User authentication

NetSign SecureDial features

• Secure remote network access using the RAS, RADIUS, TACACS or PPTP protocols to enable smart card secured dial-up sessions and ISP access

• Storage of account information on the smart card to protect dial-up passwords

NetSign SecureStart features

• Log-on protection for Windows 95/98 & Windows NT PCs requiring the insertion of the user's smart card and PIN for PC access (Windows 2000 support provided through native Windows 2000 Log-on)

• Locking capabilities for Windows PC NT stations upon the removal of the user's smart card

• System lock override with the use of an administrator card

Browser and e-mail security features

• Authenticated web page access with SSL

• Digitally signed and encrypted email using S/MIME (VeriSign Digital ID included)

• Form and object signing using Microsoft Internet Explorer 4.0 or higher, Outlook 98/2000 or Outlook Express 4 or higher, or Netscape Communicator 4.05 or higher

• Support for custom smart card enabled Java applets

Profile Manager

Profile Manager provides organizations with a flexible solution by offering token interoperability. Because Profile Manager can initialize and maintain both smart cards and the exporting of PKCS#12 files, organizations can implement an adaptable PKI scheme that supports a multilevel security approach. Profile Manager is integrated with a variety of Certificate Authorities (CAs) offering trusted certificate issuance and integrated directory service. The CAs currently supported are Microsoft Certificate Server, VeriSign OnSite, Netscape Certificate Management System, and CyberTrust. In addition, Profile Manager supports international standards such as SSL, S/MIME, PKCS #11, and PC/SC while enabling the generation of X.50gv3 certificates, RSA keypairs, and other custom data objects.

Deploy security tokens quickly and securely

Efficiency and security are critical to the success of a large-scale PKI deployment. Profile Manager enables organizations to quickly generate security tokens for any user in the system. To increase efficiency and decrease the risk of third party interception, token generation is removed from the user's desktop and performed by the security administrator for fail-safe installation of the certificate on the token. Security administrators can control security by generating and backing up keys and certificates in a restricted environment.

Profile Manager conveniently integrates with your existing employee or customer database so that the security administrator does not have to rekey user data for token personalization. User information can be imported from several sources including existing ASCII files, directories, and various databases. For large-scale deployments, Profile Manager integrates with Datacard printers to provide bulk smart card initialization and custom printing.

Easily recover token information

The ability to recover user information, including keys and certificates, is necessary to replace lost or damaged tokens. Profile Manager provides optional secure database integration for the recovery of token information. User data and profile information is encrypted with the security administrator's Triple DES key/PIN-protected smart card and stored in the database. The security administrator can access this information from the database to issue a user a duplicate smart card when a card is lost or damaged.

Facilitate security token management

The routine maintenance of a PKI can be burdensome for security administrators without the proper tools for the management of security tokens. Profile Manager can be used to modify user privileges or alter user data by adding, deleting, or modifying items on an existing user token. If necessary, a user's keys and certificates can be revoked using Profile Manager. Data on a card or other token can be changed and updated after that token has been issued using Profile Manager. Changing user data after token issuance also creates a new backup entry in the database.

Profile manager supports

• Hardware key generation

• Integration with leading X.509v3 Certificate Authorities

• Security policy profiling

• Integration with various databases and directories

• Bulk token issuance

• Key recovery

• Certificate revocation

Profile Manager includes: Profile Manager software

Two NetSignia Smart Card Reader/Writers Argus 2000 PC Card Reader/Writer Chrysalis Luna 2 PCMCIA Token Thirteen smart cards

Target audience

snAPPsecure targets organizations moving off-line processes to the Web to achieve increased efficiencies. Most of these organizations do not have the vast resources required to implement a custom-built infrastructure for strong authentication and eSignatures. Initial target market segments include healthcare, manufacturing, financial services, pharmaceuticals, and government.

Every organization is working fast and furiously to determine which core processes should be e-enabled. However, without the necessary security precautions, mission-critical Web, e-mail, and enterprise applications, like SAP and PeopleSoft, are at serious risk. The latest version of Microsoft's server operating system, Windows 2000, has been developed with built-in security capabilities including a standards-based public key infrastructure (PKI) to deliver a complete Internet-enabled business operating system. SHYM's snAPPsecure utilizes no-cost certificates from Microsoft's Windows 2000 as a low-cost and easy-to-deploy solution for small and medium enterprises to secure critical applications.

Description of product

SHYM's snAPPsecure is a turnkey application security solution powered by the Microsoft Windows 2000-based public key infrastructure (PKI) that dramatically accelerates the deployment of application security using digital certificates to protect today's e-business initiatives. snAPPsecure allows organizations to look beyond individual security point-solutions to a complete product solution that is centrally managed, covering all organizational domains. snAPPsecure lets organizations easily leverage the integrated PKI of Windows 2000 with their choice of Web, e-mail, and client/server applications without the time-consuming and costly custom integration traditionally needed for a complex and powerful PKI security. snAPPsecure combines PKEnable, SHYM's flagship product, the Windows 2000 Certificate Server and professional services to enable organizations to rapidly secure critical e-business applications in just a few days, as opposed to the months of integration needed with today's digital certificate toolkits.

SHYM's application library includes support for popular Web, e-mail, and enterprise applications, providing snap-in application security, eliminating the pain of integrating and maintaining custom development. snAPPsecure does not require a homogenous Windows 2000-based network. It provides clean integration with existing Windows NT, Novell, and UNIX environments.

Business problem

Today, enterprises engaging in business over public networks are doing it at a great risk. The idea of conducting high value transactions, such as contract negotiations and the exchange of product ideas with today's security technology gives most organizations reason for concern. PKI is poised to meet these security needs with its combination of strong authentication, message integrity, and eSignature capabilities, but PKI is still too difficult to integrate, manage, and deploy. Recent PKI projects that were expected to be in full-scale deployment are still mired in the pilot stages, while other projects have been completely cancelled. Those very few who have started to roll out a PKI now realize that just issuing certificates is not enough; there must be a way to validate that credentials are trusted to perform certain transactions. SHYM's snAPPsecure is the solution to this problem. It makes PKI less expensive, faster to deploy, and easier to manage.

SHYM's snAPPsecure enables organizations to leverage the underlying digital certificate capabilities of their Windows 2000 operating system, thereby leveraging digital certificates for greater efficiency and competitive advantage. snAPPsecure enables e-processes that result in greater efficiencies and competitive advantage. SHYM's snAPPsecure also removes application security integration barriers, making the product far easier to install and manage. With Microsoft's integrated PKI software, customers can deploy PKI-based security services quickly, easily, and most importantly, cost effectively. SHYM's solution lets organizations reap the promise of streamlined business processes, without breaking the bank or missing the market window. SHYM's solutions have the added advantage of being both snap-in simple, and customized to fit each organization's needs. A snAPPsecure pilot implementation can usually be installed in one day as opposed to weeks or months.

SHYM's snAPPsecure allows companies to build strong strategic online relationships with suppliers, distributors, customers, and other entities. They can share important business information knowing that interactions are private, that the identity of each party is authenticated, and that any agreements cannot be forged or repudiated. These assurances allow companies to replicate the best practices of the brick and mortar marketplace in the e-business realm.

Internet Security: A Jumpstart for Systems Administrators and IT Managers

ISBN: 1555582982
EAN: 2147483647

Year: 2003
Pages: 103

Authors: Tim Speed, Juanita Ellis

BUY ON AMAZON