DATA SHEET. VANGUARD ez/tokentm KEY FEATURES:

Similar documents
DATA SHEET. ez/piv CARD KEY FEATURES:

SOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:

VANGUARD WHITE PAPER VANGUARD GOVERNMENT INDUSTRY WHITEPAPER

Analyzer runs thousands of integrity checks for both RACF and z/os Security Server.

DATA SHEET VANGUARD AUTHENTICATORTM KEY FEATURES:

DATA SHEET VANGUARD CONFIGURATION MANAGER TM KEY FEATURES: VANGUARD TAKES THE TARGET OFF YOUR

VANGUARD POLICY MANAGERTM

POLICY MANAGER VANGUARD POLICY MANAGER (AUDIT/COMPLIANCE)

WHITE PAPERS. INSURANCE INDUSTRY (White Paper)

VANGUARD WHITE PAPER VANGUARD INSURANCE INDUSTRY WHITEPAPER

VANGUARD INTEGRITY PROFESSIONALS Page 1

PROFESSIONAL SERVICES (Solution Brief)

VANGUARD Policy Manager TM

Insurance Industry - PCI DSS

Vanguard Integrity Professionals ez/token

Removing ID. The Solution: The Issue: The Problem:

NOTE: This process is not to be used for Grouping/ Member Classes. Those will be covered in another White Paper.

EBOOK 4 TIPS FOR STRENGTHENING THE SECURITY OF YOUR VPN ACCESS

IBM Multi-Factor Authentication for z/os A Product Review and Update

Is Your z/os System Secure?

FIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication

Vanguard Advisor TM Your Way: Enhanced Masking, Report Formatting and Exception Criteria. Presented by Vanguard Integrity Professionals

The Old is New Again Engineering Security in the Age of Data Access from Anywhere

THE ROLE OF ADVANCED AUTHENTICATION IN CYBERSECURITY FOR CREDIT UNIONS AND BANKS

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

Dissecting NIST Digital Identity Guidelines

Minfy-Vara Migration Use Case

IBM Secure Proxy. Advanced edge security for your multienterprise. Secure your network at the edge. Highlights

John Petreshock IBM Poughkeepsie - z Systems Security Offering Manager

<Partner Name> <Partner Product> RSA SECURID ACCESS. VMware Horizon View 7.2 Clients. Standard Agent Client Implementation Guide

Splunking Your z/os Mainframe Introducing Syncsort Ironstream

IBM Multi-Factor Authentication in a Linux on IBM Z environment - Example with z/os MFA infrastructure

RSA Solution Brief. Providing Secure Access to Corporate Resources from BlackBerry. Devices. Leveraging Two-factor Authentication. RSA Solution Brief

No More Excuses: Feds Need to Lead with Strong Authentication!

To Audit Your IAM Program

DigitalPersona Altus. Solution Guide

SECURING CORPORATE ASSETS WITH TWO FACTOR AUTHENTICATION

Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)

Secure Government Computing Initiatives & SecureZIP

IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO

Password-less Strong Authentication

Cryptologic and Cyber Systems Division

Login Procedures. Access Treasury Gateway by entering the site address in your web browser navigation box:

Top Reasons To Audit An IAM Program. Bryan Cook Focal Point Data Risk

Vanguard Configuration Manager Customization and Use

Paystar Remittance Suite Tokenless Two-Factor Authentication

RSA SecurID Implementation

Minfy MS Workloads Use Case

Security Update PCI Compliance

Next Generation Authentication

SailPoint IdentityIQ 6.4

Teradata and Protegrity High-Value Protection for High-Value Data

Modern two-factor authentication: Easy. Affordable. Secure.

Yubico with Centrify for Mac - Deployment Guide

Jordan Levesque Making sure your business is PCI compliant

Pro s and con s Why pins # s, passwords, smart cards and tokens fail

Jim McNeill. Vanguard Professional Services VSS10 & VSS13

6 Vulnerabilities of the Retail Payment Ecosystem

Spiros Angelopoulos Principal Solutions Architect ForgeRock. Debi Mohanty Senior Manager Deloitte & Touche LLP

Combating Cyber Risk in the Supply Chain

Adaptive Authentication Adapter for Citrix XenApp. Adaptive Authentication in Citrix XenApp Environments. Solution Brief

Minfy MS Workloads Use Case

How Vanguard Solves. Your PCI DSS Challenges. Title. Sub-title. Peter Roberts Sr. Consultant 5/27/2016 1

Vidder PrecisionAccess

See the ID Rules Before Us: FAL IAL AAL eh? Aaaagh!!! How, How, How, How?

