AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

Similar documents
Single Secure Credential to Access Facilities and IT Resources

MobilePASS. Security Features SOFTWARE AUTHENTICATION SOLUTIONS. Contents

hidglobal.com Still Going Strong SECURITY TOKENS FROM HID GLOBAL

DFARS Requirements for Defense Contractors Must Be Satisfied by DECEMBER 31, 2017

Who s Protecting Your Keys? August 2018

The Device Has Left the Building

Yubico with Centrify for Mac - Deployment Guide

Virtual Machine Encryption Security & Compliance in the Cloud

Overview. Premium Data Sheet. DigitalPersona. DigitalPersona s Composite Authentication transforms the way IT

Minfy MS Workloads Use Case

Certificate Enrollment- and Signing Services for the Cloud. A behind-the-scenes presentation of a successful cooperation between

PKI is Alive and Well: The Symantec Managed PKI Service

Are You Flirting with Risk?

Minfy MS Workloads Use Case

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

ENTRUST DATACARD DERIVED PIV CREDENTIAL SOLUTION

Meeting the requirements of PCI DSS 3.2 standard to user authentication

BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

Are You Flirting with Risk?

Giovanni Carnovale Technical Account Manager Southeast Europe VASCO Data Security

Enterprise Certificate Console. Simplified Control for Digital Certificates from the Cloud

Certification Authority

Comodo Certificate Manager

Apple OS Deployment Guide for the Enterprise

Identity Management as a Service

Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control

Busting the top 5 myths of cloud-based authentication

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Endpoint Protection with DigitalPersona Pro

Adding value to your MS customers

The Benefits of EPCS Beyond Compliance August 15, 2016

Intel and Symantec: Improving performance, security, manageability and data protection

PCI DSS Compliance. White Paper Parallels Remote Application Server

SxS Authentication solution. - SXS

Secure Lightweight Activation and Lifecycle Management

Mobile Security using IBM Endpoint Manager Mobile Device Management

Single Sign-On. Introduction

Security Guide Zoom Video Communications Inc.

Securing Amazon Web Services (AWS) EC2 Instances with Dome9. A Whitepaper by Dome9 Security, Ltd.

BlackBerry 2FA. Datasheet. BlackBerry 2FA

Mobile Devices prioritize User Experience

SafeNet Securing Microsoft Solutions

VSP18 Venafi Security Professional

Key Management in a System z Enterprise

KeyOne. Certification Authority

Phil Schwan Technical

Introduction to AWS GoldBase

Google Identity Services for work

Managing Windows 8.1 Devices with XenMobile

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

SAP Security in a Hybrid World. Kiran Kola

How Next Generation Trusted Identities Can Help Transform Your Business

PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL

Hong Kong Access Federation (HKAF) Identity Management Practice Statement (IMPS)

Tips for Passing an Audit or Assessment

Cloud Computing. An introduction using MS Office 365, Google, Amazon, & Dropbox.

white paper SMS Authentication: 10 Things to Know Before You Buy

The Password Authentication Paradigm In today s business world, security in general - and user authentication in particular - are critical components

Advanced Authentication 6.0 includes new features, improves usability, and resolves several previous issues.

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Cirius Secure Messaging Single Sign-On

Solution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites

Managed Access Gateway. User Guide

Minfy-Magnaquest Migration Use Case

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

LinQ2FA. Helping You. Network. Direct Communication. Stay Fraud Free!

PKI Credentialing Handbook

Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)

Watson Developer Cloud Security Overview

1 Introduction to Identity Management. 2 Access needs evolve. Managing the User Lifecycle Across On-Premises and Cloud-Hosted Applications

Next Generation Authentication

Secure Esri Solutions in the AWS Cloud. CJ Moses, AWS Deputy CISO

Sparta Systems TrackWise Digital Solution

SAS and F5 integration at F5 Networks. Updates for Version 11.6

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

Sphinx Feature List. Summary. Windows Logon Features. Card-secured logon to Windows. End-user managed Windows logon data

Liferay Security Features Overview. How Liferay Approaches Security

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

Power LogOn s Features - Check List

Layer Security White Paper

Managed Access Gateway. User Guide

SurePassID ServicePass User Guide. SurePassID Authentication Server 2017

Unleashed & Cloud Wi-Fi Updates

Today s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps

Security Architecture

Public. Atos Trustcenter. Server Certificates + Codesigning Certificates. Version 1.2

Introduction. The Safe-T Solution

OATH-HOTP. Yubico Best Practices Guide. OATH-HOTP: Yubico Best Practices Guide Yubico 2016 Page 1 of 11

Security Challenges: Integrating Apple Computers into Windows Environments

Evolved Backup and Recovery for the Enterprise

Welcome to the SafeNet Executive Day! Новые ГоризонтыИнформа ционной Безопасности

iclass SE Platform Solutions The New Standard in Access Control

DigitalPersona for Healthcare Organizations

Single Sign-On. Introduction. Feature Sheet

Overview. DigitalPersona Logon for Windows Data Sheet. DigitalPersona s Composite Authentication transforms

