DIGIPASS Authentication for O2 Succendo

Similar documents
DIGIPASS Authentication for F5 BIG-IP

DIGIPASS Authentication for Cisco ASA 5500 Series

DIGIPASS Authentication for Check Point VPN-1

DIGIPASS Authentication for Citrix Access Essentials Web Interface

DIGIPASS Authentication for NETASQ

DIGIPASS Authentication for Check Point VPN-1

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Sharepoint 2007

DIGIPASS Authentication to Citrix XenDesktop with endpoint protection

Steel-Belted RADIUS. Digipass Plug-In for SBR. SBR Plug-In SBR. G etting Started

INTEGRATION GUIDE. DIGIPASS Authentication for VMware View

Modify these field values (right-click and select Fields) to change text throughout the document:

axsguard Identifier Product Guide Product Guide axsguard AXSGuard ConfigurationTool

Use Digipass two-factor authentication

Product Guide. Digipass Plug-In for IAS. IAS Plug-In. Digipass Extension for Active Directory Users and Computers. Administration MMC Interface IAS

Secure your business. Use DIGIPASS two-factor authentication. The world s leading software company specializing in Internet Security.

Echidna Concepts Guide

Partner Information. Integration Overview. Remote Access Integration Architecture

Digipass Plug-In for SBR. SBR Plug-In SBR. Steel-Belted RADIUS. Installation G uide

VACMAN Controller. HSM Integration Guide - White Paper. Revision 4.0

Partner Information. Integration Overview Authentication Methods Supported

Astaro Security Gateway UTM

4TRESS FT2011 Out-of-Band Authentication and Juniper Secure Access

AppScaler SSO Active Directory Guide

Creation date: 19/03/2010 Last Review: 08/06/2010 Revision number: 3

One Identity Starling Two-Factor Desktop Login 1.0. Administration Guide

Citrix Access Gateway Implementation Guide

ISA 2006 and OWA 2003 Implementation Guide

VACMAN Controller. Integration Guide. White Paper

Integration Guide. SafeNet Authentication Service. Strong Authentication for Juniper Networks SSL VPN

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers

HySecure Quick Start Guide. HySecure 5.0

CounterACT User Directory Plugin

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

NTP Software File Auditor for Windows Edition

One Identity Active Roles 7.2. Azure AD and Office 365 Management Administrator Guide

Integration Guide. LoginTC

Integration Guide. SafeNet Authentication Manager. SAM using RADIUS Protocol with SonicWALL E-Class Secure Remote Access

Authlogics Forefront TMG and UAG Agent Integration Guide

Authentication Services ActiveRoles Integration Pack 2.1.x. Administration Guide

SafeNet Authentication Manager

How to enable and read the full trace file for IDENTIKEY Authentication Server 3.4, step by step.

axsguard Gatekeeper PPTP How To 1.7

Accops HyWorks v3.0. Quick Start Guide. Last Update: 4/25/2017

Policy Manager for IBM WebSphere DataPower 7.2: Configuration Guide

Server Installation Guide

4TRESS AAA. Out-of-Band Authentication (SMS) and Juniper Secure Access Integration Handbook. Document Version 2.3 Released May hidglobal.

Senstar Symphony. 7.2 Installation Guide

Multifactor Authentication Installation and Configuration Guide

Quest VROOM Quick Setup Guide for Quest Rapid Recovery for Windows and Quest Foglight vapp Installers

Microsoft Office Groove Server Groove Manager. Domain Administrator s Guide

Workspace ONE UEM Certificate Authentication for Cisco IPSec VPN. VMware Workspace ONE UEM 1810

External Authentication with Checkpoint R77.20 Authenticating Users Using SecurAccess Server by SecurEnvoy

VACMAN, Identikey, axs GUARD and Digipass are registered trademarks of VASCO Data Security International Inc.

SafeNet Authentication Service

Implementation Guide for protecting Juniper SSL VPN with BlackShield ID

Mozy. Administrator Guide

Giovanni Carnovale Technical Account Manager Southeast Europe VASCO Data Security

NetScaler Radius Authentication. Integration Guide

Rapid Recovery License Portal Version User Guide

DefendX Software Control-Audit for Hitachi Installation Guide

Tanium IaaS Cloud Solution Deployment Guide for Microsoft Azure

Two factor authentication for Citrix NetScaler

Barracuda Networks SSL VPN

One Identity Defender 5.9. Product Overview

INSTALLATION GUIDE Spring 2017

Intel Unite Solution Version 4.0

DIGIPASS Authentication for Citrix Web Interface Guide 3.3

Azure MFA Integration with NetScaler

Sophos Mobile Control startup guide. Product version: 7

VMware Identity Manager Administration. MAY 2018 VMware Identity Manager 3.2

Using ZENworks with Novell Service Desk

Barracuda SSL VPN Integration

Deliver and manage customer VIP POCs. The lab will be directed and provide you with step-by-step walkthroughs of key features.

