Access control methods
|
Access privileges can be
changed based on:
-
Authentication Method
- User
Group Membership
- IP
Address of Incoming Client
- Client
Devices
- User
Storage
-
Assessment
-
Abolishment
|
Integrated StoneGate
authentication methods
Integration to:
|
Mobile Text : One-time
password (OTP) distributed via
SMS
Web: Java applet or
ActiveX component is launched
prompting the password
Password is hashed and
encrypted before it is
returned
Challenge: Response is
generated with Mobile ID
software using PIN
OTP: Seed + PIN + Challeng
Synchronized: Response
is generated with Mobile ID
software using PIN
OTP synchronized between the
client and server
Password: Static
password authentication
- SafeWorld
- SecurID
- LDAP
- Active
Directory
- User
Certificate
- NTLM
- Basic
- General
RADIUS
- Extended
User Bind
- Form
Based Authentication
- Windows
Integrated Login
- BankID
- BankID
Signer
|
Supports
identity federation based on
SAML 2.0 and ADFS
|
|
Encryption
|
TLS v 1.0, SSL
v 2.0, SSL v 3.0
AES-128, AES-256, DES, 3DES,
RC2-128, RC4-128 |
Applications
Preconfigured applications
|
All web
applications
Virtually all IP (TCP/UDP)
based client-server
applications
-
Dynamically and
automatically downloaded
Access Client
- Access
Client delivery via Java
or ActiveX
- Outlook
Web Access 2000
- Outlook
Web Access 2003
- Domino
Web Access 6.5
- Citrix
MetaFrame Presentation
Server
- Terminal
Server 2003
- Terminal
Server 2000
- MS
Outlook Client 2000/2003
- File
Sharing
- Access to
Home Directory
|
|
Management
|
- Wizard
driven Web console for all
the administrating tasks
- Delegated
management
- Shift
administration rights from
one organizational
level/department to a
lower one
-
Multi-domain support
- Domain
customization for user
portal with central
administration
- Real-time
alerts
-
Threshold based triggers
and alerts for proactive
awareness through e-Mail
and SMS
|
|
Reliability and
Scalability |
- Load
sharing with StoneGate
Server Load Balancing
-
Fault-tolerant sessions and
disaster recovery with
mirrored access points
|
Remote Device
|
|
Using
applications providing a web
interface |
Any web
enabled devise
|
Using applications without
web interface
|
Automatically
downloads a client suitable
for Windows, Mac and Linux OS
|
|
|
|
|
|
|
System
requirements for access
client |
Operating
system
Microsoft Windows 2000
Professional (SP4)
Microsoft Windows XP Home
Edition (SP1, SP2)
Microsoft Windows XP
Professional (SP1, SP2)
Microsoft Windows 2000 Server
(SP4)
Microsoft Windows 2003 Server
(SP1)
Microsoft
Windows Vista
Apple Mac OS X 10.3.9
Apple Mac OS X 10.4.7
Red Hat Enterprise Linux 3.0 |
Web Browser
Microsoft Internet Explorer
5.5
Microsoft Internet Explorer
6.0
Microsoft Internet Explorer
7.0
Mozilla Firefox 1.5
Mozilla Firefox 2.0
Safari 1.3.2 (Mac OS X 10.3.9)
Safari 2.0.4 (Mac OS X
10.4.7)Mozilla Firefox 1.5
Mozilla Firefox 2.0
Mozilla Firefox 1.5
Mozilla Firefox 2.0
|
|
Client Device
Security Assessment
|
Personal
firewall functionality during
the session
Client Integrity Scan for
- File
information
- Registry
information
- Process
information
- Windows
user information
- Windows
domain information
- Network
interface information
- UDP port
information
- TCP port
information
|
|
Session trace
removal |
- Web
browser cache removal
- Web
browser history removal
- Web
browser cookie removal
- Removal
of downloaded files
|
|
Secure
ActiveSync |
Secure up-dates
for e-mail and calendar in
Microsoft Exchange environment
|