INFORMATION TECHNOLOGY COMMITTEE ESCB-PKI PROJECT

Ready Theatre Systems RTS POS

Introducing. Secure Access. for the Next Generation. Bram De Blander Sales Engineer

Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard

SafeNet Authentication Service for Your Business Introducing Strong Authentication as-a-service. Marko Bobinac PreSales Engineer CEE, Russia & CIS

Transcription:

AXIAD IDS CLOUD SOLUTION Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

Logical Access Use Cases ONE BADGE FOR CONVERGED PHYSICAL AND IT ACCESS Corporate ID badge for physical and logical access EMAIL & DOCUMENT DIGITAL SIGNATURE AND ENCRYPTION Certify origin & non-tampering of emails & docs and eliminate SPAM PROTECT AND ENCRYPT DATA (EMAIL, LAPTOPS, USBS ) Reduce data loss risk when devices are stolen / hacked FRICTIONLESS AUTHENTICATION Enable endpoint access with additional security when speed and ease are critical WORKSTATION LOGON Logon to laptop/desktop and Windows domain / replacing password by trusted credential CLOUD APPLICATIONS LOGON Single Sign-On to cloud applications POS / TIME + ATTENDANCE Leverage contactless card to clock in/out and pay at the cafeteria VPN / WiFi ACCESS Secure connection to Wireless network and Virtual Private Network SECURE PRINT Follow me printing where collection of the print job requires authentication at the Multifunction Printer 2

Challenges IT Faces with Current Approach Technology exists but products are deployed as silos, not solutions Costly & Complex PKI systems and Credential management systems require tough-to-find expertise IT Teams are faced with increasing technology challenges and constrained budgets IT Role is evolving to managing risks, resources and access 3

Axiad ID Cloud: Trust Identities from Employees, Contractors, Partners and Customers. Trust Your Infrastructure to Enable and Grow Your Business.

Delivering Trusted Identities Through the Cloud Fully-hosted service: deployed, managed and operated by Axiad IDS Modular identity solutions platform Cost-effectively implement and manage a mix of user credentials Major Benefits Removes complexity Reduces risk Easily deployed, maintained and managed Extra layer of security with Virtual Private Cloud Lowers upfront investment Operational in days vs months POWERED BY PROVEN PRODUCTS 5

Axiad ID Cloud Options: TRUSTED USER: PKI IDENTITY TRUSTED USER: FLEXIBLE AUTHENTICATION TRUSTED INFRASTRUCTURE Consolidated Reporting & Analytics for all devices, identities, credentials Supported Standards: LDAPv3, HTTS, SSL/TLS, x509, RADIUS, Syslog, FIPS-201 Supported Systems include: Windows 7, 8, 10 & 2008 and up Servers, Mac OS, ios, Android Helps complying with: PCI-DSS, HIPAA, FFIEC, SP 800-53, SP 800-171 Dedicated Virtual Private Cloud 99.9% Availability 24/7 Monitoring 8x5 Level 2 Support Reporting & Analytics On-line Dashboards 6

Axiad ID Cloud Trusted User PKI Identity Service Provides PKI/smart card and mobile device based high assurance digital identities

PKI Identity Service: What Does It Address? Do you know who is accessing your systems? Are you using passwords to login to your corporate machine and domain? How much is spent in password reset calls? What would the impact be on your business if a password was compromised? How important is user experience for your mobile users? 8

Features USE CASES 1. Strong authentication Smart Card Logon to Workstation & Domain Web SSL Client Authentication, x.509 enabled applications 2. Secure e-mail on Desktop and Mobile Devices Signature and Encryption 3. Enables Document Signature and Encryption ADMINISTRATION CAPABILITIES 1. Certificate and smart card life cycle management Issuance, Revocation, Suspend/Resume, Key Escrow/Recovery 2. Helpdesk and Self Service Portal 3. Mobile device enablement Provisioning for VPN, Exchange and WiFi over-the-air (SCEP) 9

Features AUDITING AND REPORTING Top active operators and end-users Activation, Revocation, and Expiration Number of permanent/ temporary cards issued Card inventory status (available, issued, revoked) OPTIONS Publically Trusted Certificates (WebTrust) Federal Bridge / EPCS Certificates Smart card printing options: Local or Service Bureau Integration with Physical Access System (PACS) 10

Axiad ID Cloud Trusted User Flexible Authentication Provides one-time password (OTP) based authenticators, lifecycle management, and authentication

Features AUTHENTICATION DEVICES Hardware tokens with support for HOTP/TOTP Mobile tokens Google Authenticator Email-token AUTHENTICATION Authentication via a REST API and SAML Optional: Plugins available for 3 rd party applications Yubikey in all modes: OATH HOTP, Challenge Response, Yubico AES 12

Features MANAGEMENT Manage tokens life cycle: Assign/Enroll Suspend/Revoke PIN management (Set/Reset/Unlock) Lost / Stolen token emergency access SELF-SERVICE WEB PORTAL Enroll new tokens via QR- Code (Google Authenticator), seed file or via serial number of the token PIN management (Set/Reset/Unlock) View the audit log 13

