SlideShare une entreprise Scribd logo

Using Harddisk Encryption and Novell SecureLogin

Novell
Novell

The document discusses using hard disk encryption and Novell SecureLogin to protect enterprise data. It describes the challenges of protecting data at rest and in transit. It also discusses regulations and consequences of security breaches. The document then summarizes hardware and software encryption solutions and considerations for implementing encryption on different device types and operating systems. It provides an overview of Novell SecureLogin and demonstrates its use with Microsoft Active Directory and hard disk encryption.

1  sur  25
Télécharger pour lire hors ligne
Using Harddisk Encryption and Novell SecureLogin ® Troy Drewry Dirk Strauch Technical Sales Specialist Senior Consultant Novell, Inc. cv cryptovision tdrewry@novell.com dirk.strauch@cryptovision.com
Overview Focus Shifts from Protecting the Network to Protecting Data • The Challenge of Data at Rest – Enterprise Data on Desktops, Laptops and Servers – Stolen and Lost Laptops – Data in Transit – Security Breaches • Regulations and Governance – Corporate and Industry – Local, State and Federal Government – International Considerations • Corporate Impact – Security breach consequences on client mind-set – Negative media exposure outcome on corporate profits • Using Hard Disk Encryption and Novell SecureLogin for ESSO ® – Stronger Alternate to Microsoft Windows Security – Don’t Touch that Application 2 © Novell, Inc. All rights reserved.
Encryption Technology • Hardware-Based Solutions – Intel® Anti-Theft Technology (Intel® AT) Stolen http://www.intel.com/technology/anti-theft – Seagate DriveTrust™ (Self-Encrypting Drives) Technology http://www.seagate.com/docs/pdf/whitepaper/TP564_DriveTrust_Oct06.pdf – Geo Location and Others http://www.absolute.com) (http://www.computersecurity.com/laptop-tracking • Software-Based Solutions – Pre-Boot Authentication (PBA) – Full Drive Encryption (FDE) – File and Folder Encryption (FFE) – Port Security (USB/Firewall/Etc.) – External Drive Protection – File Sharing Safeguards • Auditing – Logging and Forensics Preparation – Reporting and Compliance 3 © Novell, Inc. All rights reserved.
Implementing Hard Disk Encryption Components • Servers – Key Storage – Directory Interoperability – Administration and Management – Scalability • Endpoint Platforms • Workstations • Laptops • Virtual Machines • Kiosks (Terminal Services and Citrix) • Mobil Devices • Others • OS Considerations • Windows • Mac • Linux/Unix • Mobile (at least 4) • Authentication Mechanism • Credentials • Smart Cards • Biometrics • Tokens 4 © Novell, Inc. All rights reserved.
Weighted Options to Implementation • Enterprise and Remote Roaming User Solutions • Pre-Boot Authentication Effects • Full Disk Encryption v. File and Folder Encryption • OS Handshake/Hand-Off Options • Port and Disk Access Control or Free Range Users • Logging and Reporting as a Requirement 5 © Novell, Inc. All rights reserved.
Demonstration Cryptovision WinMagic Smartcard Pre-Boot PKI Security Authentication Microsoft Novell Active Directory ® SecureLogin Authentication 6 © Novell, Inc. All rights reserved.
Cryptovision Configuration
Overview • PKI Infrastructure Overview • PKI in a Novell Environment with cv act PKIntegrated ® • cv act sc/Interface middle-ware • Smart Card 8 © Novell, Inc. All rights reserved.
Public Key Infrastructure Overview Certification Repository CA Digital Certificate RA Private Key Public Key User Application 9 © Novell, Inc. All rights reserved.
PKI in a Novell Environment: ® cv act PKIntegrated CA Engine Novell Identity Manager iManager LDAP OCSP, SCEP Novell eDirectory™ PKIntegrated PKI Administration Applications Novell Identity Manager Siemens DirX, Lotus Notes, SAP HR, Microsoft ADS LDAP Peoplesoft 10 © Novell, Inc. All rights reserved.
Additional Components cv act PKIntegrated - managing digital certificates in an Novell environment ® • Included seamlessly in Novell infrastructure • Using Novell products – Novell eDirectory (data store) ™ – iManager (administration) – Novell Identity Manager (cryptographic functions) 11 © Novell, Inc. All rights reserved.