Two factor authentication for SonicWALL SRA Secure Remote Access

Implementation Guide VMWare View 5.1. DualShield. for. VMWare View 5.1. Implementation Guide

Novell Access Manager

DigitalPersona Pro Enterprise

ZENworks Service Desk 8.0 Using ZENworks with ZENworks Service Desk. November 2018

VeriSign Managed PKI for SSL and Symantec Protection Center Integration Guide

Agile Customer Needs Management

Troubleshooting DIGIPASS Authentication for Windows Logon (DAWL) Off-line data uploading.

CLI users are not listed on the Cisco Prime Collaboration User Management page.

Entrust GetAccess 7.0 Technical Integration Brief for IBM WebSphere Portal 5.0

Set up a Customer Site

Polycom CMA System Upgrade Guide

RSA Authentication Manager 7.1 Migration Guide

HPE Intelligent Management Center v7.3

Symantec Validation & ID Protection Service. Integration Guide for Microsoft Outlook Web App

NTP Software File Auditor for Hitachi

Two factor authentication for Check Point appliances

Exam4Tests. Latest exam questions & answers help you to pass IT exam test easily

RSA Authentication Manager 7.1 Help Desk Administrator s Guide

SecurEnvoy Microsoft Server Agent

Two factor authentication for OpenVPN Access Server

One Identity Manager 8.0. Administration Guide for Connecting to Azure Active Directory

Integration Guide. SafeNet Authentication Manager. Using RADIUS Protocol for Cisco ASA

SonicWall Secure Mobile Access SMA 500v Virtual Appliance 8.6. Getting Started Guide

Two factor authentication for Remote Desktop Gateway (RD Gateway) with RADIUS

Entrust PartnerLink Login Instructions

IDENTIKEY Authentication Server

Transcription:

DIGIPASS Authentication for O2 Succendo for IDENTIKEY Authentication Server IDENTIKEY Appliance 2009 Integration VASCO Data Security. Guideline All rights reserved. Page 1 of 30

Disclaimer Disclaimer of Warranties and Limitations of Liabilities This Report is provided on an 'as is' basis, without any other warranties, or conditions. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of VASCO Data Security. Trademarks DIGIPASS & VACMAN are registered trademarks of VASCO Data Security. All trademarks or trade names are the property of their respective owners. VASCO reserves the right to make changes to specifications at any time and without notice. The information furnished by VASCO in this document is believed to be accurate and reliable. However, VASCO may not be held liable for its use, nor for infringement of patents or other rights of third parties resulting from its use. Copyright 2009 VASCO Data Security. All rights reserved. 2009 VASCO Data Security. All rights reserved. Page 2 of 30

Table of Contents DIGIPASS Authentication for O2 Succendo... 1 Disclaimer... 2 Table of Contents... 3 1 Overview... 5 2 Problem Description... 5 3 Solution... 5 4 Technical Concept... 6 4.1 General overview... 6 4.2 O2 Succendo Prerequisites... 6 4.3 Identikey Server Prerequisites... 6 4.4 Active Directory Prerequisites... 6 5 O2 Succendo... 7 5.1 O2 Succendo Configuration... 7 6 Identikey... 11 6.1 Policy configuration...11 6.2 Component configuration...15 7 User configuration... 16 7.1 User Creation...16 7.2 Import DIGIPASS...18 7.3 DIGIPASS Assignment...21 8 O2 Succendo SSL/VPN test... 25 8.1 Response Only...25 9 Identikey features... 26 9.1 Installation...26 9.1.1 Support for Windows 2003 and IIS6...26 9.1.2 Support for ODBC databases...26 9.2 Deployment...26 2009 VASCO Data Security. All rights reserved. Page 3 of 30