<Partner Name> RSA SECURID ACCESS Standard Agent Implementation Guide. WALLIX WAB Suite 5.0. <Partner Product>

RSA DISTRIBUTED CREDENTIAL PROTECTION

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

FIDO AS REGTECH ADDRESSING GOVERNMENT REQUIREMENTS. Jeremy Grant. Managing Director, Technology Business Strategy Venable LLP

Smart Cards and Authentication. Jose Diaz Director, Technical and Strategic Business Development Thales Information Systems Security

Adaptive Authentication Adapter for Juniper SSL VPNs. Adaptive Authentication in Juniper SSL VPN Environments. Solution Brief

White Paper. The North American Electric Reliability Corporation Standards for Critical Infrastructure Protection

Securing Your Most Sensitive Data

Azure Multi-Factor Authentication: Who do you think you are?

Developing Legacy Platform Security. Philip Young, Information Security Specialist, Visa, Inc. Professional Techniques T21

Rocket Software Strong Authentication Expert

Vanguard ez/signon Client Installation and User Guide

Secure single sign-on for cloud applications

RSA Ready Implementation Guide for

Evolution Of Cyber Threats & Defense Approaches

DFARS Requirements for Defense Contractors Must Be Satisfied by DECEMBER 31, 2017

RSA Authentication Manager 7.1 Help Desk Administrator s Guide

THE SECURITY LEADER S GUIDE TO SSO

The CISO s Guide to Deploying True Password-less Security. by Bojan Simic and Ed Amoroso

The Role of PNT in Cybersecurity Location-based Authentication

Keep the Door Open for Users and Closed to Hackers

SOFTEL Communications Password Reset and Identity Management Suite

SxS Authentication solution. - SXS

ADAPTIVE AUTHENTICATION ADAPTER FOR IBM TIVOLI. Adaptive Authentication in IBM Tivoli Environments. Solution Brief

Meeting FFIEC Meeting Regulations for Online and Mobile Banking

<Partner Name> <Partner Product> RSA SECURID ACCESS. Pulse Secure Connect Secure 8.3. Standard Agent Client Implementation Guide

IBM Multi-Factor Authentication on z/os. Jan Tits IBM systems

Defender 5: The Right Way to Prove, Identify and Establish Trust

Multi-Factor Authentication: Security or Snake Oil? Steven Myers Rachna Dhamija Jeffrey Friedberg

PROVE IT! Matt and Dan, Dan and Matt, Those Fookers!

Cisco Systems, Inc. IOS Router

Performing a z/os Vulnerability Assessment. Part 2 - Data Analysis. Presented by Vanguard Integrity Professionals

The US Contact Center Decision-Makers Guide Contact Center Performance. sponsored by

AUTHENTICATION. Do You Know Who You're Dealing With? How Authentication Affects Prevention, Detection, and Response

Merchant Toolkit. Multi-Factor Authentication

Transcription:

VANGUARD ez/tokentm VANGUARD ez/token is a multi-factor authentication solution that allows users to authenticate through common token technologies including but not limited to RSA SecurID, YUBiKEY, OAUTH tokens, SafeSign or ActivIdentity tokens to the z/os Security Server or any other application currently using RACF authentication. ez/token leverages your current investment in your existing multifactor authentication. KEY FEATURES: Validates user logon to the Mainframe using external authentication authorities. Supports multiple token technologies such as RSA, SafeSign, OAUTH and YUBiKEY. Provides selective inclusion or exclusion of multifactor authentication at both an application and user level. Allows for easy user ID to distributed identity mapping providing a one-to-one or one-to-many relationship. Page 1

WHAT IS MULTIFACTOR AUTHENTICATION? Multifactor authentication is a system for identifying and granting access to a computing resource that utilizes two or more independent credentials. They might be something the user knows (like a password), something the user has (a security token) or perhaps something physically unique to the user (biometric verification). The goal of Multifactor Authentication (MFA) is to create a layered defense and make it more difficult for an unauthorized person to access a target resource. If one factor is compromised or broken, a hacker still has at least one more barrier to breach before successfully breaking into the target. DATA BREACHES AND WHY MFA IS A SECURITY BEST PRACTICE Becoming headline news for a data breach has caused more than one CEO/CISO to wake up in the middle of the night in a cold sweat. It's not an unfounded fear. The outbreak of recent high-profile corporate breaches has been a wake-up call for executives. CEOs and CISOs are now tasked with overseeing the elements that contribute to their organization s success in today's high-risk world, and that includes taking an active role in the company s data and infrastructure security strategy. Failing to do so often involves fines and visits from regulators, a loss of reputation and revenue, angry customers fleeing to rivals, not to mention in some instances, executives losing their own positions. Weak or stolen user credentials remain the primary entry point for hackers, which is why authentication must be included in the overall security plan. Multi-factor authentication (MFA) is the best-practice approach to help keep user data secure and keep your company out of the headlines. VANGUARD S ez/token TWO FACTOR AUTHENTICATION SOLUTION VANGUARD ez/token is a two-factor authentication solution that allow users to authenticate through either RSA SecurID, SafeSign, ActivIdentity and other tokens to the z/os Security Server or any other application currently using RACF authentication. The ez/token solution provides a more secure alternative than the usual RACF user ID/password combination. With ez/token, users substitute a new, one-time passcode in place of or in addition to their password. Page 2

VANGUARD ez/token KEY CAPABILITIES There are basically two types of authentication methods used by EZ/Token. Authentications that go through a windows server (RSA Token / Active ID) and Authentications that go directly through the LINOTP server. 1. RSA Token (SECUREID) or ActiveID (SAFESIGN) agents and Tokens are handled very similarly and their features below are grouped together. ActiveID has two different servers and both are supported (the 4tress and ActiveID AAA Server are both supported and selectable during installation) 2. LINOTP (LINOTP) agents and any token supported by LINOTP are handled separately and it s features below have been separated Authenticate through either an RSA, SafeSign or ActivIdentity token to log on to the Mainframe via TSO, CICS, IMS, or any other application using RACF authentication. Perform New PIN and Next Token Code operations through a Web interface. Authenticate with ez/token The ez/token authentication exit authenticates users logging on to the z/os Security Server or any other application that uses RACF security, through either an ActivIdentity, RSA SecurID tokens or LINOTP. Page 3

VANGUARD ez/token COMPONENTS Security on Demand Host Server The Security on Demand host server (VIPMAIN) runs as a started task on an IBM mainframe server. The Security on Demand host server is integrated with the Vanguard Security Solutions product installation. RSA, ACTIVE ID or SCURE ID (only) VANGUARD ez/token Agent Daemon The ez/token Agent Daemon provides remote clients, such as the ez/token Website and ez/ TOKEN Authentication Exit, the ability to authenticate either an RSA, SafeSign, or ActivIdentity tokens change PINs and get the Next Token Code by redirecting requests from these remote clients to the token server via an API. VANGUARD ez/token Mainframe Authentication Exit The ez/token Mainframe authentication exit selectively redirects certain RACF users to authenticate using RSA, ActivIdentity or SafeSign two-factor tokens instead of a RACF password. This exit talks to the ez/token Agent Daemon. VANGUARD ez/token Website The ez/token Website communicates with the ez/token Agent Daemon to allow users to perform New PIN and Next Token Code operations. The ez/token authentication exit on the mainframe does not have the capability to provide these interfaces therefore the website provides these functions. Page 4

KEY DIFFERENTIATORS A) With ez/token, users substitute a new, one-time passcode in place of a password. Passcodes are generated randomly every 60 seconds. For enhanced security, the passcode can be combined with a pin number. The ez/ Token solution provides a more secure alternative than the usual RACF user id/ password combination. B) Authenticate to the Mainframe through multiple token technologies like: ActivIdentity, RSA SecurID, YUBiKEY or OAUTH Tokens via TSO, CICS, IMS or any other application that utilizes z/os Security Server authentication. C) Selectively include or exclude applications from Multifactor Authentication. D) Easy User Management, users can be migrated to Multifactor Authentication individually or by groups. Page 4

WHY VANGUARD FOR YOUR z/os MULTIFACTOR AUTHENTICATION NEEDS? Almost half of the Fortune 1000 companies in the world spanning banking, retail, insurance as well as numerous government agencies trust Vanguard for their IAM needs. ABOUT VANGUARD SECURITY SOLUTIONS Vanguard offers one of the most advanced and integrated portfolios of enterprise security products and services in the world. The portfolio was the first to offer a fully automated baseline configuration scanner for mainframe DISA STIGs the Gold Standard for Security. FOR MORE INFORMATION To learn more about Vanguard Security Solutions, please contact Vanguard Integrity Professionals at (702) 794. 0014 or visit www.go2vanguard.com The World s largest Financial, Insurance, Government Agencies and Retailers entrust their Security to Vanguard Integrity Professionals. Corporate Headquarters Vanguard Integrity Professionals 6625 S. Eastern Avenue Suite 100 Las Vegas, NV 89119-3930 Telephone: 702.794.0014 Fax: 702.794.0023 Page 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback