. : Network Security Solutions – Access Control & SSO
Caymas Systems, www.caymassystems.com
Control network access – remotely and locally – with Caymas Systems Identity-Based NAC appliances.
Award winning Caymas 220, 318, and 525 Identity-Based NAC appliances deliver identity-based Network Access Control (including endpoint security) in a single platform. Caymas appliances are purpose built access appliances, with integrated security, that scale to thousands of users and policies at gigabit speeds for radical price/performance benefits.
Traditionally, user access rights are enforced by servers, gateways and applications to block unauthorized access. Networks, on the other hand, are designed to provide access to applications and data, with little in the way of integrated security except at the perimeter. Networks are normally unaware of a specific individual’s access rights. Malicious users are often free to roam throughout a network and discover devices. A user with malicious intent can discover and interrogate devices using a variety of freely available scanning tools to detect OS and application vulnerabilities that can be exploited. When access is controlled by an Identity-Based NAC appliance, users can only view the specific resources they are authorized to access – all other resources are undetectable. In addition, all activity monitored based on the user’s identity, providing a detailed log in the event of a security incident.
Caymas Systems products use a unique, patent pending Identity Tagging Architecture to tie access control and network security policy to identity, based on a comprehensive set of criteria including the identities of users, devices, locations, client configurations and other variables. The result is a powerful policy engine that provides a rich foundation for the following applications:
- Remote Access and Extranets
- Network Access Control
- Guest Access
- Data Center Application and File Access Control
Caymas appliances are purpose-built appliances that provide user-based firewall functionality and access control that is superior to traditional firewall technologies, especially for internally-oriented deployments like network-based application access control, Network Access Control and Guest Access. Unlike traditional firewalls, Caymas appliances dynamically build a set of permissions for each user at login time, eliminating the complex and error prone task of building and maintaining static firewall rules.
In addition, Caymas appliances provide access control on a user by user basis including devices, applications, files and URLs (Layer 3 – 7).
Caymas appliances are the only access appliances that can simultaneously support internal and remote users. For example, a single gateway can be used to secure a WLAN while also functioning as a SSL VPN gateway – without requiring client software on user’s device. This means visitors can utilize the WLAN for Internet access while remote employees can securely access internal resources from external locations with a single configuration.
For more information:
Resource documents: http://www.caymassystems.com/products/datasheets.html
Caymas Webinars and Events: http://www.caymassystems.com/news/events.html
Enterprise Single Sign-On
RSA ® Sign-On Manager provides a secure password management solution by enabling Enterprise Single Sign-On (SSO) either through a single robust password or in combination with best-of-breed strong authentication technologies. Organizations have a wide range of deployment options including an RSA SecurID ® Authenticator, RSA ® Smart Card, RSA ® USB Authenticator, biometrics or a robust password to protect access to end users' desktop and SSO credentials. RSA Sign-On Manager increases network security, reduces the burden of regulatory compliance and decreases the cost of password management - all while increasing end user satisfaction through simplified application access.
Secure Enterprise SSO – RSA SecurID for Microsoft Windows technology
For organizations that want to maximize the security of their SSO deployment-RSA Sign-On Manager offers the only solution that joins Enterprise SSO, self-service emergency access and strong authentication for Microsoft ® Windows ® desktops and networks.
RSA Sign-On Manager includes IntelliAccess TM technology, an innovative secure self-service emergency access and password reset functionality. With IntelliAccess technology a user can access their enterprise SSO credentials even if their RSA SecurID token, smart card or other authentication device is not available, or their Microsoft ® Windows ® password is forgotten.
For more information:
RSA Sign-On Manager Cast Studies
Secure Computing , www.securecomputing.com
SafeWord® SecureWire™ is a powerful identity and access management (IAM) appliance that provides lightning fast, ultra-secure access to every application and data resource in your network – for all remote AND internal connections. SecureWire is ideal for Microsoft environments, plugging right in to Active Directory, and it provides complete endpoint device security, a single point for policy enforcement and reporting, and comes standard with SafeWord strong authentication.
If you manage multiple access points in your network, you likely expend significant resources managing policy changes. Policy updates must be applied to every server that hosts a different access method. With SecureWire, all methods are hosted on a single appliance, greatly simplifying rollout and enforcement of security policy changes. With SecureWire, you have total control: limiting access based on where the user is, what machine the user is on, and when they're accessing the data. SecureWire allows you to segment your network into logical security zones, based upon the sensitivity of the resource.
Only properly identified users with secure devices and the proper level of authentication can access these zones, which require no reconfiguration of your infrastructure. A trusted machine inside the building may have full access rights to all applications, but a remote device such as a home PC may be restricted to only Webmail or view-only rights.
As you build your network security strategy, it's critical to map a powerful identity and access policy to your existing infrastructure. SecureWire simplifies the fundamental process with a solution that brings it all together within one central appliance.
For more information:
Document resources: http://www.securecomputing.com/resourcecenter_main.cfm
Authentication Manager Datasheet:
Imprivata Single Sign-on Datasheet: http://www.imprivata.com/stuff/contentmgr/
Additional resources: http://www.imprivata.com/content1344.html
To know more about any of Secure Datacom’s Security Solutions, contact your SDI salesperson or email us.