SlideShare une entreprise Scribd logo

Enhancing Novell SecureLogin® with Multi-factor Authentication

Novell
Novell

The document discusses enhancing Novell SecureLogin with multi-factor authentication. It provides an overview of SecureLogin and its integration with Novell identity and security management solutions. It then defines advanced authentication, discussing why organizations implement it and options for different authentication devices. The document also describes a practical application of advanced authentication at a medical center, including their IT drivers, solution using biometrics, and benefits realized. Finally, it outlines the architecture of SecureLogin and provides a demonstration of authentication using biometrics, proximity cards, and smart cards.

1  sur  38
Télécharger pour lire hors ligne
Enhancing Novell SecureLogin ® with Multi-factor Authentication Troy Drewry Nick Ivon Technical Sales Specialist Director of Information Systems Novell / tdrewry@novell.com Clark & Daughtrey Medical Centers nickivon@clark-daughtrey.com Greg Domjan Senior Software Engineer Novell / gdomjan@novell.com
Session Overview • SecureLogin in Novell ISM Model - Solutions, Framework and Integration ® • Defining Advanced Authentication - Cool Technology or Invaluable Tool? – Why Do it? – Why Do It with SecureLogin? – Device Options – Who Does it Today • Practical Applications of Advanced Authentication – The Real World With Our Client: Clark & Daughtrey Medical Group – IT Drivers – The Solution – Benefits • SecureLogin AA Architecture – Novell eDirectory , Active Directory and LDAP ™ • Demonstration – SecureLogin and Advanced Authentication Explained – Using Biometric – Using Proximity Cards – Using Smart Cards • Discussion with Q&A 2 © Novell, Inc. All rights reserved.
SecureLogin in Novell Identity ® and Security Management Solutions, Framework, Integration
Identity and Security Solutions Identity and Access Security Compliance Management Management Management • User Provisioning • Security Monitoring • Access Certification and Management and Remediation • Enterprise Compliance • Roles Management • Log Management Solutions • Simplified Secure • Cloud Security • Privileged User Access Management 4 © Novell, Inc. All rights reserved.
Identity and Security Framework Roles Driven Governance Governance Access Identity Management Roles Engineering Common Roles and Organizations Certification Business Processes, Methodology and Access Permissions and Processes Policies and Standards Tools Identity Management Simplified, Secure Access Identity Authentication Authorization Identity Vault Integration and Synchronization Multi-Factor Auth./ SSL Federated Identity Course Grained VPN Authorization Management Privileged User Provisioning and Workflows Management Web Access Management Fine Grained Delegated Self-Service Reduced / Authorization Single Administration Administration Sign-On Audit Identity Audit Access Administration Control Events Reporting Events Security and Vulnerability Management 5 © Novell, Inc. All rights reserved.
Identity and Security Framework Roles Driven Governance Governance Novell Access Certification Manager / Novell Roles Engineering Common Roles and Access Identity Management Roles Lifecycle Manager / Organizations Certification Business Processes, Methodology and Access Permissions and Processes Novell Professional and Partner Services Policies and Standards Tools Identity Management Simplified, Secure Access Identity Authentication Authorization SecureLogin (eSSO) Identity Vault Integration and Privileged User Access Manager Synchronization Multi-Factor Auth./ SSL Federated Identity Course Grained Manager Manager VPN Access (WSSO) Authorization Management Identity Manager / Privileged User Access Role Based Provisioning / Provisioning and Workflows Management Web Access Management Manager Storage Manager Fine Grained Delegated Self-Service Reduced / Authorization Single Administration Administration Sign-On Audit Identity Audit Access Novell Sentinel / Novell Identity Reporting Administration Control Events Audit Events Security and Vulnerability Management 6 © Novell, Inc. All rights reserved.
The Integration Platform of Novell Identity ® and Security Management Products Novell Novell ® Identity SecureLogin Manager Novell Novell Access Sentinel ™ Manager ™ Approval and Workflow Role-based administration Password self service Business policy enforcement Identity Synchronization Auditing and remediation 7 © Novell, Inc. All rights reserved.
Defining Advanced Authentication Cool Technology or Invaluable Tool
What is Advanced Authentication? Start with these definitions: Identity: A unique assigned value used to reference a principal Authentication: The process of verifying reference to principal with factors Authorization: Capabilities of principals based on policy definition and enforcement Authentication is NOT Authorization Advanced Authentication with Novell SecureLogin: ® Extend Advanced Authentication to the application Novell SecureLogin Registered Identity 9 © Novell, Inc. All rights reserved.
What is Advanced Authentication? The key requirements of today's and future network infrastructures are to provide security while maintaining high Quality of Service (QoS) and user satisfaction—all while responding to continuous demands for additional functionality. It all comes down to negotiation – In development - trade feature for release date – In QoS - trade predictable performance for resource requirements – In security - trade usability for compliance Many companies are now investigating advanced authentication (sometimes referred to as “two-factor” or 2FA) solutions which typically involve biometrics, proximity cards, smart cards or tokens (randon multi-digit numeric generators) to complement their existing security. Only a small percentage have moved to production. Why do think this is true? Can this be changed now? 10 © Novell, Inc. All rights reserved.
Advanced Authentication: Cool Technology or Invaluable Tool? Why Do It? Simply because of users? Security? Other? – Users create easily guessable passwords, use names or something so complicated they end up having to write it down or call for reset – Users are not good at protecting their passwords – Users can put the company in the news. NOT in a good way! – Advanced Authentication can greatly improve the user experience and Quality of Service (QoS) – Oh... and it dramatically increases security and helps with regulatory compliance requirements The fact is that the ingenuity, persistence and proliferation of commercial hackers has led to an increase in concern for protecting crucial systems from unauthorized access. Many businesses stand to lose enormous amounts of money as well as investor confidence from such security breaches. Protecting data in the digital age is essential. 11 © Novell, Inc. All rights reserved.
Advanced Authentication: Cool Technology or Invaluable Tool? Why Do It? Simply because of users? Security? Other? – Users create easily guessable passwords, use names or something so complicated they end up having to write it down or call for reset – Users are not good at protecting their passwords – Users can put the company in the news. NOT in a good way! – Advanced Authentication can greatly improve the user experience and Quality of Service (QoS) – Oh... and it dramatically increases security and helps with regulatory compliance requirements The fact is that the ingenuity, persistence and proliferation of commercial hackers and has led to an increase in concern for protecting crucial systems from unauthorized access. Many businesses stand to lose enormous amounts of money as well as investor confidence from such security breaches. Protecting data in the digital age is essential. 12 © Novell, Inc. All rights reserved.
Advanced Authentication: Cool Technology or Invaluable Tool? Why Do It With SecureLogin? Extending the use of the device. – Something the user knows > Username, ID, Badge Number, etc. > Password – – Eliminated Issues – Remaining Issues > forgotten passwords > disgruntled employees > Keystroke logging > false negatives / positives > password trapping > lost cards / tokens > shoulder surfing > remote / traveling users > phishing / identity theft > trojans / man-in-the-middle 13 © Novell, Inc. All rights reserved.
Advanced Authentication: Tool Cool Technology or Invaluable Tool? Why Do It With SecureLogin? Extending the use of the device. – Something the user knows > Username, ID, Badge Number, etc. > Password – Eliminated Issues – Remaining Issues > forgotten passwords > disgruntled employees > Keystroke logging > false negatives / positives > password trapping > lost cards / tokens > shoulder surfing > remote / traveling users > phishing / identity theft > trojans / man-in-the-middle 14 © Novell, Inc. All rights reserved.
Advanced Authentication: Cool Technology or Invaluable Tool? Device Options – Something the user knows > Username, ID, Badge Number, etc. > Password 15 © Novell, Inc. All rights reserved.
Advanced Authentication: Cool Technology or Invaluable Tool? Who Does It Today? – Something the user knows > Username, ID, Badge Number, etc. > Password Biom tricSe urityO e c pportunities R g la ion eu t s R v nue ee s H P -2 SD 4 D ,D S,D T e c oD H oS, SA t PrivateIndustry St te a s C s itie International N RHO OTC M O rC C Ms the O O ForeignGov’ts CNC M E TO T e im 16 © Novell, Inc. All rights reserved.
Advanced Authentication: Cool Technology or Invaluable Tool? Perhaps Both... 17 © Novell, Inc. All rights reserved.
Practical Application of Advanced Authentication Cool Technology or Invaluable Tool
Federal Bridge • PKI Authentication across government agencies – Verisign, Exostar, Entrust – Federal Bridge Certificate Authority - FBCA – Validation and trust among agencies that use the bridge FBCA 19 © Novell, Inc. All rights reserved.
Federal & Industry Bridges Other Industries are leveraging the FBCA HEBCA (Future) FBCA 20 © Novell, Inc. All rights reserved.
Practical Application of Advanced Authentication The Real World With Our Client: Clark & Daughtrey Medical Group Nicholas Ivon Director of Information Systems (863) 284-5025 nickivon@clark-daughtrey.com 21 © Novell, Inc. All rights reserved.
Practical Application of Advanced Authentication Clark & Daughtrey Medical Group Overview – C&D is a large multi-specialty, multi-location provider group in Lakeland Florida – Celebrating it’s 60th anniversary this year – Over the past eight years, C&D has invested heavily in technology and EMR – Transitioned all our providers to ‘point-of-care’ over the past three years – Each patient visit is electronically documented. This means no paper charts, and minimal transcription services 22 © Novell, Inc. All rights reserved.
Practical Application of Advanced Authentication Clark & Daughtrey Medical Group IT Drivers C&D has four people in the I.T. department – Manage firewalls, routers, and wireless network, to servers, PBX/IP telephony, workstations, tablets, in 7 locations – Virtualizing our datacenter with VMware vSphere 4 – Must utilize technologies to help us manage our environment – Novell ZENworks is one tool we use to manage our servers, ® ® workstations, automate application installations and updates, and apply consistent policies throughout our organization 23 © Novell, Inc. All rights reserved.
Practical Application of Advanced Authentication Clark & Daughtrey Medical Group IT Drivers – A major problem was all the different user credentials. – Over 25 different applications user must log into. – Cannot control credentialing policy for most applications – Expanding use of extranets > Makes password management even more difficult – Dozens of user id/password help desk tickets every week 24 © Novell, Inc. All rights reserved.
Practical Application of Advanced Authentication Clark & Daughtrey Medical Group Solution • Advanced Authentication with Biometrics – SecuGen Hampster VI – BioKey Algorithm (for shared pattern) – NMAS middleware ™ • Desktop Automation Services (DAS) Provides Kiosk Functionality – Fast User Switching – Application Control • Novell SecureLogin ® – Single Sign-On – Secure sensitive applications with Biometric integration 25 © Novell, Inc. All rights reserved.
Practical Application of Advanced Authentication Clark & Daughtrey Medical Group Benefits – Virtually Password Free – Drastically reduced number of password-related help desk tickets. – Can re-verify biometric authentication when launching applications or any identified window or event – Dramatically increases security – Centralized administration with network directory integration – Corporate environment is more secure – Superior desktop and application management – I.T. can be proactive instead of reactive – Fast ROI 26 © Novell, Inc. All rights reserved.
SecureLogin AA Architecture Novell eDirectory , Active Directory and LDAP ® ™
Novell SecureLogin Architecture ® Novell eDirectory ™ Shared Desktop + Enterprise Terminal Enterprise DAS Desktop Services Systems Strong Novell Application A Authentication + Client Novell SSO Application B SecureLogin Application C Novell SecretStore ™ eDirectory Report Audit Database Server Optional Add-on 28 © Novell, Inc. All rights reserved.
Novell SecureLogin Architecture ® Microsoft ActiveDirectory Shared Desktop + Enterprise Terminal Enterprise DAS Desktop Services Systems Strong Application A Authentication + MS Client Novell SSO Application B SecureLogin Application C Active Directory Report Audit Database Server Optional Add-on 29 © Novell, Inc. All rights reserved.
Novell SecureLogin Architecture ® Other LDAP Directories Shared Desktop + Enterprise Terminal Enterprise DAS Desktop Services Systems Strong Application A Authentication + MS Client Novell SSO Application B SecureLogin Application C LDAP V3 Directory Report Audit Database Server Optional Add-on 30 © Novell, Inc. All rights reserved.
Demonstration
Using Biometrics In this demonstration we will show the use of a SecuGen Hampster: – Physical Setup to Support Biometrics > Workstation Driver > NMAS Server (Novell eDirectory ) Configuration ™ ® ™ > NMAS Workstations Gina / Security Provider – Biometric Enrollment > Configuring Novell eDirectory Options > Enrolling Multiple Fingers – Login With the Biometric > Testing Different Fingers 32 © Novell, Inc. All rights reserved.
Using Proximity Cards In this demonstration we will show the use of a RFIDEAS PCProx: – Physical Setup to Support the PCProx > Workstation Driver > NMAS Server (Novell eDirectory ) Configuration ™ ® ™ > NMAS Workstations Gina / Security Provider – PCProx Enrollment > Configuring Novell eDirectory Options > Enrolling the Prox Card – Login With the Prox Card > Testing Different Prox Cards 33 © Novell, Inc. All rights reserved.
Using Smart Cards In this demonstration we will show the use of a Smart Card Reader: – Physical Setup to Support the Reader > Workstation Driver > NMAS Server (Novell eDirectory ) Configuration ™ ® ™ > NMAS Workstations Gina / Security Provider – Smart Card Enrollment > Configuring eDirectory Options > Enrolling the Smart Card – Login With the Smart Card > Testing Different Smart Cards 34 © Novell, Inc. All rights reserved.
For More Information • Visit table A5 in IT Central • Walk through the SecureLogin demo in the Installation and Migration Depot • Attend the following complementary sessions: – BOF106: SecureLogin in the Real World Panel Discussion – IAM205: Novell SecureLogin Installation, Deployment and Lifecycle Management – IAM207: SecureLogin and Your Active Directory Setup – IAM302: Using Hard Disk Encryption and SecureLogin – IAM304: Securing Shared Workstation with SecureLogin • Visit www.novell.com/securelogin 35 © Novell, Inc. All rights reserved.
For More Information Try SecureLogin for Yourself We'll install SecureLogin on • Visit table A5 in IT Central your machine (for free). • Attend the following complementary sessions: – BOF106: SecureLogin in the Real World Panel Discussion – IAM205: Novell SecureLogin Installation, Deployment and Lifecycle Management – IAM207: SecureLogin and Your Active Directory Setup – IAM302: Using Hard Disk Encryption and SecureLogin – IAM303: Enhancing SecureLogin with Multi-factor Authentication – IAM304: Securing Shared Workstation with SecureLogin • Walk through the SecureLogin demo in the Installation and Migration Depot • Visit www.novell.com/securelogin 36 © Novell, Inc. All rights reserved.
Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.

Recommandé

Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle BH
 
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...Hitachi ID Systems, Inc.
 
Hitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Systems, Inc.
 
Defining Enterprise Identity Management
Defining Enterprise Identity ManagementDefining Enterprise Identity Management
Defining Enterprise Identity ManagementHitachi ID Systems, Inc.
 
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Systems, Inc.
 
ICAM - Demo Architecture review
ICAM - Demo Architecture reviewICAM - Demo Architecture review
ICAM - Demo Architecture reviewRamesh Nagappan
 
US FICAM Overview
US FICAM OverviewUS FICAM Overview
US FICAM OverviewUS FICAM
 
Identity access management
Identity access management Identity access management
Identity access management Prof. Jacques Folon (Ph.D)
 

Recommandé

Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle tech fmw-05-idm-neum-16.04.2010
Oracle tech fmw-05-idm-neum-16.04.2010Oracle BH
 
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...Hitachi ID Systems, Inc.
 
Hitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Identity Manager: Self-service and automated user provisioning
Hitachi ID Identity Manager: Self-service and automated user provisioningHitachi ID Systems, Inc.
 
Defining Enterprise Identity Management
Defining Enterprise Identity ManagementDefining Enterprise Identity Management
Defining Enterprise Identity ManagementHitachi ID Systems, Inc.
 
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Systems, Inc.
 
ICAM - Demo Architecture review
ICAM - Demo Architecture reviewICAM - Demo Architecture review
ICAM - Demo Architecture reviewRamesh Nagappan
 
US FICAM Overview
US FICAM OverviewUS FICAM Overview
US FICAM OverviewUS FICAM
 
Identity access management
Identity access management Identity access management
Identity access management Prof. Jacques Folon (Ph.D)
 
Hitachi ID Solutions Support GLB Compliance
Hitachi ID Solutions Support GLB ComplianceHitachi ID Solutions Support GLB Compliance
Hitachi ID Solutions Support GLB ComplianceHitachi ID Systems, Inc.
 
Hitachi ID Solutions Supporting HIPAA Compliance
Hitachi ID Solutions Supporting HIPAA ComplianceHitachi ID Solutions Supporting HIPAA Compliance
Hitachi ID Solutions Supporting HIPAA ComplianceHitachi ID Systems, Inc.
 
Tänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraTänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraORACLE USER GROUP ESTONIA
 
Identity and Request Management Using Novell Identity Manager: Identity Manag...
Identity and Request Management Using Novell Identity Manager: Identity Manag...Identity and Request Management Using Novell Identity Manager: Identity Manag...
Identity and Request Management Using Novell Identity Manager: Identity Manag...Novell
 
Hybrid Cloud, BigData and Consumerization The 2012 Trends
Hybrid Cloud, BigData and Consumerization The 2012 TrendsHybrid Cloud, BigData and Consumerization The 2012 Trends
Hybrid Cloud, BigData and Consumerization The 2012 TrendsSoftware Park Thailand
 
Azure Active Directory - Secure and Govern
Azure Active Directory - Secure and GovernAzure Active Directory - Secure and Govern
Azure Active Directory - Secure and GovernCheah Eng Soon
 
Credexo IDM
Credexo IDMCredexo IDM
Credexo IDMsiadehghan
 
20120510 università
20120510 università20120510 università
20120510 universitàPierluigi Sartori
 
Microsoft Forefront - Unified Access Gateway (UAG) Presentation
Microsoft Forefront - Unified Access Gateway (UAG) PresentationMicrosoft Forefront - Unified Access Gateway (UAG) Presentation
Microsoft Forefront - Unified Access Gateway (UAG) PresentationMicrosoft Private Cloud
 
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011IBM Sverige
 
Identity Insights: Social, Local and Mobile Identity
Identity Insights: Social, Local and Mobile IdentityIdentity Insights: Social, Local and Mobile Identity
Identity Insights: Social, Local and Mobile IdentityJon Bultmeyer
 
FrontOne our new and different solutions
FrontOne our new and different solutionsFrontOne our new and different solutions
FrontOne our new and different solutionsfrontone
 
Cybercom Enhanced Security Platform, CESP-ID
Cybercom Enhanced Security Platform, CESP-IDCybercom Enhanced Security Platform, CESP-ID
Cybercom Enhanced Security Platform, CESP-IDabelsonp
 
Model Information Office
Model Information OfficeModel Information Office
Model Information OfficeMahesh Patwardhan
 
Analyzing OAuth
Analyzing OAuthAnalyzing OAuth
Analyzing OAuthOliver Pfaff
 
Security for heterogeneous enviroments
Security for heterogeneous enviromentsSecurity for heterogeneous enviroments
Security for heterogeneous enviromentsFederman Hoyos
 
Data Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information PresentationData Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information Presentationguestf018d88
 
ADSS PDF Server Datasheet
ADSS PDF Server DatasheetADSS PDF Server Datasheet
ADSS PDF Server Datasheetliaquat
 
2p Mta Data Sheet V1.7 X1a
2p Mta Data Sheet V1.7 X1a2p Mta Data Sheet V1.7 X1a
2p Mta Data Sheet V1.7 X1aalwayson
 
A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1OracleIDM
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1OracleIDM
 
Oracle a TBIZ2011
Oracle a TBIZ2011Oracle a TBIZ2011
Oracle a TBIZ2011TechnologyBIZ
 

Contenu connexe

Tendances

Hitachi ID Solutions Support GLB Compliance
Hitachi ID Solutions Support GLB ComplianceHitachi ID Solutions Support GLB Compliance
Hitachi ID Solutions Support GLB ComplianceHitachi ID Systems, Inc.
 
Hitachi ID Solutions Supporting HIPAA Compliance
Hitachi ID Solutions Supporting HIPAA ComplianceHitachi ID Solutions Supporting HIPAA Compliance
Hitachi ID Solutions Supporting HIPAA ComplianceHitachi ID Systems, Inc.
 
Tänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraTänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraORACLE USER GROUP ESTONIA
 
Identity and Request Management Using Novell Identity Manager: Identity Manag...
Identity and Request Management Using Novell Identity Manager: Identity Manag...Identity and Request Management Using Novell Identity Manager: Identity Manag...
Identity and Request Management Using Novell Identity Manager: Identity Manag...Novell
 
Hybrid Cloud, BigData and Consumerization The 2012 Trends
Hybrid Cloud, BigData and Consumerization The 2012 TrendsHybrid Cloud, BigData and Consumerization The 2012 Trends
Hybrid Cloud, BigData and Consumerization The 2012 TrendsSoftware Park Thailand
 
Azure Active Directory - Secure and Govern
Azure Active Directory - Secure and GovernAzure Active Directory - Secure and Govern
Azure Active Directory - Secure and GovernCheah Eng Soon
 
Microsoft Forefront - Unified Access Gateway (UAG) Presentation
Microsoft Forefront - Unified Access Gateway (UAG) PresentationMicrosoft Forefront - Unified Access Gateway (UAG) Presentation
Microsoft Forefront - Unified Access Gateway (UAG) PresentationMicrosoft Private Cloud
 
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011IBM Sverige
 
Identity Insights: Social, Local and Mobile Identity
Identity Insights: Social, Local and Mobile IdentityIdentity Insights: Social, Local and Mobile Identity
Identity Insights: Social, Local and Mobile IdentityJon Bultmeyer
 
FrontOne our new and different solutions
FrontOne our new and different solutionsFrontOne our new and different solutions
FrontOne our new and different solutionsfrontone
 
Cybercom Enhanced Security Platform, CESP-ID
Cybercom Enhanced Security Platform, CESP-IDCybercom Enhanced Security Platform, CESP-ID
Cybercom Enhanced Security Platform, CESP-IDabelsonp
 
Security for heterogeneous enviroments
Security for heterogeneous enviromentsSecurity for heterogeneous enviroments
Security for heterogeneous enviromentsFederman Hoyos
 
Data Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information PresentationData Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information Presentationguestf018d88
 
ADSS PDF Server Datasheet
ADSS PDF Server DatasheetADSS PDF Server Datasheet
ADSS PDF Server Datasheetliaquat
 
2p Mta Data Sheet V1.7 X1a
2p Mta Data Sheet V1.7 X1a2p Mta Data Sheet V1.7 X1a
2p Mta Data Sheet V1.7 X1aalwayson
 

Tendances (19)

Hitachi ID Solutions Support GLB Compliance
Hitachi ID Solutions Support GLB ComplianceHitachi ID Solutions Support GLB Compliance
Hitachi ID Solutions Support GLB Compliance
 
Hitachi ID Solutions Supporting HIPAA Compliance
Hitachi ID Solutions Supporting HIPAA ComplianceHitachi ID Solutions Supporting HIPAA Compliance
Hitachi ID Solutions Supporting HIPAA Compliance
 
Tänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi TaraTänased võimalused turvalahendustes - Tarvi Tara
Tänased võimalused turvalahendustes - Tarvi Tara
 
Identity and Request Management Using Novell Identity Manager: Identity Manag...
Identity and Request Management Using Novell Identity Manager: Identity Manag...Identity and Request Management Using Novell Identity Manager: Identity Manag...
Identity and Request Management Using Novell Identity Manager: Identity Manag...
 
Hybrid Cloud, BigData and Consumerization The 2012 Trends
Hybrid Cloud, BigData and Consumerization The 2012 TrendsHybrid Cloud, BigData and Consumerization The 2012 Trends
Hybrid Cloud, BigData and Consumerization The 2012 Trends
 
Azure Active Directory - Secure and Govern
Azure Active Directory - Secure and GovernAzure Active Directory - Secure and Govern
Azure Active Directory - Secure and Govern
 
Credexo IDM
Credexo IDMCredexo IDM
Credexo IDM
 
20120510 università
20120510 università20120510 università
20120510 università
 
Microsoft Forefront - Unified Access Gateway (UAG) Presentation
Microsoft Forefront - Unified Access Gateway (UAG) PresentationMicrosoft Forefront - Unified Access Gateway (UAG) Presentation
Microsoft Forefront - Unified Access Gateway (UAG) Presentation
 
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
En arkitektonisk vy av en ledande och dynamisk IT-säkerhetsportfölj - PCTY 2011
 
Identity Insights: Social, Local and Mobile Identity
Identity Insights: Social, Local and Mobile IdentityIdentity Insights: Social, Local and Mobile Identity
Identity Insights: Social, Local and Mobile Identity
 
FrontOne our new and different solutions
FrontOne our new and different solutionsFrontOne our new and different solutions
FrontOne our new and different solutions
 
Cybercom Enhanced Security Platform, CESP-ID
Cybercom Enhanced Security Platform, CESP-IDCybercom Enhanced Security Platform, CESP-ID
Cybercom Enhanced Security Platform, CESP-ID
 
Model Information Office
Model Information OfficeModel Information Office
Model Information Office
 
Analyzing OAuth
Analyzing OAuthAnalyzing OAuth
Analyzing OAuth
 
Security for heterogeneous enviroments
Security for heterogeneous enviromentsSecurity for heterogeneous enviroments
Security for heterogeneous enviroments
 
Data Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information PresentationData Securities Corporate Technology Information Presentation
Data Securities Corporate Technology Information Presentation
 
ADSS PDF Server Datasheet
ADSS PDF Server DatasheetADSS PDF Server Datasheet
ADSS PDF Server Datasheet
 
2p Mta Data Sheet V1.7 X1a
2p Mta Data Sheet V1.7 X1a2p Mta Data Sheet V1.7 X1a
2p Mta Data Sheet V1.7 X1a
 

Similaire à Enhancing Novell SecureLogin® with Multi-factor Authentication

A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1OracleIDM
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1OracleIDM
 
P hallam baker_keynote
P hallam baker_keynoteP hallam baker_keynote
P hallam baker_keynoteshindeshekhar
 
Platform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalPlatform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalOracleIDM
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management StrategyNetIQ
 
Simple cloud security explanation
Simple cloud security explanationSimple cloud security explanation
Simple cloud security explanationindianadvisory
 
Gartner iam 2011-analytics-aj-orig-recordednp-final
Gartner iam 2011-analytics-aj-orig-recordednp-finalGartner iam 2011-analytics-aj-orig-recordednp-final
Gartner iam 2011-analytics-aj-orig-recordednp-finalOracleIDM
 
Sogeti Cloud Seminar Identity In The Clouds
Sogeti Cloud Seminar Identity In The CloudsSogeti Cloud Seminar Identity In The Clouds
Sogeti Cloud Seminar Identity In The CloudsRon Moerman
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracleIDM
 
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud SecurityLayer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud SecurityCA API Management
 
What's New in Novell Identity Manager 4.0
What's New in Novell Identity Manager 4.0What's New in Novell Identity Manager 4.0
What's New in Novell Identity Manager 4.0Novell
 
Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Canada
 
Integrating Novell Access Governance Suite with Novell Identity Manager
Integrating Novell Access Governance Suite with Novell Identity ManagerIntegrating Novell Access Governance Suite with Novell Identity Manager
Integrating Novell Access Governance Suite with Novell Identity ManagerNovell
 
Cyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities IndustryCyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities IndustryProlifics
 
Compliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementCompliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementNoam Bunder
 
Day 2 p1 - operate simply
Day 2 p1 - operate simplyDay 2 p1 - operate simply
Day 2 p1 - operate simplyLilian Schaffer
 

Similaire à Enhancing Novell SecureLogin® with Multi-factor Authentication (20)

A better waytosecureapps-finalv1
A better waytosecureapps-finalv1A better waytosecureapps-finalv1
A better waytosecureapps-finalv1
 
Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1Platform approach-series-building a-roadmap-finalv1
Platform approach-series-building a-roadmap-finalv1
 
Oracle a TBIZ2011
Oracle a TBIZ2011Oracle a TBIZ2011
Oracle a TBIZ2011
 
Securityinsideout
SecurityinsideoutSecurityinsideout
Securityinsideout
 
P hallam baker_keynote
P hallam baker_keynoteP hallam baker_keynote
P hallam baker_keynote
 
Platform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-finalPlatform approach-series-the oracleplatform-final
Platform approach-series-the oracleplatform-final
 
Building an Effective Identity Management Strategy
Building an Effective Identity Management StrategyBuilding an Effective Identity Management Strategy
Building an Effective Identity Management Strategy
 
Simple cloud security explanation
Simple cloud security explanationSimple cloud security explanation
Simple cloud security explanation
 
Gartner iam 2011-analytics-aj-orig-recordednp-final
Gartner iam 2011-analytics-aj-orig-recordednp-finalGartner iam 2011-analytics-aj-orig-recordednp-final
Gartner iam 2011-analytics-aj-orig-recordednp-final
 
Sogeti Cloud Seminar Identity In The Clouds
Sogeti Cloud Seminar Identity In The CloudsSogeti Cloud Seminar Identity In The Clouds
Sogeti Cloud Seminar Identity In The Clouds
 
Oracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcastOracle_Cisco identity platform approach_webcast
Oracle_Cisco identity platform approach_webcast
 
Soa security2
Soa security2Soa security2
Soa security2
 
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud SecurityLayer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
 
What's New in Novell Identity Manager 4.0
What's New in Novell Identity Manager 4.0What's New in Novell Identity Manager 4.0
What's New in Novell Identity Manager 4.0
 
Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Study: State of Web Security
Cisco Study: State of Web Security
 
Identity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. MookheyIdentity & Access Management by K. K. Mookhey
Identity & Access Management by K. K. Mookhey
 
Integrating Novell Access Governance Suite with Novell Identity Manager
Integrating Novell Access Governance Suite with Novell Identity ManagerIntegrating Novell Access Governance Suite with Novell Identity Manager
Integrating Novell Access Governance Suite with Novell Identity Manager
 
Cyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities IndustryCyber Security in Energy & Utilities Industry
Cyber Security in Energy & Utilities Industry
 
Compliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement ManagementCompliance and Governance Through Complex Entitlement Management
Compliance and Governance Through Complex Entitlement Management
 
Day 2 p1 - operate simply
Day 2 p1 - operate simplyDay 2 p1 - operate simply
Day 2 p1 - operate simply
 

Plus de Novell

Filr white paper
Filr white paperFilr white paper
Filr white paperNovell
 
Social media class 4 v2
Social media class 4 v2Social media class 4 v2
Social media class 4 v2Novell
 
Social media class 3
Social media class 3Social media class 3
Social media class 3Novell
 
Social media class 2
Social media class 2Social media class 2
Social media class 2Novell
 
Social media class 1
Social media class 1Social media class 1
Social media class 1Novell
 
Social media class 2 v2
Social media class 2 v2Social media class 2 v2
Social media class 2 v2Novell
 
LinkedIn training presentation
LinkedIn training presentationLinkedIn training presentation
LinkedIn training presentationNovell
 
Twitter training presentation
Twitter training presentationTwitter training presentation
Twitter training presentationNovell
 
Getting started with social media
Getting started with social mediaGetting started with social media
Getting started with social mediaNovell
 
Strategies for sharing and commenting in social media
Strategies for sharing and commenting in social mediaStrategies for sharing and commenting in social media
Strategies for sharing and commenting in social mediaNovell
 
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHInformation Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHNovell
 
Workload iq final
Workload iq finalWorkload iq final
Workload iq finalNovell
 
The Identity-infused Enterprise
The Identity-infused EnterpriseThe Identity-infused Enterprise
The Identity-infused EnterpriseNovell
 
Shining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of SocialShining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of SocialNovell
 
Accelerate to the Cloud
Accelerate to the CloudAccelerate to the Cloud
Accelerate to the CloudNovell
 
The New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration TrendsThe New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration TrendsNovell
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementNovell
 
Iaas for a demanding business
Iaas for a demanding businessIaas for a demanding business
Iaas for a demanding businessNovell
 
Workload IQ: A Differentiated Approach
Workload IQ: A Differentiated ApproachWorkload IQ: A Differentiated Approach
Workload IQ: A Differentiated ApproachNovell
 
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...Novell
 

Plus de Novell (20)

Filr white paper
Filr white paperFilr white paper
Filr white paper
 
Social media class 4 v2
Social media class 4 v2Social media class 4 v2
Social media class 4 v2
 
Social media class 3
Social media class 3Social media class 3
Social media class 3
 
Social media class 2
Social media class 2Social media class 2
Social media class 2
 
Social media class 1
Social media class 1Social media class 1
Social media class 1
 
Social media class 2 v2
Social media class 2 v2Social media class 2 v2
Social media class 2 v2
 
LinkedIn training presentation
LinkedIn training presentationLinkedIn training presentation
LinkedIn training presentation
 
Twitter training presentation
Twitter training presentationTwitter training presentation
Twitter training presentation
 
Getting started with social media
Getting started with social mediaGetting started with social media
Getting started with social media
 
Strategies for sharing and commenting in social media
Strategies for sharing and commenting in social mediaStrategies for sharing and commenting in social media
Strategies for sharing and commenting in social media
 
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECHInformation Security & Compliance in Healthcare: Beyond HIPAA and HITECH
Information Security & Compliance in Healthcare: Beyond HIPAA and HITECH
 
Workload iq final
Workload iq finalWorkload iq final
Workload iq final
 
The Identity-infused Enterprise
The Identity-infused EnterpriseThe Identity-infused Enterprise
The Identity-infused Enterprise
 
Shining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of SocialShining the Enterprise Light on Shades of Social
Shining the Enterprise Light on Shades of Social
 
Accelerate to the Cloud
Accelerate to the CloudAccelerate to the Cloud
Accelerate to the Cloud
 
The New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration TrendsThe New Business Value of Today’s Collaboration Trends
The New Business Value of Today’s Collaboration Trends
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log Management
 
Iaas for a demanding business
Iaas for a demanding businessIaas for a demanding business
Iaas for a demanding business
 
Workload IQ: A Differentiated Approach
Workload IQ: A Differentiated ApproachWorkload IQ: A Differentiated Approach
Workload IQ: A Differentiated Approach
 
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
Virtual Appliances: Simplifying Application Deployment and Accelerating Your ...
 

Enhancing Novell SecureLogin® with Multi-factor Authentication

  • 1. Enhancing Novell SecureLogin ® with Multi-factor Authentication Troy Drewry Nick Ivon Technical Sales Specialist Director of Information Systems Novell / tdrewry@novell.com Clark & Daughtrey Medical Centers nickivon@clark-daughtrey.com Greg Domjan Senior Software Engineer Novell / gdomjan@novell.com
  • 2. Session Overview • SecureLogin in Novell ISM Model - Solutions, Framework and Integration ® • Defining Advanced Authentication - Cool Technology or Invaluable Tool? – Why Do it? – Why Do It with SecureLogin? – Device Options – Who Does it Today • Practical Applications of Advanced Authentication – The Real World With Our Client: Clark & Daughtrey Medical Group – IT Drivers – The Solution – Benefits • SecureLogin AA Architecture – Novell eDirectory , Active Directory and LDAP ™ • Demonstration – SecureLogin and Advanced Authentication Explained – Using Biometric – Using Proximity Cards – Using Smart Cards • Discussion with Q&A 2 © Novell, Inc. All rights reserved.
  • 3. SecureLogin in Novell Identity ® and Security Management Solutions, Framework, Integration
  • 4. Identity and Security Solutions Identity and Access Security Compliance Management Management Management • User Provisioning • Security Monitoring • Access Certification and Management and Remediation • Enterprise Compliance • Roles Management • Log Management Solutions • Simplified Secure • Cloud Security • Privileged User Access Management 4 © Novell, Inc. All rights reserved.
  • 5. Identity and Security Framework Roles Driven Governance Governance Access Identity Management Roles Engineering Common Roles and Organizations Certification Business Processes, Methodology and Access Permissions and Processes Policies and Standards Tools Identity Management Simplified, Secure Access Identity Authentication Authorization Identity Vault Integration and Synchronization Multi-Factor Auth./ SSL Federated Identity Course Grained VPN Authorization Management Privileged User Provisioning and Workflows Management Web Access Management Fine Grained Delegated Self-Service Reduced / Authorization Single Administration Administration Sign-On Audit Identity Audit Access Administration Control Events Reporting Events Security and Vulnerability Management 5 © Novell, Inc. All rights reserved.
  • 6. Identity and Security Framework Roles Driven Governance Governance Novell Access Certification Manager / Novell Roles Engineering Common Roles and Access Identity Management Roles Lifecycle Manager / Organizations Certification Business Processes, Methodology and Access Permissions and Processes Novell Professional and Partner Services Policies and Standards Tools Identity Management Simplified, Secure Access Identity Authentication Authorization SecureLogin (eSSO) Identity Vault Integration and Privileged User Access Manager Synchronization Multi-Factor Auth./ SSL Federated Identity Course Grained Manager Manager VPN Access (WSSO) Authorization Management Identity Manager / Privileged User Access Role Based Provisioning / Provisioning and Workflows Management Web Access Management Manager Storage Manager Fine Grained Delegated Self-Service Reduced / Authorization Single Administration Administration Sign-On Audit Identity Audit Access Novell Sentinel / Novell Identity Reporting Administration Control Events Audit Events Security and Vulnerability Management 6 © Novell, Inc. All rights reserved.
  • 7. The Integration Platform of Novell Identity ® and Security Management Products Novell Novell ® Identity SecureLogin Manager Novell Novell Access Sentinel ™ Manager ™ Approval and Workflow Role-based administration Password self service Business policy enforcement Identity Synchronization Auditing and remediation 7 © Novell, Inc. All rights reserved.
  • 8. Defining Advanced Authentication Cool Technology or Invaluable Tool
  • 9. What is Advanced Authentication? Start with these definitions: Identity: A unique assigned value used to reference a principal Authentication: The process of verifying reference to principal with factors Authorization: Capabilities of principals based on policy definition and enforcement Authentication is NOT Authorization Advanced Authentication with Novell SecureLogin: ® Extend Advanced Authentication to the application Novell SecureLogin Registered Identity 9 © Novell, Inc. All rights reserved.
  • 10. What is Advanced Authentication? The key requirements of today's and future network infrastructures are to provide security while maintaining high Quality of Service (QoS) and user satisfaction—all while responding to continuous demands for additional functionality. It all comes down to negotiation – In development - trade feature for release date – In QoS - trade predictable performance for resource requirements – In security - trade usability for compliance Many companies are now investigating advanced authentication (sometimes referred to as “two-factor” or 2FA) solutions which typically involve biometrics, proximity cards, smart cards or tokens (randon multi-digit numeric generators) to complement their existing security. Only a small percentage have moved to production. Why do think this is true? Can this be changed now? 10 © Novell, Inc. All rights reserved.
  • 11. Advanced Authentication: Cool Technology or Invaluable Tool? Why Do It? Simply because of users? Security? Other? – Users create easily guessable passwords, use names or something so complicated they end up having to write it down or call for reset – Users are not good at protecting their passwords – Users can put the company in the news. NOT in a good way! – Advanced Authentication can greatly improve the user experience and Quality of Service (QoS) – Oh... and it dramatically increases security and helps with regulatory compliance requirements The fact is that the ingenuity, persistence and proliferation of commercial hackers has led to an increase in concern for protecting crucial systems from unauthorized access. Many businesses stand to lose enormous amounts of money as well as investor confidence from such security breaches. Protecting data in the digital age is essential. 11 © Novell, Inc. All rights reserved.
  • 12. Advanced Authentication: Cool Technology or Invaluable Tool? Why Do It? Simply because of users? Security? Other? – Users create easily guessable passwords, use names or something so complicated they end up having to write it down or call for reset – Users are not good at protecting their passwords – Users can put the company in the news. NOT in a good way! – Advanced Authentication can greatly improve the user experience and Quality of Service (QoS) – Oh... and it dramatically increases security and helps with regulatory compliance requirements The fact is that the ingenuity, persistence and proliferation of commercial hackers and has led to an increase in concern for protecting crucial systems from unauthorized access. Many businesses stand to lose enormous amounts of money as well as investor confidence from such security breaches. Protecting data in the digital age is essential. 12 © Novell, Inc. All rights reserved.
  • 13. Advanced Authentication: Cool Technology or Invaluable Tool? Why Do It With SecureLogin? Extending the use of the device. – Something the user knows > Username, ID, Badge Number, etc. > Password – – Eliminated Issues – Remaining Issues > forgotten passwords > disgruntled employees > Keystroke logging > false negatives / positives > password trapping > lost cards / tokens > shoulder surfing > remote / traveling users > phishing / identity theft > trojans / man-in-the-middle 13 © Novell, Inc. All rights reserved.
  • 14. Advanced Authentication: Tool Cool Technology or Invaluable Tool? Why Do It With SecureLogin? Extending the use of the device. – Something the user knows > Username, ID, Badge Number, etc. > Password – Eliminated Issues – Remaining Issues > forgotten passwords > disgruntled employees > Keystroke logging > false negatives / positives > password trapping > lost cards / tokens > shoulder surfing > remote / traveling users > phishing / identity theft > trojans / man-in-the-middle 14 © Novell, Inc. All rights reserved.
  • 15. Advanced Authentication: Cool Technology or Invaluable Tool? Device Options – Something the user knows > Username, ID, Badge Number, etc. > Password 15 © Novell, Inc. All rights reserved.
  • 16. Advanced Authentication: Cool Technology or Invaluable Tool? Who Does It Today? – Something the user knows > Username, ID, Badge Number, etc. > Password Biom tricSe urityO e c pportunities R g la ion eu t s R v nue ee s H P -2 SD 4 D ,D S,D T e c oD H oS, SA t PrivateIndustry St te a s C s itie International N RHO OTC M O rC C Ms the O O ForeignGov’ts CNC M E TO T e im 16 © Novell, Inc. All rights reserved.
  • 17. Advanced Authentication: Cool Technology or Invaluable Tool? Perhaps Both... 17 © Novell, Inc. All rights reserved.
  • 18. Practical Application of Advanced Authentication Cool Technology or Invaluable Tool
  • 19. Federal Bridge • PKI Authentication across government agencies – Verisign, Exostar, Entrust – Federal Bridge Certificate Authority - FBCA – Validation and trust among agencies that use the bridge FBCA 19 © Novell, Inc. All rights reserved.
  • 20. Federal & Industry Bridges Other Industries are leveraging the FBCA HEBCA (Future) FBCA 20 © Novell, Inc. All rights reserved.
  • 21. Practical Application of Advanced Authentication The Real World With Our Client: Clark & Daughtrey Medical Group Nicholas Ivon Director of Information Systems (863) 284-5025 nickivon@clark-daughtrey.com 21 © Novell, Inc. All rights reserved.
  • 22. Practical Application of Advanced Authentication Clark & Daughtrey Medical Group Overview – C&D is a large multi-specialty, multi-location provider group in Lakeland Florida – Celebrating it’s 60th anniversary this year – Over the past eight years, C&D has invested heavily in technology and EMR – Transitioned all our providers to ‘point-of-care’ over the past three years – Each patient visit is electronically documented. This means no paper charts, and minimal transcription services 22 © Novell, Inc. All rights reserved.
  • 23. Practical Application of Advanced Authentication Clark & Daughtrey Medical Group IT Drivers C&D has four people in the I.T. department – Manage firewalls, routers, and wireless network, to servers, PBX/IP telephony, workstations, tablets, in 7 locations – Virtualizing our datacenter with VMware vSphere 4 – Must utilize technologies to help us manage our environment – Novell ZENworks is one tool we use to manage our servers, ® ® workstations, automate application installations and updates, and apply consistent policies throughout our organization 23 © Novell, Inc. All rights reserved.
  • 24. Practical Application of Advanced Authentication Clark & Daughtrey Medical Group IT Drivers – A major problem was all the different user credentials. – Over 25 different applications user must log into. – Cannot control credentialing policy for most applications – Expanding use of extranets > Makes password management even more difficult – Dozens of user id/password help desk tickets every week 24 © Novell, Inc. All rights reserved.
  • 25. Practical Application of Advanced Authentication Clark & Daughtrey Medical Group Solution • Advanced Authentication with Biometrics – SecuGen Hampster VI – BioKey Algorithm (for shared pattern) – NMAS middleware ™ • Desktop Automation Services (DAS) Provides Kiosk Functionality – Fast User Switching – Application Control • Novell SecureLogin ® – Single Sign-On – Secure sensitive applications with Biometric integration 25 © Novell, Inc. All rights reserved.
  • 26. Practical Application of Advanced Authentication Clark & Daughtrey Medical Group Benefits – Virtually Password Free – Drastically reduced number of password-related help desk tickets. – Can re-verify biometric authentication when launching applications or any identified window or event – Dramatically increases security – Centralized administration with network directory integration – Corporate environment is more secure – Superior desktop and application management – I.T. can be proactive instead of reactive – Fast ROI 26 © Novell, Inc. All rights reserved.
  • 27. SecureLogin AA Architecture Novell eDirectory , Active Directory and LDAP ® ™
  • 28. Novell SecureLogin Architecture ® Novell eDirectory ™ Shared Desktop + Enterprise Terminal Enterprise DAS Desktop Services Systems Strong Novell Application A Authentication + Client Novell SSO Application B SecureLogin Application C Novell SecretStore ™ eDirectory Report Audit Database Server Optional Add-on 28 © Novell, Inc. All rights reserved.
  • 29. Novell SecureLogin Architecture ® Microsoft ActiveDirectory Shared Desktop + Enterprise Terminal Enterprise DAS Desktop Services Systems Strong Application A Authentication + MS Client Novell SSO Application B SecureLogin Application C Active Directory Report Audit Database Server Optional Add-on 29 © Novell, Inc. All rights reserved.
  • 30. Novell SecureLogin Architecture ® Other LDAP Directories Shared Desktop + Enterprise Terminal Enterprise DAS Desktop Services Systems Strong Application A Authentication + MS Client Novell SSO Application B SecureLogin Application C LDAP V3 Directory Report Audit Database Server Optional Add-on 30 © Novell, Inc. All rights reserved.
  • 32. Using Biometrics In this demonstration we will show the use of a SecuGen Hampster: – Physical Setup to Support Biometrics > Workstation Driver > NMAS Server (Novell eDirectory ) Configuration ™ ® ™ > NMAS Workstations Gina / Security Provider – Biometric Enrollment > Configuring Novell eDirectory Options > Enrolling Multiple Fingers – Login With the Biometric > Testing Different Fingers 32 © Novell, Inc. All rights reserved.
  • 33. Using Proximity Cards In this demonstration we will show the use of a RFIDEAS PCProx: – Physical Setup to Support the PCProx > Workstation Driver > NMAS Server (Novell eDirectory ) Configuration ™ ® ™ > NMAS Workstations Gina / Security Provider – PCProx Enrollment > Configuring Novell eDirectory Options > Enrolling the Prox Card – Login With the Prox Card > Testing Different Prox Cards 33 © Novell, Inc. All rights reserved.
  • 34. Using Smart Cards In this demonstration we will show the use of a Smart Card Reader: – Physical Setup to Support the Reader > Workstation Driver > NMAS Server (Novell eDirectory ) Configuration ™ ® ™ > NMAS Workstations Gina / Security Provider – Smart Card Enrollment > Configuring eDirectory Options > Enrolling the Smart Card – Login With the Smart Card > Testing Different Smart Cards 34 © Novell, Inc. All rights reserved.
  • 35. For More Information • Visit table A5 in IT Central • Walk through the SecureLogin demo in the Installation and Migration Depot • Attend the following complementary sessions: – BOF106: SecureLogin in the Real World Panel Discussion – IAM205: Novell SecureLogin Installation, Deployment and Lifecycle Management – IAM207: SecureLogin and Your Active Directory Setup – IAM302: Using Hard Disk Encryption and SecureLogin – IAM304: Securing Shared Workstation with SecureLogin • Visit www.novell.com/securelogin 35 © Novell, Inc. All rights reserved.
  • 36. For More Information Try SecureLogin for Yourself We'll install SecureLogin on • Visit table A5 in IT Central your machine (for free). • Attend the following complementary sessions: – BOF106: SecureLogin in the Real World Panel Discussion – IAM205: Novell SecureLogin Installation, Deployment and Lifecycle Management – IAM207: SecureLogin and Your Active Directory Setup – IAM302: Using Hard Disk Encryption and SecureLogin – IAM303: Enhancing SecureLogin with Multi-factor Authentication – IAM304: Securing Shared Workstation with SecureLogin • Walk through the SecureLogin demo in the Installation and Migration Depot • Visit www.novell.com/securelogin 36 © Novell, Inc. All rights reserved.
  • 37.
  • 38. Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.