Embed Size (px)
DESCRIPTION
CRYPTOCARD’s Authentication Protects Everything:Cloud & web apps: Cloud and web applications are protected via the use of the industry standard SAML, by using one of CRYPTOCARD’s authentication APIs, or by the use of CRYPTOCARD’s web agents. Alternatively there are many plug-ins available for web servers that allow interaction via the industry standard RADIUS protocol.Network access devices: Network access devices such as VPNs and firewalls normally communicate with BLACKSHIELD using the industry standard RADIUS protocol. This includes most devices from Cisco, Checkpoint, Juniper, Sonicwall, Fortinet and Watchguard for example, as well as Microsoft’s firewall and VPN offerings. Some devices such as older versions of Citrix Gateways that do not support RADIUS fully can be protected by installing a CRYPTOCARD agent on the device. Configuration can be completed in a matter of minutes, after which BLACKSHIELD protected users can authenticate.Windows & Unix: Unix systems and applications that support PAM can also authenticate against BLACKSHIELD. Any application that is “PAM aware” can use PAM’s support for RADIUS to authenticate against BLACKSHIELD.Use of a CRYPTOCARD agent protects Microsoft Windows desktops, domains, remote desktop services and terminal servers. The agent can also allow offline authentication, for example for use with laptops where they are not connected to the corporate network.RADIUS: If you are using RADIUS for communication between a protected device or application and BLACKSHIELD it is necessary to install a CRYPTOCARD agent on your RADIUS server.More info: [email protected]
Citation preview
Next Generation Authentication
©CRYPTOCARD 2011 12
CRYPTOCARD vision
• Easy authentication for any organisation, anywhere.
•Reduce administration time by 90% so that authentication is truly “managed by exception”
• Commoditised authentication – Cryptocard is doing for authentication what MessageLabs did for email scanning
• Innovation in mobile and tokenless solutions, cloud based and server based authentication and automation
Why choose CRYPTOCARD
Leader in Authentication
• We protect The Cloud, Apps and Networks
• Trusted globally by thousands of customers
• We invented cloud based authentication
• Multi‐award winning Technology
• Proven savings of >50%
• Flexible and scalable technologies
Credentials
Over 20 years leading the market
World’s first Mac authentication
solution introduced
Best of Show
MacWorld
Companyfounded
Linux version introduced
KT‐1Key chain
introduced
444
2FA as managedservice – an industry
first
InnovativeProduct of 2008
Leading server solutionBlackShield IDintroduced
Widest range of token and
tokenless solutions
NASA ‐ our first major customer
The solution
Introducing CRYPTOCARD two‐factor authentication (2FA)...
Combining• something you have: an authentication device• with something you know: a PIN• to give a One Time Password
What is a One Time Password (OTP)?
• a password that is only valid for that one login• thereafter, a new OTP must be generated at the next login• hence making all password‐stealing hacking methods redundant
CRYPTOCARD protects... everything
CorporateNetwork
LDAP / Active Directory
CorporateNetwork
LDAP / Active Directory
CorporateNetwork
LDAP / Active Directory
CorporateNetwork
LDAP / Active Directory
On‐line storage
Application Hosting
DisasterRecovery
Cloud Services
Users
My BLACKSHIELDIdentity Manager
Cloud Applications RADIUSSAML 2.0
Agents
API
SAML 1.1
2FA software‐as‐a‐Service
• world’s first authentication‐as‐a‐service offering
• benefits of SaaS
• 99.999% SLA
• pay per user pricing
• ready to go in minutes
• no upfront infrastructure requirement or ongoing infrastructure costs
• easy‐to‐use management portal provides automated management, provisioning and reporting
2FA on‐premise
• automation of provisioning, administration and managing of users and tokens
• drastic reduction in cost of authentication
• recommended architectures deliver a highly available, high performance, scalable service
• can be configured in a huge range of high availability, high performance architectures as required, without requiring high specification hardware and software
• whether migrating from static passwords or alternative solutions is a risk‐free and trouble‐free process
BLACKSHIELD key features
Automation:
– Provisioning– Enrollment– Reporting– Billing
LDAP Changes
Auto Update BLACKSHIELD
Auto‐Provision User
Self‐Enrollment
Reporting and Alerts
Widest choice
• convenient, inexpensive, reliable and never expire
• BLACKSHIELD platform supports 3rd party tokens
•mix and match tokens as you require
• customisable length and complexity of both the passcode generated by the token and the user’s PIN
A cloud story
Key benefitsWho they are• Based in London, UK• Private and corporate money exchange• Over 600 employees around the world
What they have• Secured web and telephone access by
corporate customers• RB-1 tokens
What problem they solved• Secure access for monetary transfers
• Freedom of access• Highest levels of security• Speed and ease of install• Low total cost of ownership
– Outsourced overheads– No upfront investments
A server story
Key benefitsWho they are• Manufacturers of home care products,
with brands such as Kleenex• 57,000 employees around the world
What they have• Secured VPN access for remote/mobile
users• KT and software tokens
What problem they solved• Business and cost efficiencies
• Time and cost savings• Simplicity of administration
- Automation- Self-enrolment
In summary
• CRYPTOCARD are leaders in authentication
• Authenticating anyone, anywhere
• Commoditising authentication and providing SaaS security
• 21 years of innovation, from server to cloud and hardware tokens to tokenless
• Protecting:‐ cloud and web apps‐Widows and Unix‐ Network access devices
• Unrivalled solutions with five 9SLA’s, per user pricing, great automation and seamless migrations
How CRYPTOCARD 2FA works
