Logging All activity is stored in logs and database tables Data is accessible via management consoles and external reporting tools Multiple logging options, including output to HTML Authentication Protocols PAP MSCHAPv2 RADIUS CAP Interoperability CRYPTO-Shield includes a RADIUS server for maximum interoperability Compatible with leading remote access servers, wireless access points, Web servers, firewalls, and VPNs (e.g. Microsoft, Nortel, Check Point, Cisco, Apache, Citrix) RSA token migration (DES tokens only) CRYPTOCard North America 340 March Road Suite 600 Ottawa, Ontario K2K 2E4 Canada Toll Free: 800-307-7042 Tel: +1-613-599-2441 Fax: +1-613-599-2442 www.cryptocard.com CRYPTOCard Europe Eden Park, Ham Green Bristol BS20 0EB, United Kingdom Tel: +44 870 7077 700 Fax: +44 870 7077 711 www.cryptocard.co.uk Encryption Algorithms DES 3DES AES 128-bit, 192-bit, 256-bit Application Developer API CRYPTO-Kit enables development of interfaces/authentication agents for specific environments or integration with existing applications/workflows. CRYPTOCard and CRYPTO-Shield are registered trademarks or trademarks of CRYPTOCard Inc. in Canada, the U.S.A. and/ or other countries. Microsoft and Windows are registered trademarks or trademarks of Microsoft Corporation in the U.S. and/or other countries. All other trademarks mentioned herein are the property of their respective owners. 2006 CRYPTOCard Inc. All rights reserved. 20061023

One-time Password Tokens CRYPTOCard Tokens are an effective and economical solution for organizations that want to eliminate the risks presented by static, shared, stolen or easily guessed passwords. With two-factor authentication, protected resources can only be accessed when a user combines their security Personal Identification Number (PIN), something only they know, with a one-time password generated by their unique authenticator for each logon. TOKEN TYPES: Key Chain Hardware Token (KT-1) Calculator-style Hardware Token (RB-1) The RB-1 PIN Pad token is a highly configurable, multi-function device and is the most versatile of the hardware tokens. It is ideally suited to users that require the freedom to logon from any computer, running any operating system, in any location, or generate digital signatures for web-based forms. It is also ideal for applications that require the use of challenge/response mode. The RB-1 Key PIN Pad Token generates a new password each time the token is activated. The token is activated by entering a PIN using the keypad. The KT-1 Key Chain token provides unparalleled convenience in a portable, independent computing environment. It s simplicity makes it the ideal authentication token for users of virtually any skill level. The KT-1 Key Chain token generates a new password each time the token is activated. Key Chain Hardware Token (KT-2) The KT-2 Key Chain token is an economical alternative to the KT-1. It combines the same simplicity and durability with a lower price point when purchased in quantity. As with the KT-1, this token is ideal for users of any skill level and is particularly easy to use. End Users: Only need a PIN and a token Never need password changes Eliminate the use of static passwords Security Administrators: Control access of users Configurable tokens add security Web-based deployment of ST Tokens Budgets: Tokens never expire Reduced Help-Desk calls One-time licensing fees Flexibility: Wide range of tokens depending on what an organization requires

Smart Card Token (SC-1) (with USB or PCMCIA Reader) The SC-1 Smart Card Token is a software implementation of the RB-1 hardware token installed on a 64K Java smart card. It is the ideal multi-function token card for organizations that want the advantages of hardware tokens, the convenience and integration of software tokens and the additional security of photo ID and proximity door access. Software Token for PC, WinCE or BlackBerry The ST-1 Token is a software implementation of the RB-1 hardware token for installation on computers and PDAs. It is the ideal token for organizations that want the strength of two-factor authentication without the overhead and cost of hardware distribution. For PC implementations, CRYPTOCard s M2M functionality provides an interface between the token and various authentication mechanisms, providing One-PIN-And-You re- In service. ST-1 tokens can be installed on a PC hard drive, on a USB mass storage device, on a BlackBerry, or on a WinCE PDA. CRYPTOCard North America 340 March Road Suite 600 Ottawa, Ontario K2K 2E4 Canada Toll Free: 800-307-7042 Tel: +1-613-599-2441 Fax: +1-613-599-2442 www.cryptocard.com USB Hardware/Smart Card Token (SC-3) The SC-3 USB token is a software implementation of the RB-1 hardware token installed on a USB packaged smart card. Ideal for organizations that want the advantages and flexibility of hardware tokens with the convenience and integration of software tokens. The SC-3 can also store digital certificates for PKI applications. CRYPTOCard Europe Eden Park, Ham Green Bristol BS20 0EB, United Kingdom Tel: +44 870 7077 700 Fax: +44 870 7077 711 www.cryptocard.co.uk CRYPTOCard and CRYPTO-Server are registered trademarks or trademarks of CRYPTOCard Inc. in Canada, the U.S.A. and/ or other countries. Microsoft and Windows are registered trademarks or trademarks of Microsoft Corporation in the U.S. and/or other countries. All other trademarks mentioned herein are the property of their respective owners. 2006 CRYPTOCard Inc. All rights reserved. 20070713

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information