Additional Components cv act sc/interface – providing access to smart cards – Smart card middleware – Providing access to the most common smart cards including Java Card: G&D Sm@rtCafé Expert, G&D Micro SD Card microSD, StarCOS, IBM JCOP, CardOS, ACOS, AustriaCard JCOP, Gemalto TOP IM GX4, Infineon JTOP, Aladdin eToken, G&D StarSign, Siemens HiPath, A.E.T. SafeSign, Nexus Personal, D-Trust 12 © Novell, Inc. All rights reserved.
WinMagic Configuration
Overview • SecureDoc Overview and Features • SecureDoc Solution 14 © Novell, Inc. All rights reserved.
SecureDoc Overview and Features Third Party Management Applications API Interface SecureDoc Enterprise Server API New Crypto Device Passwords Full Disk Data Leak Encryption Protection Tokens Removable Email Media Encyption Smartcards File / Folder Call Home Encryption Biometrics Port Control Anti virus PKI Seagate FDE TPM SecureDoc Client Software MXI SanDisk / Kingston Ironkey Windows Mac / EFI Linux Symbian New Crypto Device 15 © Novell, Inc. All rights reserved.
SecureDoc Solution SecureDoc Client Disk Sector Multi-Factor Key Escrow User Authentication Active Security Policy Manager USB/CD/DVD (Pre-Boot) and Removable Media Directory Access Control User / Group Key Management Management System System File LDAP Software User AES Software SD CONNEX Encryption Engine Server Distribution Support Secure Client Server Tools Tools Communications Consolidated Audit Log Seagate Folder DriveTrust Drive PKI SecureDoc Enterprise Server Container 3rd Party Encryption USB Stick 16 © Novell, Inc. All rights reserved.
Novell SecureLogin ®
Overview • Microsoft Active Directory Data Store • SecureLogin Workstation Agent • Novell SecureLogin Hard Disk ® Encryption Implications 18 © Novell, Inc. All rights reserved.
Microsoft Active Directory Data Store • Active Directory is being used in this demonstration • We could have used Novell eDirectory or any other LDAP v3 ® ™ • Schema Extensions made Using ADSchema.exe – Prot:SSO Auth – Prot:SSO Entry (LDAP:protocom-SSO-Entries) – Prot:SSO Entry Checksum (LDAP:protocom-SSO-Entries-Checksum) – Prot:SSO Profile (LDAP:protocom-SSO-Profile) – Prot:SSO Security Prefs (LDAP:protocom-SSO-Security-Prefs) – Prot:SSO Security Prefs Checksum (LDAP:protocom-SSO-Security-Prefs-Checksum) 19 © Novell, Inc. All rights reserved.
SecureLogin Workstation Agent • Installed in Active Directory Mode • Configured to Run at Login 20 © Novell, Inc. All rights reserved.
Novell SecureLogin Hard Disk ® Encryption Implications • Pre-Boot Authentication • Full Disk Encryption v. File and Folder Encryption • OS Handshake/Hand-Off • Advanced Authentication Integration 21 © Novell, Inc. All rights reserved.
Demonstration – How it Works Authentication during boot process – Laptop is switched on – Logon screen of hard disk encryption comes up (PBA) – User places their smart card in reader – User types in their PIN – PBA encryption authenticates user and decrypts hard drive – PBA performs handshake to Windows OS and user is logged in – Novell SecureLogin Agent starts ® – SSO is operational with no additional logins 22 © Novell, Inc. All rights reserved.
For More Information Try SecureLogin for Yourself We'll install SecureLogin on • Visit table A5 in IT Central your machine (for free). • Attend the following complementary sessions: – BOF106: SecureLogin in the Real World Panel Discussion – IAM205: Novell SecureLogin Installation, Deployment and Lifecycle Management – IAM207: SecureLogin and Your Active Directory Setup – IAM302: Using Hard Disk Encryption and SecureLogin – IAM303: Enhancing SecureLogin with Multi-factor Authentication – IAM304: Securing Shared Workstation with SecureLogin • Walk through the SecureLogin demo in the Installation and Migration Depot • Visit www.novell.com/securelogin 23 © Novell, Inc. All rights reserved.
Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