9.2.1 Dynamic User Registration (DUR)...26 9.2.2 Autolearn Passwords...26 9.2.3 Stored Password Proxy...26 9.2.4 Authentication Methods...26 9.2.5 Policies...27 9.2.6 DIGIPASS Self Assign...27 9.2.7 DIGIPASS Auto Assign...27 9.2.8 Grace Period...27 9.2.9 Virtual DIGIPASS...27 9.3 Administration...28 9.3.1 Web Admin...28 9.3.2 User Self Management Web Site...28 9.3.3 Delegated administration...29 9.3.4 Granular Access Rights...29 10 About VASCO Data Security... 30 2009 VASCO Data Security. All rights reserved. Page 4 of 30

1 Overview The purpose of this document is to demonstrate how to configure Identikey Server 3.0 to integrate with O2 Succendo to provide strong user authentication. 2 Problem Description The basic working of the O2 Succendo is based on authentication to an existing media (LDAP, RADIUS, local authentication ). To use the Identikey with O2 Succendo, the external authentication settings need to be changed or added manually. 3 Solution The O2 Succendo is a powerful SSL VPN solution that provides a comprehensive and flexible approach to providing secure, ubiquitous application access to all employees and business partners. After configuring Identikey and the O2 Succendo in the right way, you eliminate the weakest link in any security infrastructure the use of static passwords that are easily stolen guessed, reused or shared. Figure 1: SSL VPN Schema 2009 VASCO Data Security. All rights reserved. Page 5 of 30

4 Technical Concept 4.1 General overview The main goal of the O2 Succendo is to perform authentication to secure all kinds of SSL VPN connections. As the O2 Succendo can perform authentication to an external service using the RADIUS protocol, we will place the Identikey as back-end service for the O2 Succendo appliance, to secure the authentication with our proven Identikey Server. The users will now be authenticated first by Identikey Server that can be linked to the Active Directory in the back-end. So we will deploy the Identikey Server in between the O2 Succendo and the Active Directory. O2 Succendo Domain Controller O2 Succendo Identikey Domain Controller Figure 2: General overview 4.2 O2 Succendo Prerequisites Please make sure you have a working setup of the O2 Succendo. It is very important this is working correctly before you start implementing the authentication to the Identikey. 4.3 Identikey Server Prerequisites In this guide we assume you already have the Identikey installed and working. If this is not the case, make sure you get Identikey working before installing any other features. Please refer to the Identikey Server Installation Guide as well as the Identikey Server Administration Guide for the setting up of Identikey Server. 4.4 Active Directory Prerequisites We assume that the Active Directory has already been set up. The active directory will be used as a back-end authentication for users static passwords. We assume that user account has already been created in the Active Directory. 2009 VASCO Data Security. All rights reserved. Page 6 of 30

5 O2 Succendo 5.1 O2 Succendo Configuration By default the webconfig is reachable by following URL: https://<ip_or_name_o2_succendo>/admin/ In our case this becomes: https://10.10.10.6/admin/ Figure 3: O2 Succendo Configuration (1) First, we need to configure the radius server in the O2 Succendo. On the left panel, select Authentication which will expand out a list of all authentication methods. Select the method Radius. On the right panel, fill out the Identikey server information such as the IP Address, share secret and the password protocol to use (eg. PAP, CHAP). In our example, we create a radius server name Vasco. Click on Save to apply the settings. Figure 4: O2 Succendo configuration (2) 2009 VASCO Data Security. All rights reserved. Page 7 of 30

Next we need to configure user to login using radius authentication. In the left panel, select Virtual Portals to display the properties. On the right panel, navigate to the Authentication section, and select the authentication methods that was created for Identikey Server so that the user can be authenticated using their password and OTP. Figure 5: O2 Succendo Configuration (3) On the left panel, go to the Service tab and under the list of option, chose Service. On the right panel, fill out the information on the service that will be made available to the users once they are logged in. Figure 6: O2 Succendo Configuration (4) 2009 VASCO Data Security. All rights reserved. Page 8 of 30

Create a new role that the service can be associated with. Go to the Authorization tab on the left panel and select Role. On the right panel, provide a name for the new role and select the services that are to be made available for this role. Figure 7: O2 Succendo Configuration (5) Now we can test to login. (*We can only proceed with this step only until Identikey Server has been set up and working properly). To login as a user, open up the browser and access to the following URL https://ip_address_of_o2_succendo. Select the authentication method to use (in our example, will be Vasco) and the login credentials to login. In the password field, enter the users AD password followed by the OTP generated. For example, if the AD password for demo1 is abc123 and the OTP generated is 234567, the password will be abc123234567. Figure 8: O2 Succendo Configuration (6) 2009 VASCO Data Security. All rights reserved. Page 9 of 30