Axiad ID Cloud Trusted Infrastructure Provides digital identities for IT systems

What Does It Address? How many PKI credentials are currently deployed on key systems in your enterprise? Who authorized the issuance? Are they still valid? How fast can you replace them if they are compromised? How many people know where credentials are deployed and how to manage them? 15

Features CAPABILITIES Protect your corporate systems by issuing x-509 certificates to systems and devices Workstations, domain controllers, and databases AUDITING & REPORTING Top active operators Number of active, revoked, and recovered certificates SSL web servers, firewalls, routers, network equipment and other x.509 enabled infrastructure components 16

Features ADMINISTRATION Certificate life cycle management: Automated enrollment, renewal, recovery and cancellation, and batch enrollment (SCEP) of non-person-entities PKI certificates and keys Flexible business process workflows: Self-service portal for certificate and key pair recovery Approval and notification workflow Self-enrollment portal for certificate signing request and certificate retrieval 17

Axiad ID Cloud Trusted Infrastructure MOST COMMON USE CASES SSL certificates for web servers: As of 11/2015 Public certificates will no longer be issued for private servers (CABForum) Secure WiFi with PKI certificates: Ensure that only authorized machines connect to WiFi Secure access to your physical LAN (802.1x) Ensure that only authorized machines connect to your physical LAN Certificates for network equipment 18

Axiad ID Cloud Security Overview

VPC A Secure Extension of Your Corporate Network SECURE AND COMPLIANT HOSTING ON AMAZON WEB SERVICES NO CO-MINGLING OF DATA! Customer 1 VPC Customer 1 VPN Customer 3 AXIAD OPERATIONS Dedicated FIPS 140-2 Level 2 Hardware Security Module key generation and storage 99.9% Availability SLA Highly secure SP800-53 Moderate Impact Security Program Compliant SOC2 compliant* *in process AWS VPC Customer 2 VPC Customer 3 VPN VPN Granular Authorization, Audit trail of Admin accesses (user, time, location) Exclusively accessed with 2-factor authentication NIST CyberSecurity Framework / SP 800-53 / SOC2 https://aws.amazon.com/security/ Customer 2 20

Axiad ID Cloud: Secure and Simple IAM Gartner 2014 By year-end 2017, about 50% of organizations will choose cloud-based services as the delivery option for new or refreshed user authentication implementations, up from about 20% today. https://www.youtube.com/watch?v=rei30obkabc http://media.amazonwebservices.com/pdf/aws_security_whitepaper.pdf 21

Overview of Authentication options

Comparison Table: Overview SOLVES Password OTP SW Token OTP HW Token Software Certificate Axiad ID Cloud Security Strength Functionality & Flexibility Usability Complexity Cost Fulfillment scale None All 23

Comparison Table: Use Cases USABILITY Password OTP SW Token OTP HW Token Software Certificate Axiad ID Cloud Corporate Badge & Physical Access VPN Authentication (Network) Online Workstation / Domain Login Offline Workstation Login Require Client Software for Login Screen Lock Enforcement Citrix / VDI / RDP Authentication Disk & File Encryption Key Storage Email Encryption Email Signing Other (Code signing, Form signing, etc.) Authentication (Web application) Authentication (Desktop application) Fulfillment scale None All 24

Comparison Table: Administration CORE CONSIDERATIONS Password OTP SW Token OTP HW Token Software Certificate Axiad ID Cloud Decrease Helpdesk calls Reusable for varying initiatives Open standards Authentication replay Credential strength & resistance Defense from social engineering Interoperability Credential revocation Fulfillment scale None All 25

Axiad ID Cloud Summary Options TRUSTED USER: PKI IDENTITY PKI/Smart Card + Mobile Device based high assurance digital identities TRUSTED USER: FLEXIBLE AUTHENTICATION One-time password (OTP) based authenticators lifecycle management and authentication TRUSTED INFRASTRUCTURE Digital identities for IT systems Model: User/Year Model: User/Year Model: Identity/Year Workstation, PKI logon (Windows & Mac) VPN, WiFi, Web authentication Email signing and encryption Key history recovery Card and credential lifecycle management Support for a wide range of authentication devices Support for a wide range of authentication methods Device life cycle management Simplified management and self service FIPS 140-2 Level 2 HSM key storage & generation Dashboards & Analytics Workstations, domain controllers, SSL, web servers Network equipment Scalable deployment (including SCEP) Credential lifecycle management Options: FIPS 140-2 Level 2 Smart Cards PACS options (PROX, iclass, SEOS) Card printing Mobile Device Management integration Public Secure email (WebTrust / Federal Bridge) EPCS Certificates 26

QUESTIONS? 27

For more information: Bassam Al-Khalidi sales@axiadids.com +1(650) 426-8653 AXIAD IDS CLOUD SOLUTION 28

www.axiadids.com 29

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback