DIGIPASS Authentication for Windows Logon - Vasco
05.02.2013 Views
Share Embed Flag

DIGIPASS Authentication for Windows Logon - Vasco

DIGIPASS Authentication for Windows Logon - Vasco

DIGIPASS Authentication for Windows Logon - Vasco

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
vasco.com

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

<strong>DIGIPASS</strong> <strong>Authentication</strong> <strong>for</strong> <strong>Windows</strong> <strong>Logon</strong><br />

<strong>DIGIPASS</strong> <strong>Authentication</strong> <strong>for</strong> <strong>Windows</strong> <strong>Logon</strong>, an extension to IDENTIKEY Server 3.1., is a<br />

cost-effective solution <strong>for</strong> enterprises wanting to protect their <strong>Windows</strong> PCs connected to the<br />

corporate network against unauthorised access.<br />

The traditional use of static passwords <strong>for</strong> logon is<br />

considered very unsafe. Not only <strong>for</strong> remote access over the<br />

Internet, but also <strong>for</strong> the local connection to the corporate<br />

network in the office. By replacing static passwords with<br />

VASCO’s strong authentication, companies can uplift their<br />

level of security.<br />

<strong>DIGIPASS</strong> ® <strong>Authentication</strong> <strong>for</strong> <strong>Windows</strong> <strong>Logon</strong> offers<br />

companies of all size a cost-effective way of protecting<br />

their <strong>Windows</strong> PCs - connected to the corporate network<br />

- against unauthorised access. Even when laptops are not<br />

connected to the LAN, they remain secure, increasing the<br />

security of stored data in case they go missing or get stolen.<br />

‘<strong>DIGIPASS</strong> <strong>Authentication</strong> <strong>for</strong> <strong>Windows</strong> <strong>Logon</strong>’ is an<br />

extension to IDENTIKEY ® Server 3.1. It allows users to logon<br />

to their <strong>Windows</strong> desktop on the network via a <strong>DIGIPASS</strong>generated<br />

one-time password (OTP).<br />

HOW DOES IT WORK?<br />

‘<strong>DIGIPASS</strong> <strong>Authentication</strong> <strong>for</strong> <strong>Windows</strong> <strong>Logon</strong>’ is installed<br />

as a small software module on the end-user’s <strong>Windows</strong><br />

environment. It can be installed on desktop PCs and<br />

laptops that are connected to the corporate network. As<br />

soon as ‘<strong>DIGIPASS</strong> <strong>Authentication</strong> <strong>for</strong> <strong>Windows</strong> <strong>Logon</strong>’ is<br />

setup, it replaces the original login window by a version<br />

that will send the login credentials to IDENTIKEY Server <strong>for</strong><br />

verification. When the authentication request is positively<br />

validated, the original static password is sent back to the<br />

desktop and used <strong>for</strong> domain login.<br />

IDENTIKEY<br />

SECURE IN CONNECTED AND UNCONNECTED MODE<br />

When laptops are used outside the corporate network,<br />

<strong>for</strong> instance on the road or at home, the log-on module<br />

will work in unconnected mode, allowing the same strong<br />

authentication functionality as in connected mode. This<br />

prevents unauthorised access even when these laptops<br />

are unsupervised or stolen.<br />

If the computer works in unconnected mode, the login<br />

credentials are validated against a local database of<br />

one-time passwords. These OTPs are generated when<br />

the PC is working in connected mode, and they are<br />

securely encrypted and stored. With thousands of OTPs<br />

generated upfront, the user can work <strong>for</strong> several weeks in<br />

unconnected mode.<br />

AUTOMATIC DETECTION OF AUTHENTICATION SERVER<br />

Behind-the-scene mechanisms have been implemented to<br />

ensure that the correct IDENTIKEY Server is detected on<br />

the network when a user reconnects and that the static<br />

password in the IDENTIKEY database is always up-to-date.<br />

The communication between the desktop logon module<br />

and IDENTIKEY is done over a security certificate-based<br />

SSL connection.<br />

The world’s leading software company specializing in Internet Security

www.vasco.com<br />

COMPLIANCE<br />

IDENTIKEY Server supports the randomization of the user’s<br />

Active Directory static password as part of the authentication<br />

process. This is an often requested feature in environments<br />

where regulations and compliance are crucial. It addresses<br />

the need of complex, unguessable and unhackable static<br />

passwords and prevents any circumvention of the security<br />

system by users such as disabling, uninstalling or bypassing<br />

the <strong>DIGIPASS</strong> <strong>Authentication</strong> <strong>for</strong> <strong>Windows</strong> <strong>Logon</strong> module.<br />

FEATURES<br />

Based on VASCO’s proven strong authentication<br />

technology, the <strong>Windows</strong> <strong>Logon</strong> module offers many<br />

benefits in real business situations, such as:<br />

• Microsoft <strong>Windows</strong> <strong>Logon</strong> with <strong>DIGIPASS</strong> strong user<br />

authentication<br />

• Seamless integration into an existing Microsoft Active<br />

Directory environment<br />

• Supports connected and unconnected mode (<strong>for</strong> up to<br />

30 days - configurable)<br />

• Supports login to desktop, laptop, server, terminal<br />

Server 2003/2008<br />

• Works with VASCO’s Password Synchronisation Module<br />

to keep static passwords up-to-date<br />

• Supports automatic IDENTIKEY discovery on the network<br />

through DNS lookup<br />

• SSL (Certificate) based secure communication<br />

• Requires static password randomization enabled <strong>for</strong><br />

optimized security<br />

• Offered as part of IDENTIKEY Server Enterprise Edition<br />

About VASCO<br />

SUPPORT FOR SECURE ADMINISTRATOR LOGON<br />

IDENTIKEY<br />

<strong>DIGIPASS</strong> <strong>Authentication</strong> <strong>for</strong> <strong>Windows</strong> <strong>Logon</strong> also supports<br />

the protection of administrators’ login on <strong>Windows</strong> Server<br />

login, as well as <strong>for</strong> Terminal Server 2003/2008 login by<br />

using <strong>DIGIPASS</strong> on the standard RDP client.<br />

SUPPORTED ENVIRONMENTS<br />

Operational Modes:<br />

• Connected to the corporate network<br />

• Unconnected <strong>for</strong> up to 30 days (configurable parameter)<br />

Desktop OS:<br />

• <strong>Windows</strong> XP (SP3+) (32 bits & 64 bits)<br />

• <strong>Windows</strong> Vista (SP1+) (32 bits & 64 bits)<br />

• <strong>Windows</strong> 7 (32 bits & 64 bits)<br />

Server OS:<br />

• <strong>Windows</strong> Server 2003 (R2, SP2+) (32 bits & 64 bits)<br />

• <strong>Windows</strong> Server 2008 (R2, SP2+) (32 bits & 64 bits)<br />

• Terminal Server 2003, 2008<br />

<strong>DIGIPASS</strong>:<br />

• All models, 1 per user, Time Based or Event Based,<br />

Response-Only<br />

• User License through <strong>DIGIPASS</strong> DPX file<br />

VASCO Designs, develops, markets and supports patented <strong>DIGIPASS</strong> ® , <strong>DIGIPASS</strong> PLUS ® , VACMAN ® , IDENTIKEY ® and aXs GUARD ® authentication products <strong>for</strong> the<br />

financial world, remote access, e-business and e-commerce. With tens of millions of products sold, VASCO has established itself as the world leader in Strong User<br />

<strong>Authentication</strong> <strong>for</strong> e-Banking and Enterprise Security <strong>for</strong> blue-chip corporations and governments worldwide.<br />

www.VASCO.com<br />

B R U S S E L S ( E u r ope)<br />

p h o n e : + 3 2 . 2 . 6 0 9 . 9 7 . 0 0<br />

e m a i l : i n f o - e u r o p e @ VA S C O . c o m<br />

B O S T O N ( N orth America)<br />

p h o n e : + 1 . 5 08.366.3400<br />

e m a i l : i n f o - usa@VASCO.com<br />

SYDNEY (Pacific)<br />

phone: +61.2.8061.3700<br />

email: info-australia@VASCO.com<br />

VACMAN ® , IDENTIKEY ® , aXs GUARD ® , and <strong>DIGIPASS</strong> ® are registered trademarks of VASCO Data Security. All trademarks or trade names are the<br />

property of their respective owners. VASCO reserves the right to make changes to specifications at any time and without notice. The in<strong>for</strong>mation<br />

furnished by VASCO in this document is believed to be accurate and reliable. However, VASCO may not be held liable <strong>for</strong> its use, nor <strong>for</strong><br />

infringement of patents or other rights of third parties resulting from its use. © 2009 VASCO. All rights reserved.<br />

SINGAPORE (Asia)<br />

phone: +65.6323.0906<br />

email: info-asia@VA S C O . c o m<br />

www.vasco.com

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!