After the user has logged in, an account will be created in the O2 Succendo. In the Web configuration, go to Authorization and select the role that was created previously. In the User Information section, select the user that was created and move it over to the Selected field. Figure 9: O2 Succendo Configuration (7) 2009 VASCO Data Security. All rights reserved. Page 10 of 30

6 Identikey 6.1 Policy configuration Log in to the Identikey Server by going to the URL http://identikey_server_ip:8080/webadmin. Figure 10: IDENTIKEY POLICY Configuration (1) Create a new policy for users who will be authenticated via the O2 Succendo. Go to the Policy Tab and select Create. Figure 11: IDENTIKEY POLICY configuration (2) There are a few policies available by default. You can also create new policies to suit your needs. Those can be independent policies or inherit their settings from default or other policies. 2009 VASCO Data Security. All rights reserved. Page 11 of 30

Fill in a policy name and description and select if this policy is going to inherit any settings from any existing policy. In this example, I will create a policy name called O2 Succendo that will be referred to if the users are logging in to the network via O2 Succendo SSL VPN. This policy will inherit default settings from the predefined policy Identikey Windows Password Replacement. For more information about the predefined policy and creation of policies, please refer to the Identikey Administrator Reference Guide. Figure 12: IDENTIKEY POLICY configuration (3) 2009 VASCO Data Security. All rights reserved. Page 12 of 30

In the policy properties, several settings can be configured. For example, whether if a back-end server will be used? This could be the local database, but also Windows (Active Directory) or another radius server (RADIUS). The policy configured below is for demonstrative purpose. For a more detailed explanation on configuring the policies, please refer to Identikey Product Guide and Identikey Server Administrator Reference. For this example, we will set up for the Identikey to authenticate the users first and if needed, the Active Directory or Radius server will authenticate the static password. Policy tab o Local auth : Digipass/Password o Back-End Auth : If Needed o Back-End Protocol : Windows Figure 13: IDENTIKEY POLICY Configuration (4) 2009 VASCO Data Security. All rights reserved. Page 13 of 30

User tab o Dynamic User Registration : Yes o Password Autolearn : Yes o Stored Password Proxy : Yes o Default Domain : VDSAPLAB.LOCAL* o User lockout : 3 o Windows Group Check : No Check *In this example, my domain has been set to VDSAPLAB.LOCAL. Figure 14: IDENTIKEY POLICY Configuration (5) Digipass tab o Assignment Mode : Neither o Search upwards in Org Hierarchy : Yes Figure 15: IDENTIKEY POLICY Configuration (6) 2009 VASCO Data Security. All rights reserved. Page 14 of 30

6.2 Component configuration Create a new radius client component. Go to the Clients Tab in the home page and select Register. Figure 16: IDENTIKEY COMPONENT configuration (1) Click on Select From List button and select Radius Client. Enter the IP Address of the O2 Succendo in the location, select policy O2 Succendo (created from the previous step) and enter the share secret to secure the communication between O2 Succendo and Identikey. Figure 17: IDENTIKEY COMPONENT Configuration (2) 2009 VASCO Data Security. All rights reserved. Page 15 of 30

7 User configuration 7.1 User Creation Create users to be authenticated by the Identikey when they are logging in to the O2 Succendo SSL VPN. Users can be created via 4 different ways. The administrator can either manually add in the user via the Web configuration, imported into Identikey database, dynamic user registration or through the self registration web portal provided during Identikey installation. For this example, we will add in the user manually in the Identikey. For more information on how to add in users, please refer to the Identikey Product Guide and Identikey Administrator Reference. On the Home page, click on the Users tab and select Create. Figure 18: IDENTIKEY USER Creation (1) 2009 VASCO Data Security. All rights reserved. Page 16 of 30

In the subsequent page, enter the particulars of the users. For this example, my user ID will be demo1 and the domain VDSAPLAB.LOCAL. Figure 19: IDENTIKEY USER Creation (2) The user will now show up in the Users list of you DIGIPASS Administration MMC. At this point it will be exactly the same as when Dynamic User Recognition (DUR) was enabled. Figure 20: IDENTIKEY USER Creation (3) 2009 VASCO Data Security. All rights reserved. Page 17 of 30

7.2 Import DIGIPASS Move the mouse over to Digipass Tab and select Import. Figure 21: IDENTIKEY DIGIPASS Import (1) Click on the browse button to select the DPX file to import and enter the 32 digit Transport key and click upload. Figure 22: IDENTIKEY DIGIPASS Import (2) Select the applications to be imported into the Identikey. Click Next to continue. 2009 VASCO Data Security. All rights reserved. Page 18 of 30

Figure 23: IDENTIKEY DIGIPASS Import (3) Select the domain which the Digipass will be imported to and click Import. Figure 24: IDENTIKEY DIGIPASS Import (4) 2009 VASCO Data Security. All rights reserved. Page 19 of 30

Click Finish to complete the Import process. Figure 25: IDENTIKEY DIGIPASS Import (5) 2009 VASCO Data Security. All rights reserved. Page 20 of 30

7.3 DIGIPASS Assignment There are two possible ways to assign a DIGIPASS to a user. You can search for a DIGIPASS and assign it to a user or you can search for a user and assign it to a DIGIPASS. You can see the difference in the following two figures. For demonstration purpose, I will select a user and find all available digipass that can be assigned to this user. For more information on assigning digipass, please refer to the Identikey Administrator Reference. Move the mouse over to the Users tab and select List to display all users. Figure 26: IDENTIKEY DIGIPASS Assignment (1) 2009 VASCO Data Security. All rights reserved. Page 21 of 30

A list of users that are in the Identikey will be displayed. Select the user to be assigned with a digipass. In this example, I will select user demo1. Figure 27: IDENTIKEY DIGIPASS Assignment (2) Click on the Assigned Digipass Tab. If there are no digipass assigned to the user, click on the Assign button. Figure 28: IDENTIKEY DIGIPASS assignment (3) 2009 VASCO Data Security. All rights reserved. Page 22 of 30

On the subsequent page, navigate to the bottom of the page and in the On clicking Next section, select Search Now To Select Digipass To Assign. Figure 29: IDENTIKEY DIGIPASS assignment (4) A list of available digipass will be presented. Select one of the available digipass and click Next. Figure 30 :IDENTIKEY DIGIPASS assignment (5) 2009 VASCO Data Security. All rights reserved. Page 23 of 30

Provide the number of grace period for this user. Default settings is 7 days. Click Assign. Figure 31 :IDENTIKEY DIGIPASS assignment (6) Review the assignment and click Finish. Figure 32: IDENTIKEY DIGIPASS assignment (7) 2009 VASCO Data Security. All rights reserved. Page 24 of 30

8 O2 Succendo SSL/VPN test 8.1 Response Only To start the test, browse to the public IP address or hostname of the O2 Succendo device. In our example this is https://10.10.10.5. Select Vasco as the Auth method and enter your Username and Password (One Time Password) and click the Logon button. Figure 33: Response Only (1) If all goes well, you will be authenticated and see the SSL/VPN portal page. Figure 343: Response Only (2) 2009 VASCO Data Security. All rights reserved. Page 25 of 30

9 Identikey features 9.1 Installation The Identikey installation is very easy and straightforward. Identikey runs on Windows and Linux platforms, supports a variety of databases and uses an online registration. Different authentication methods allow a seamless integration into existing environments. 9.1.1 Support for Windows 2003 and IIS6 Identikey can be installed on Windows 2003 (32 or 64 bit) with Service pack 1 or above. Web modules exist for IIS 6 to protect Citrix Web Interface, Citrix Secure Gateway, Citrix Secure Access Manager (Form-based authentication), Citrix Access Gateway and Microsoft Outlook Web Access 2000 and 2003 (Basic Authentication and Form-Based Authentication). 9.1.2 Support for ODBC databases Other ODBC compliant database can be used instead of the default PostgreSQL database. The supported database are MS SQL Server, Oracle, Sybase, DB2 and Postgres. 9.2 Deployment Several Identikey features exist to facilitate deployment. Combining these features provides different deployment scenarios from manual to fully automatic. 9.2.1 Dynamic User Registration (DUR) This feature allows Identikey to check a username and password not in the database with a back-end RADIUS server or a Windows domain controller and, if username and password are valid, to create the username in the Identikey database. 9.2.2 Autolearn Passwords Saves administrators time and effort by allowing them to change a user s password in one location only. If a user tries to log in with a password that does not match the password stored in the Identikey database, Identikey can verify it with the back-end RADIUS server or the Windows domain controller and, if correct, store it for future use. 9.2.3 Stored Password Proxy Allows Identikey to save a user s RADIUS server password or Windows domain controller password in the database (static password). User s can then log in with only username and dynamic one-time password (OTP). If this feature is disabled, users must log in with username and static password immediately followed by the OTP. 9.2.4 Authentication Methods Different authentication methods can be set on server level and on user level: local authentication (Identikey only), Back-End authentication (Windows or RADIUS). On top of that a combination of local and back-end can be configured. The additional parameters always, if needed and never offers you additional customization of the back-end authentication process. The configuration of authentication methods is done within the policy (policies). 2009 VASCO Data Security. All rights reserved. Page 26 of 30

9.2.5 Policies Policies specify various settings that affect the User authentication process. Each authentication request is handled according to a Policy that is identified by the applicable Component record. Components can be radius clients, authentication servers or Citrix web interfaces. 9.2.6 DIGIPASS Self Assign Allows users to assign DIGIPASS to themselves by providing the serial number of the DIGIPASS, the static password and the OTP. 9.2.7 DIGIPASS Auto Assign Allows automatic assignment of the first available DIGIPASS to a user on user creation. 9.2.8 Grace Period Supplies a user with a certain amount of time (7 days by default) between assignment of a DIGIPASS and the user being required to log in using the OTP. The Grace Period will expire automatically on first successful use of the DIGIPASS. 9.2.9 Virtual DIGIPASS Virtual DIGIPASS uses a text message to deliver a One Time Password to a User s mobile phone. The User then logs in to the system using this One Time Password. Primary Virtual DIGIPASS A Primary Virtual DIGIPASS is handled similarly to a standard physical DIGIPASS. It is imported into the VACMAN Middleware database, assigned to a User, and treated by the Identikey database as any other kind of DIGIPASS. Backup Virtual DIGIPASS The Backup Virtual DIGIPASS feature simply allows a User to request an OTP to be sent to their mobile phone. It is not treated as a discrete object by Identikey, and is not assigned to Users, only enabled or disabled. It can be enabled for Users with another type of DIGIPASS already assigned, and used when the User does not have their DIGIPASS available. 2009 VASCO Data Security. All rights reserved. Page 27 of 30

9.3 Administration 9.3.1 Web Admin Administration of the Identikey can be done via the web browser. Browse to the following url to administer the Identikey http://ip_address_of_identikey:8080/webadmin. Figure 34: Identikey Features (1) 9.3.2 User Self Management Web Site A web site running on IIS has been developed to allow users to register themselves to the VM with their username and back-end (RADIUS or Windows) password, to do a DIGIPASS self assign, to update their back-end password stored in the Identikey database, to do a change PIN (Go-1/Go-3 DIGIPASS), to do a DIGIPASS test. Figure 35: Identikey Features (2) 2009 VASCO Data Security. All rights reserved. Page 28 of 30

9.3.3 Delegated administration Administration can be delegated by appointing different administrators per organizational unit (OU). These administrators can only see the DIGIPASS and users that were added to his OU. 9.3.4 Granular Access Rights It is possible in VACMAN Middleware to setup different permission per user. This can be in function of a domain or an organizational unit. Administrators belonging to the Master Domain may be assigned administration privileges for all domains in the database, or just their own domain. Administrators belonging to any other Domain will have the assigned administration privileges for that Domain only. It s possible to set different operator access levels. E.g. A user can be created that only has the rights to unlock a DIGIPASS. Figure 36: Identikey Features (3) 2009 VASCO Data Security. All rights reserved. Page 29 of 30

10 About VASCO Data Security VASCO designs, develops, markets and supports patented Strong User Authentication products for e-business and e-commerce. VASCO s User Authentication software is carried by the end user on its DIGIPASS products which are small calculator hardware devices, or in a software format on mobile phones, other portable devices, and PC s. At the server side, VASCO s VACMAN products guarantee that only the designated DIGIPASS user gets access to the application. VASCO s target markets are the applications and their several hundred million users that utilize fixed password as security. VASCO s time-based system generates a one-time password that changes with every use, and is virtually impossible to hack or break. VASCO designs, develops, markets and supports patented user authentication products for the financial world, remote access, e-business and e-commerce. VASCO s user authentication software is delivered via its DIGIPASS hardware and software security products. With over 25 million DIGIPASS products sold and delivered, VASCO has established itself as a world-leader for strong User Authentication with over 500 international financial institutions and almost 3000 blue-chip corporations and governments located in more than 100 countries. 2009 VASCO Data Security. All rights reserved. Page 30 of 30

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback