Enhancing Novell® SecureLogin with Multi-factor Authentication Troy Drewry Technical Sales Specialist Novell / [email protected]Greg Domjan Senior Software Engineer Novell / [email protected]Nick Ivon Director of Information Systems Clark & Daughtrey Medical Centers [email protected]
38
Embed
Enhancing Novell SecureLogin with Multi-factor Authentication
Did you know that besides the single sign-on capabilities Novell SecureLogin delivers, it also supports multi-factor authentication? That means you can not only deploy stronger passwords, but also require the use of more advanced authentication to protect workstations and applications. In the session, the presenters will detail how Novell SecureLogin can help you control user authentication on the basis of: • Something the user knows (user name and password) • Something the user has (proximity card, smart card, one-time password token device) • Something the user is (biometric device)
In particular, the presenters will demonstrate how to integrate SecureLogin with a smartcard for network authentication, and then require the smart card and PIN to access a specific application.
To show how advanced authentication works in the real world, you will also hear how a regional medical group integrated biometrics with Novell SecureLogin and Novell ZENworks to secure 400 workstations and 100 tablets across several locations. In addition to showcasing how the integrated solution works in their environment, the presenter will also offer tips for avoiding common pitfalls.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Enhancing Novell® SecureLogin with Multi-factor Authentication
• SecureLogin in Novell® ISM Model - Solutions, Framework and Integration• Defining Advanced Authentication - Cool Technology or Invaluable Tool?
– Why Do it?– Why Do It with SecureLogin?– Device Options– Who Does it Today
• Practical Applications of Advanced Authentication– The Real World With Our Client: Clark & Daughtrey Medical Group– IT Drivers– The Solution– Benefits
• SecureLogin AA Architecture – Novell eDirectory™, Active Directory and LDAP• Demonstration
– SecureLogin and Advanced Authentication Explained – Using Biometric– Using Proximity Cards– Using Smart Cards
• Discussion with Q&A
SecureLogin in Novell® Identityand Security Management
The key requirements of today's and future network infrastructures are to provide security while maintaining high Quality of Service (QoS) and user satisfaction—all while responding to continuous demands for additional functionality.
It all comes down to negotiation– In development - trade feature for release date– In QoS - trade predictable performance for resource requirements– In security - trade usability for compliance
Many companies are now investigating advanced authentication (sometimes referred to as “two-factor” or 2FA) solutions which typically involve biometrics, proximity cards, smart cards or tokens (randon multi-digit numeric generators) to complement their existing security. Only a small percentage have moved to production.
Why do think this is true? Can this be changed now?
Advanced Authentication: Cool Technology or Invaluable Tool? Why Do It? Simply because of users? Security? Other?
– Users create easily guessable passwords, use names or something so complicated they end up having to write it down or call for reset
– Users are not good at protecting their passwords– Users can put the company in the news. NOT in a good way!– Advanced Authentication can greatly improve the user experience and
Quality of Service (QoS)– Oh... and it dramatically increases security and helps with regulatory
compliance requirements
The fact is that the ingenuity, persistence and proliferation of commercial hackers has led to an increase in concern for protecting crucial systems from unauthorized access. Many businesses stand to lose enormous amounts of money as well as investor confidence from such security breaches. Protecting data in the digital age is essential.
Advanced Authentication: Cool Technology or Invaluable Tool? Why Do It? Simply because of users? Security? Other?
– Users create easily guessable passwords, use names or something so complicated they end up having to write it down or call for reset
– Users are not good at protecting their passwords– Users can put the company in the news. NOT in a good way!– Advanced Authentication can greatly improve the user experience and
Quality of Service (QoS)– Oh... and it dramatically increases security and helps with regulatory
compliance requirements
The fact is that the ingenuity, persistence and proliferation of commercial hackers and has led to an increase in concern for protecting crucial systems from unauthorized access. Many businesses stand to lose enormous amounts of money as well as investor confidence from such security breaches. Protecting data in the digital age is essential.
• PKI Authentication across government agencies– Verisign, Exostar, Entrust– Federal Bridge Certificate Authority - FBCA– Validation and trust among agencies that use the bridge
Practical Application of Advanced Authentication Clark & Daughtrey Medical Group IT Drivers
C&D has four people in the I.T. department
– Manage firewalls, routers, and wireless network, to servers, PBX/IP telephony, workstations, tablets, in 7 locations
– Virtualizing our datacenter with VMware vSphere 4
– Must utilize technologies to help us manage our environment
– Novell® ZENworks® is one tool we use to manage our servers, workstations, automate application installations and updates, and apply consistent policies throughout our organization
Practical Application of Advanced Authentication Clark & Daughtrey Medical Group Benefits
– Virtually Password Free– Drastically reduced number of password-related help
desk tickets.– Can re-verify biometric authentication when launching
applications or any identified window or event– Dramatically increases security– Centralized administration with network directory integration– Corporate environment is more secure– Superior desktop and application management– I.T. can be proactive instead of reactive– Fast ROI
SecureLogin AA ArchitectureNovell® eDirectory™, Active Directory and LDAP
• Visit table A5 in IT Central• Walk through the SecureLogin demo in the Installation
and Migration Depot• Attend the following complementary sessions:
– BOF106: SecureLogin in the Real World Panel Discussion– IAM205: Novell SecureLogin Installation, Deployment and
Lifecycle Management– IAM207: SecureLogin and Your Active Directory Setup– IAM302: Using Hard Disk Encryption and SecureLogin– IAM304: Securing Shared Workstation with SecureLogin
• Visit table A5 in IT Central• Attend the following complementary sessions:
– BOF106: SecureLogin in the Real World Panel Discussion– IAM205: Novell SecureLogin Installation, Deployment and Lifecycle
Management– IAM207: SecureLogin and Your Active Directory Setup– IAM302: Using Hard Disk Encryption and SecureLogin– IAM303: Enhancing SecureLogin with Multi-factor Authentication– IAM304: Securing Shared Workstation with SecureLogin
• Walk through the SecureLogin demo in the Installation and Migration Depot
• Visit www.novell.com/securelogin
Try SecureLogin for Yourself
We'll install SecureLogin on your machine (for free).
Unpublished Work of Novell, Inc. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.