Recommandé

Consolidation Planning: Getting the Most from Your Virtualization Initiative
Consolidation Planning: Getting the Most from Your Virtualization InitiativeConsolidation Planning: Getting the Most from Your Virtualization Initiative
Consolidation Planning: Getting the Most from Your Virtualization InitiativeNovell
 
Archiving and e-Discovery for Novell GroupWise
Archiving and e-Discovery for Novell GroupWiseArchiving and e-Discovery for Novell GroupWise
Archiving and e-Discovery for Novell GroupWiseNovell
 
Installing and Configuring Novell Conferencing
Installing and Configuring Novell ConferencingInstalling and Configuring Novell Conferencing
Installing and Configuring Novell ConferencingNovell
 
Migrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise ServerMigrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise ServerNovell
 
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...Novell
 
Novell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell
 
Effective Linux Migration Processes
Effective Linux Migration ProcessesEffective Linux Migration Processes
Effective Linux Migration Processessheilamia
 
Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...Novell
 

Recommandé

Consolidation Planning: Getting the Most from Your Virtualization Initiative
Consolidation Planning: Getting the Most from Your Virtualization InitiativeConsolidation Planning: Getting the Most from Your Virtualization Initiative
Consolidation Planning: Getting the Most from Your Virtualization InitiativeNovell
 
Archiving and e-Discovery for Novell GroupWise
Archiving and e-Discovery for Novell GroupWiseArchiving and e-Discovery for Novell GroupWise
Archiving and e-Discovery for Novell GroupWiseNovell
 
Installing and Configuring Novell Conferencing
Installing and Configuring Novell ConferencingInstalling and Configuring Novell Conferencing
Installing and Configuring Novell ConferencingNovell
 
Migrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise ServerMigrate from Red Hat to SUSE Linux Enterprise Server
Migrate from Red Hat to SUSE Linux Enterprise ServerNovell
 
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...
Novell SecureLogin Installation, Deployment, Lifecycle Management and Trouble...Novell
 
Novell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell
 
Effective Linux Migration Processes
Effective Linux Migration ProcessesEffective Linux Migration Processes
Effective Linux Migration Processessheilamia
 
Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...Implementing and Proving Compliance Tactics with Novell Compliance Management...
Implementing and Proving Compliance Tactics with Novell Compliance Management...Novell
 
Novell iPrint: Advanced Features on Linux
Novell iPrint: Advanced Features on LinuxNovell iPrint: Advanced Features on Linux
Novell iPrint: Advanced Features on LinuxNovell
 
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...Novell
 
Novell iFolder 3.8: A Simple, Secure File Access Solution
Novell iFolder 3.8: A Simple, Secure File Access SolutionNovell iFolder 3.8: A Simple, Secure File Access Solution
Novell iFolder 3.8: A Simple, Secure File Access SolutionNovell
 
Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Lessons Learned: Novell Open Enterprise Server Upgrades Made EasyLessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Lessons Learned: Novell Open Enterprise Server Upgrades Made EasyNovell
 
Applying Novell Identity Manager to Your Everyday Problems
Applying Novell Identity Manager to Your Everyday ProblemsApplying Novell Identity Manager to Your Everyday Problems
Applying Novell Identity Manager to Your Everyday ProblemsNovell
 
Novell filr customer slides richard lindstedt
Novell filr customer slides richard lindstedtNovell filr customer slides richard lindstedt
Novell filr customer slides richard lindstedtGWAVA
 
Finding Virtual Coins in the Couch
Finding Virtual Coins in the CouchFinding Virtual Coins in the Couch
Finding Virtual Coins in the CouchNovell
 
SUSE Linux Enterprise Server for System z SP1
SUSE Linux Enterprise Server for System z SP1 SUSE Linux Enterprise Server for System z SP1
SUSE Linux Enterprise Server for System z SP1 Novell
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateNovell
 
Securing Your Endpoints Using Novell ZENworks Endpoint Security Management
Securing Your Endpoints Using Novell ZENworks Endpoint Security ManagementSecuring Your Endpoints Using Novell ZENworks Endpoint Security Management
Securing Your Endpoints Using Novell ZENworks Endpoint Security ManagementNovell
 
How to Maintain Software Appliances
How to Maintain Software AppliancesHow to Maintain Software Appliances
How to Maintain Software AppliancesNovell
 
Integrating Apple Macs Using Novell Technologies
Integrating Apple Macs Using Novell TechnologiesIntegrating Apple Macs Using Novell Technologies
Integrating Apple Macs Using Novell TechnologiesNovell
 
What's new in XenDesktop and XenApp
What's new in XenDesktop and XenAppWhat's new in XenDesktop and XenApp
What's new in XenDesktop and XenAppCitrix
 
Novell Filr
Novell FilrNovell Filr
Novell FilrNovell Nederland
 
Ugly Storage Made Sexy in Novell Open Enterprise Server and Windows Environments
Ugly Storage Made Sexy in Novell Open Enterprise Server and Windows EnvironmentsUgly Storage Made Sexy in Novell Open Enterprise Server and Windows Environments
Ugly Storage Made Sexy in Novell Open Enterprise Server and Windows EnvironmentsNovell
 
Accelerate to the Cloud
Accelerate to the CloudAccelerate to the Cloud
Accelerate to the CloudNovell
 
Novell Filr Overview
Novell Filr OverviewNovell Filr Overview
Novell Filr OverviewNovell, Inc.
 
Dell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell World
 
Integrating Novell Teaming within Your Existing Infrastructure
Integrating Novell Teaming within Your Existing InfrastructureIntegrating Novell Teaming within Your Existing Infrastructure
Integrating Novell Teaming within Your Existing InfrastructureNovell
 
Data Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information PresentationData Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information PresentationData Securities
 
Data Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information PresentationData Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information Presentationguestf018d88
 
HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010Andris Soroka
 

Contenu connexe

Tendances

Novell iPrint: Advanced Features on Linux
Novell iPrint: Advanced Features on LinuxNovell iPrint: Advanced Features on Linux
Novell iPrint: Advanced Features on LinuxNovell
 
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...Novell
 
Novell iFolder 3.8: A Simple, Secure File Access Solution
Novell iFolder 3.8: A Simple, Secure File Access SolutionNovell iFolder 3.8: A Simple, Secure File Access Solution
Novell iFolder 3.8: A Simple, Secure File Access SolutionNovell
 
Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Lessons Learned: Novell Open Enterprise Server Upgrades Made EasyLessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Lessons Learned: Novell Open Enterprise Server Upgrades Made EasyNovell
 
Applying Novell Identity Manager to Your Everyday Problems
Applying Novell Identity Manager to Your Everyday ProblemsApplying Novell Identity Manager to Your Everyday Problems
Applying Novell Identity Manager to Your Everyday ProblemsNovell
 
Novell filr customer slides richard lindstedt
Novell filr customer slides richard lindstedtNovell filr customer slides richard lindstedt
Novell filr customer slides richard lindstedtGWAVA
 
Finding Virtual Coins in the Couch
Finding Virtual Coins in the CouchFinding Virtual Coins in the Couch
Finding Virtual Coins in the CouchNovell
 
SUSE Linux Enterprise Server for System z SP1
SUSE Linux Enterprise Server for System z SP1 SUSE Linux Enterprise Server for System z SP1
SUSE Linux Enterprise Server for System z SP1 Novell
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateNovell
 
Securing Your Endpoints Using Novell ZENworks Endpoint Security Management
Securing Your Endpoints Using Novell ZENworks Endpoint Security ManagementSecuring Your Endpoints Using Novell ZENworks Endpoint Security Management
Securing Your Endpoints Using Novell ZENworks Endpoint Security ManagementNovell
 
How to Maintain Software Appliances
How to Maintain Software AppliancesHow to Maintain Software Appliances
How to Maintain Software AppliancesNovell
 
Integrating Apple Macs Using Novell Technologies
Integrating Apple Macs Using Novell TechnologiesIntegrating Apple Macs Using Novell Technologies
Integrating Apple Macs Using Novell TechnologiesNovell
 
What's new in XenDesktop and XenApp
What's new in XenDesktop and XenAppWhat's new in XenDesktop and XenApp
What's new in XenDesktop and XenAppCitrix
 
Ugly Storage Made Sexy in Novell Open Enterprise Server and Windows Environments
Ugly Storage Made Sexy in Novell Open Enterprise Server and Windows EnvironmentsUgly Storage Made Sexy in Novell Open Enterprise Server and Windows Environments
Ugly Storage Made Sexy in Novell Open Enterprise Server and Windows EnvironmentsNovell
 
Accelerate to the Cloud
Accelerate to the CloudAccelerate to the Cloud
Accelerate to the CloudNovell
 
Novell Filr Overview
Novell Filr OverviewNovell Filr Overview
Novell Filr OverviewNovell, Inc.
 
Dell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell World
 
Integrating Novell Teaming within Your Existing Infrastructure
Integrating Novell Teaming within Your Existing InfrastructureIntegrating Novell Teaming within Your Existing Infrastructure
Integrating Novell Teaming within Your Existing InfrastructureNovell
 

Tendances (19)

Novell iPrint: Advanced Features on Linux
Novell iPrint: Advanced Features on LinuxNovell iPrint: Advanced Features on Linux
Novell iPrint: Advanced Features on Linux
 
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
Upgrading from NetWare to Novell Open Enterprise Server on Linux: The Novell ...
 
Novell iFolder 3.8: A Simple, Secure File Access Solution
Novell iFolder 3.8: A Simple, Secure File Access SolutionNovell iFolder 3.8: A Simple, Secure File Access Solution
Novell iFolder 3.8: A Simple, Secure File Access Solution
 
Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Lessons Learned: Novell Open Enterprise Server Upgrades Made EasyLessons Learned: Novell Open Enterprise Server Upgrades Made Easy
Lessons Learned: Novell Open Enterprise Server Upgrades Made Easy
 
Applying Novell Identity Manager to Your Everyday Problems
Applying Novell Identity Manager to Your Everyday ProblemsApplying Novell Identity Manager to Your Everyday Problems
Applying Novell Identity Manager to Your Everyday Problems
 
Novell filr customer slides richard lindstedt
Novell filr customer slides richard lindstedtNovell filr customer slides richard lindstedt
Novell filr customer slides richard lindstedt
 
Finding Virtual Coins in the Couch
Finding Virtual Coins in the CouchFinding Virtual Coins in the Couch
Finding Virtual Coins in the Couch
 
SUSE Linux Enterprise Server for System z SP1
SUSE Linux Enterprise Server for System z SP1 SUSE Linux Enterprise Server for System z SP1
SUSE Linux Enterprise Server for System z SP1
 
Run Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin OrchestrateRun Book Automation with PlateSpin Orchestrate
Run Book Automation with PlateSpin Orchestrate
 
Securing Your Endpoints Using Novell ZENworks Endpoint Security Management
Securing Your Endpoints Using Novell ZENworks Endpoint Security ManagementSecuring Your Endpoints Using Novell ZENworks Endpoint Security Management
Securing Your Endpoints Using Novell ZENworks Endpoint Security Management
 
How to Maintain Software Appliances
How to Maintain Software AppliancesHow to Maintain Software Appliances
How to Maintain Software Appliances
 
Integrating Apple Macs Using Novell Technologies
Integrating Apple Macs Using Novell TechnologiesIntegrating Apple Macs Using Novell Technologies
Integrating Apple Macs Using Novell Technologies
 
What's new in XenDesktop and XenApp
What's new in XenDesktop and XenAppWhat's new in XenDesktop and XenApp
What's new in XenDesktop and XenApp
 
Novell Filr
Novell FilrNovell Filr
Novell Filr
 
Ugly Storage Made Sexy in Novell Open Enterprise Server and Windows Environments
Ugly Storage Made Sexy in Novell Open Enterprise Server and Windows EnvironmentsUgly Storage Made Sexy in Novell Open Enterprise Server and Windows Environments
Ugly Storage Made Sexy in Novell Open Enterprise Server and Windows Environments
 
Accelerate to the Cloud
Accelerate to the CloudAccelerate to the Cloud
Accelerate to the Cloud
 
Novell Filr Overview
Novell Filr OverviewNovell Filr Overview
Novell Filr Overview
 
Dell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions LabDell Networking Wired, Wireless and Security Solutions Lab
Dell Networking Wired, Wireless and Security Solutions Lab
 
Integrating Novell Teaming within Your Existing Infrastructure
Integrating Novell Teaming within Your Existing InfrastructureIntegrating Novell Teaming within Your Existing Infrastructure
Integrating Novell Teaming within Your Existing Infrastructure
 

Similaire à Using Harddisk Encryption and Novell SecureLogin

Data Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information PresentationData Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information PresentationData Securities
 
Data Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information PresentationData Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information Presentationguestf018d88
 
HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010Andris Soroka
 
Secure Your AWS Cloud Data by Porticor
Secure Your AWS Cloud Data by PorticorSecure Your AWS Cloud Data by Porticor
Secure Your AWS Cloud Data by PorticorNewvewm
 
Symantec Deepens Encryption Offerings
Symantec Deepens Encryption OfferingsSymantec Deepens Encryption Offerings
Symantec Deepens Encryption OfferingsSymantec
 
Come gestire l'encryption dei dati con SKLM
Come gestire l'encryption dei dati con SKLMCome gestire l'encryption dei dati con SKLM
Come gestire l'encryption dei dati con SKLMLuigi Perrone
 
Garantire la confidenzialità delle informazioni: la soluzione PGP per l'Encry...
Garantire la confidenzialità delle informazioni: la soluzione PGP per l'Encry...Garantire la confidenzialità delle informazioni: la soluzione PGP per l'Encry...
Garantire la confidenzialità delle informazioni: la soluzione PGP per l'Encry...Symantec Italia
 
iOS application (in)security
iOS application (in)securityiOS application (in)security
iOS application (in)securityiphonepentest
 
PKI in DevOps: How to Deploy Certificate Automation within CI/CD
PKI in DevOps: How to Deploy Certificate Automation within CI/CDPKI in DevOps: How to Deploy Certificate Automation within CI/CD
PKI in DevOps: How to Deploy Certificate Automation within CI/CDDevOps.com
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Amazon Web Services
 
Bloombase Spitfire Link Encryptor Server Brochure
Bloombase Spitfire Link Encryptor Server BrochureBloombase Spitfire Link Encryptor Server Brochure
Bloombase Spitfire Link Encryptor Server BrochureBloombase
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidOpen Data Center Alliance
 
The Key to Strong Cloud Security
The Key to Strong Cloud SecurityThe Key to Strong Cloud Security
The Key to Strong Cloud SecurityAkeyless
 
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...Hitachi ID Systems, Inc.
 
RISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notesRISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notesRISC-V International
 
Hitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Systems, Inc.
 

Similaire à Using Harddisk Encryption and Novell SecureLogin (20)

Data Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information PresentationData Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information Presentation
 
Data Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information PresentationData Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information Presentation
 
HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010
 
Secure Your AWS Cloud Data by Porticor
Secure Your AWS Cloud Data by PorticorSecure Your AWS Cloud Data by Porticor
Secure Your AWS Cloud Data by Porticor
 
Monetizing the Enterprise: Borderless Networks
Monetizing the Enterprise: Borderless NetworksMonetizing the Enterprise: Borderless Networks
Monetizing the Enterprise: Borderless Networks
 
Symantec Deepens Encryption Offerings
Symantec Deepens Encryption OfferingsSymantec Deepens Encryption Offerings
Symantec Deepens Encryption Offerings
 
Come gestire l'encryption dei dati con SKLM
Come gestire l'encryption dei dati con SKLMCome gestire l'encryption dei dati con SKLM
Come gestire l'encryption dei dati con SKLM
 
Garantire la confidenzialità delle informazioni: la soluzione PGP per l'Encry...
Garantire la confidenzialità delle informazioni: la soluzione PGP per l'Encry...Garantire la confidenzialità delle informazioni: la soluzione PGP per l'Encry...
Garantire la confidenzialità delle informazioni: la soluzione PGP per l'Encry...
 
iOS application (in)security
iOS application (in)securityiOS application (in)security
iOS application (in)security
 
PKI in DevOps: How to Deploy Certificate Automation within CI/CD
PKI in DevOps: How to Deploy Certificate Automation within CI/CDPKI in DevOps: How to Deploy Certificate Automation within CI/CD
PKI in DevOps: How to Deploy Certificate Automation within CI/CD
 
Managing Windows RT devices in the Enterprise
Managing Windows RT devices in the Enterprise Managing Windows RT devices in the Enterprise
Managing Windows RT devices in the Enterprise
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012
 
Bloombase Spitfire Link Encryptor Server Brochure
Bloombase Spitfire Link Encryptor Server BrochureBloombase Spitfire Link Encryptor Server Brochure
Bloombase Spitfire Link Encryptor Server Brochure
 
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, TrapezoidForecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
Forecast 2012 Panel: Security POC NAB, Terremark, Trapezoid
 
The Key to Strong Cloud Security
The Key to Strong Cloud SecurityThe Key to Strong Cloud Security
The Key to Strong Cloud Security
 
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
Hitachi ID Password Manager (formerly P-Synch): Lower cost, improve service a...
 
RISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notesRISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notes
 
Data trustworthiness at the edge
Data trustworthiness at the edgeData trustworthiness at the edge
Data trustworthiness at the edge
 
Anil Info
Anil InfoAnil Info
Anil Info
 
Hitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management SuiteHitachi ID Identity and Access Management Suite
Hitachi ID Identity and Access Management Suite
 

Plus de Novell

Filr white paper
Filr white paperFilr white paper
Filr white paperNovell
 
Social media class 4 v2
Social media class 4 v2Social media class 4 v2
Social media class 4 v2Novell
 
Social media class 3
Social media class 3Social media class 3
Social media class 3Novell
 
Social media class 2
Social media class 2Social media class 2
Social media class 2Novell
 
Social media class 1
Social media class 1Social media class 1
Social media class 1Novell
 
Social media class 2 v2
Social media class 2 v2Social media class 2 v2
Social media class 2 v2Novell
 
LinkedIn training presentation
LinkedIn training presentationLinkedIn training presentation
LinkedIn training presentationNovell
 
Twitter training presentation
Twitter training presentationTwitter training presentation
Twitter training presentationNovell
 
Getting started with social media
Getting started with social mediaGetting started with social media
Getting started with social mediaNovell
 
Strategies for sharing and commenting in social media
Strategies for sharing and commenting in social mediaStrategies for sharing and commenting in social media
Strategies for sharing and commenting in social mediaNovell
 
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHInformation Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHNovell
 
Workload iq final
Workload iq finalWorkload iq final
Workload iq finalNovell
 
The Identity-infused Enterprise
The Identity-infused EnterpriseThe Identity-infused Enterprise
The Identity-infused EnterpriseNovell
 
Shining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of SocialShining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of SocialNovell
 
The New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration TrendsThe New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration TrendsNovell
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementNovell
 
Iaas for a demanding business
Iaas for a demanding businessIaas for a demanding business
Iaas for a demanding businessNovell
 
Workload IQ: A Differentiated Approach
Workload IQ: A Differentiated ApproachWorkload IQ: A Differentiated Approach
Workload IQ: A Differentiated ApproachNovell
 
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...Novell
 
IDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The CloudIDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The CloudNovell
 

Plus de Novell (20)

Filr white paper
Filr white paperFilr white paper
Filr white paper
 
Social media class 4 v2
Social media class 4 v2Social media class 4 v2
Social media class 4 v2
 
Social media class 3
Social media class 3Social media class 3
Social media class 3
 
Social media class 2
Social media class 2Social media class 2
Social media class 2
 
Social media class 1
Social media class 1Social media class 1
Social media class 1
 
Social media class 2 v2
Social media class 2 v2Social media class 2 v2
Social media class 2 v2
 
LinkedIn training presentation
LinkedIn training presentationLinkedIn training presentation
LinkedIn training presentation
 
Twitter training presentation
Twitter training presentationTwitter training presentation
Twitter training presentation
 
Getting started with social media
Getting started with social mediaGetting started with social media
Getting started with social media
 
Strategies for sharing and commenting in social media
Strategies for sharing and commenting in social mediaStrategies for sharing and commenting in social media
Strategies for sharing and commenting in social media
 
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHInformation Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
 
Workload iq final
Workload iq finalWorkload iq final
Workload iq final
 
The Identity-infused Enterprise
The Identity-infused EnterpriseThe Identity-infused Enterprise
The Identity-infused Enterprise
 
Shining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of SocialShining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of Social
 
The New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration TrendsThe New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration Trends
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log Management
 
Iaas for a demanding business
Iaas for a demanding businessIaas for a demanding business
Iaas for a demanding business
 
Workload IQ: A Differentiated Approach
Workload IQ: A Differentiated ApproachWorkload IQ: A Differentiated Approach
Workload IQ: A Differentiated Approach
 
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
 
IDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The CloudIDC Says, Don't Move To The Cloud
IDC Says, Don't Move To The Cloud
 

Using Harddisk Encryption and Novell SecureLogin

  • 1. Using Harddisk Encryption and Novell SecureLogin ® Troy Drewry Dirk Strauch Technical Sales Specialist Senior Consultant Novell, Inc. cv cryptovision tdrewry@novell.com dirk.strauch@cryptovision.com
  • 2. Overview Focus Shifts from Protecting the Network to Protecting Data • The Challenge of Data at Rest – Enterprise Data on Desktops, Laptops and Servers – Stolen and Lost Laptops – Data in Transit – Security Breaches • Regulations and Governance – Corporate and Industry – Local, State and Federal Government – International Considerations • Corporate Impact – Security breach consequences on client mind-set – Negative media exposure outcome on corporate profits • Using Hard Disk Encryption and Novell SecureLogin for ESSO ® – Stronger Alternate to Microsoft Windows Security – Don’t Touch that Application 2 © Novell, Inc. All rights reserved.
  • 3. Encryption Technology • Hardware-Based Solutions – Intel® Anti-Theft Technology (Intel® AT) Stolen http://www.intel.com/technology/anti-theft – Seagate DriveTrust™ (Self-Encrypting Drives) Technology http://www.seagate.com/docs/pdf/whitepaper/TP564_DriveTrust_Oct06.pdf – Geo Location and Others http://www.absolute.com) (http://www.computersecurity.com/laptop-tracking • Software-Based Solutions – Pre-Boot Authentication (PBA) – Full Drive Encryption (FDE) – File and Folder Encryption (FFE) – Port Security (USB/Firewall/Etc.) – External Drive Protection – File Sharing Safeguards • Auditing – Logging and Forensics Preparation – Reporting and Compliance 3 © Novell, Inc. All rights reserved.
  • 4. Implementing Hard Disk Encryption Components • Servers – Key Storage – Directory Interoperability – Administration and Management – Scalability • Endpoint Platforms • Workstations • Laptops • Virtual Machines • Kiosks (Terminal Services and Citrix) • Mobil Devices • Others • OS Considerations • Windows • Mac • Linux/Unix • Mobile (at least 4) • Authentication Mechanism • Credentials • Smart Cards • Biometrics • Tokens 4 © Novell, Inc. All rights reserved.
  • 5. Weighted Options to Implementation • Enterprise and Remote Roaming User Solutions • Pre-Boot Authentication Effects • Full Disk Encryption v. File and Folder Encryption • OS Handshake/Hand-Off Options • Port and Disk Access Control or Free Range Users • Logging and Reporting as a Requirement 5 © Novell, Inc. All rights reserved.
  • 6. Demonstration Cryptovision WinMagic Smartcard Pre-Boot PKI Security Authentication Microsoft Novell Active Directory ® SecureLogin Authentication 6 © Novell, Inc. All rights reserved.
  • 8. Overview • PKI Infrastructure Overview • PKI in a Novell Environment with cv act PKIntegrated ® • cv act sc/Interface middle-ware • Smart Card 8 © Novell, Inc. All rights reserved.
  • 9. Public Key Infrastructure Overview Certification Repository CA Digital Certificate RA Private Key Public Key User Application 9 © Novell, Inc. All rights reserved.
  • 10. PKI in a Novell Environment: ® cv act PKIntegrated CA Engine Novell Identity Manager iManager LDAP OCSP, SCEP Novell eDirectory™ PKIntegrated PKI Administration Applications Novell Identity Manager Siemens DirX, Lotus Notes, SAP HR, Microsoft ADS LDAP Peoplesoft 10 © Novell, Inc. All rights reserved.
  • 11. Additional Components cv act PKIntegrated - managing digital certificates in an Novell environment ® • Included seamlessly in Novell infrastructure • Using Novell products – Novell eDirectory (data store) ™ – iManager (administration) – Novell Identity Manager (cryptographic functions) 11 © Novell, Inc. All rights reserved.
  • 12. Additional Components cv act sc/interface – providing access to smart cards – Smart card middleware – Providing access to the most common smart cards including Java Card: G&D Sm@rtCafé Expert, G&D Micro SD Card microSD, StarCOS, IBM JCOP, CardOS, ACOS, AustriaCard JCOP, Gemalto TOP IM GX4, Infineon JTOP, Aladdin eToken, G&D StarSign, Siemens HiPath, A.E.T. SafeSign, Nexus Personal, D-Trust 12 © Novell, Inc. All rights reserved.
  • 14. Overview • SecureDoc Overview and Features • SecureDoc Solution 14 © Novell, Inc. All rights reserved.
  • 15. SecureDoc Overview and Features Third Party Management Applications API Interface SecureDoc Enterprise Server API New Crypto Device Passwords Full Disk Data Leak Encryption Protection Tokens Removable Email Media Encyption Smartcards File / Folder Call Home Encryption Biometrics Port Control Anti virus PKI Seagate FDE TPM SecureDoc Client Software MXI SanDisk / Kingston Ironkey Windows Mac / EFI Linux Symbian New Crypto Device 15 © Novell, Inc. All rights reserved.
  • 16. SecureDoc Solution SecureDoc Client Disk Sector Multi-Factor Key Escrow User Authentication Active Security Policy Manager USB/CD/DVD (Pre-Boot) and Removable Media Directory Access Control User / Group Key Management Management System System File LDAP Software User AES Software SD CONNEX Encryption Engine Server Distribution Support Secure Client Server Tools Tools Communications Consolidated Audit Log Seagate Folder DriveTrust Drive PKI SecureDoc Enterprise Server Container 3rd Party Encryption USB Stick 16 © Novell, Inc. All rights reserved.
  • 18. Overview • Microsoft Active Directory Data Store • SecureLogin Workstation Agent • Novell SecureLogin Hard Disk ® Encryption Implications 18 © Novell, Inc. All rights reserved.
  • 19. Microsoft Active Directory Data Store • Active Directory is being used in this demonstration • We could have used Novell eDirectory or any other LDAP v3 ® ™ • Schema Extensions made Using ADSchema.exe – Prot:SSO Auth – Prot:SSO Entry (LDAP:protocom-SSO-Entries) – Prot:SSO Entry Checksum (LDAP:protocom-SSO-Entries-Checksum) – Prot:SSO Profile (LDAP:protocom-SSO-Profile) – Prot:SSO Security Prefs (LDAP:protocom-SSO-Security-Prefs) – Prot:SSO Security Prefs Checksum (LDAP:protocom-SSO-Security-Prefs-Checksum) 19 © Novell, Inc. All rights reserved.
  • 20. SecureLogin Workstation Agent • Installed in Active Directory Mode • Configured to Run at Login 20 © Novell, Inc. All rights reserved.
  • 21. Novell SecureLogin Hard Disk ® Encryption Implications • Pre-Boot Authentication • Full Disk Encryption v. File and Folder Encryption • OS Handshake/Hand-Off • Advanced Authentication Integration 21 © Novell, Inc. All rights reserved.
  • 22. Demonstration – How it Works Authentication during boot process – Laptop is switched on – Logon screen of hard disk encryption comes up (PBA) – User places their smart card in reader – User types in their PIN – PBA encryption authenticates user and decrypts hard drive – PBA performs handshake to Windows OS and user is logged in – Novell SecureLogin Agent starts ® – SSO is operational with no additional logins 22 © Novell, Inc. All rights reserved.
  • 23. For More Information Try SecureLogin for Yourself We'll install SecureLogin on • Visit table A5 in IT Central your machine (for free). • Attend the following complementary sessions: – BOF106: SecureLogin in the Real World Panel Discussion – IAM205: Novell SecureLogin Installation, Deployment and Lifecycle Management – IAM207: SecureLogin and Your Active Directory Setup – IAM302: Using Hard Disk Encryption and SecureLogin – IAM303: Enhancing SecureLogin with Multi-factor Authentication – IAM304: Securing Shared Workstation with SecureLogin • Walk through the SecureLogin demo in the Installation and Migration Depot • Visit www.novell.com/securelogin 23 © Novell, Inc. All rights reserved.
  • 24.
  • 25. Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.