|
|
|
SecureSuite XS - Workstation
or Clients |
|
|
SecureSuite XS for Windows 2000/XP |
|
|
This
Windows 2000, XP workstation version of SecureSuite is
designed to work in conjunction with SecureSuite XS Server
or as a standalone workstation.
|
|
Supported
Operating Systems |
|
|
|
Ease-of-use |
-
System tray icon provides
quick access to important functions
-
Welcome Screen - for first
time users - and wizards simplify enrollment, registration,
and account management
-
Online documentation and HTML
based help
-
Personal settings option
allows standard users to access their settings and enroll
credentials
-
Consistent and integrated
user interface (UI) for a familiar and intuitive
‘Windows-like’ user experience
|
|
Advanced Authentication
Technologies |
-
Biometrics - fingerprint,
face, iris, signature
-
USB Token (i.e. Rainbow iKey)
-
Standard Password
-
Fingerprint bio-token (i.e.
Sony FIU-710)
-
Smart cards (Selected Gemplus
and Schlumberger cards)
-
PCSC compliant smart card
readers
-
Fingerprint match-on-card
(Precise Biometrics)
-
Contactless smart cards (i.e.
Sony FeliCa, MiFare)
-
Single or Multi-factor
authentication - "AND"/"OR" combinations of enrolled methods
-
Prioritization and selection
of a "default" authentication device
-
Fingerprint "data-on-card"
storage for improved security and privacy
-
Support for
device-independent matching algorithms
|
|
Fingerprint Specific Features |
-
1 to 10 finger enrollment for
each user
-
Context based finger selector
-
Enrollment with multiple
samples
-
Support for adaptive
verification process*
-
Adjustable matching threshold
|
|
Advanced Security Features |
-
Data encrypted during
transfer between device and host (when supported by
device); DES, 3DES, RSA, PKCS#11 based devices supported
-
Secure client-server
authentication
-
Encrypted client-server
communication
-
System consistency
verification at boot time to ensure that system components
have not been tampered with or disabled
-
Internal component and
mutual authentication support
-
3DES encrypted local
database
-
Administrator privileges
are required to install/uninstall
-
The AD security model is
leveraged along with data encryption to provide two layers
of protection
-
Centralized user enrollment
- administrator supervision
|
|
 |
SecureSuite XS v4.2 Applications features |
|
|
SecureLogon |
|
-
‘Single-touch’
Windows logon for supported technologies
-
‘Single-touch’
screensaver and workstation unlock for supported
technologies
-
Automatic logon
with smart card/token insertion
-
Optional voice and
video prompts w/ detailed instructions
-
Authentication over
dialup RAS connection
-
Workstation locking
via Pause button
-
Administrator
override for screen saver unlocking
-
Supports multiple
Windows screen savers
-
Domain Account
Profile (DAP) - Biometric logon via SecureSuite XS
Workstation to non-SecureSuite protected legacy
domains*
-
Optimized remote
domain user authentication - reduces load on
domain controllers for post-logon authentication*
-
Extensible
Authentication Protocol (EAP) module for VPN and
RAS connection authentication via Microsoft*
-
WiFi 802.1x
authentication via EAP module*
|
|
SecureSession |
for Applications -
SSO |
-
Password
bank/single sign-on for Windows applications
-
Easy to use and
automated “user-guide” - no hot keys needed
-
Supports multiple
credentials/accounts for each application
-
Single-touch
application sign-on with supported technologies
-
Password generator
to create complex passwords
-
Easy window
enrollment via title bar button or systray icon
-
Policy option to
require authentication prior to credential release
-
Policy option to
automatically submit/insert credentials
-
Data can be stored
and synchronized between multiple locations
(token/storage devices, workstation, or domain)
|
|
SecureSession |
for
Internet Explorer
- SSO |
-
Password
bank/single sign-on for web sites
-
Easy to use and
automated “user-guide” - no hot keys needed
-
Supports multiple
credentials/accounts for each web site
-
Single-touch site
sign-on with supported technologies
-
Support for
Internet Explorer 4.X and higher
-
Toolbar button to
manually activate SecureSession
-
Policy option to
disable SecureSession for individual web sites
-
Policy option to
require authentication prior to credential release
-
Policy option to
automatically submit/insert credentials
-
Data can be stored
and synchronized between multiple locations
(token/storage devices, workstation, or domain)
-
Enrolled profile
can be manually updated for changes
-
Option to change
truncation of URL - leverages single enrollment
for multiple related sites or accounts
|
|
SecureFolder |
|
-
Encrypts individual
files or entire folders
-
Right-click on file
or folder encrypt/decrypts
-
Securely erases
original files after encryption
-
"Look and feel" of
standard Windows folder
-
Unlimited number of
protected folders or files
-
128-bit key DES
encryption for secured data
-
Optional recovery
pass-phrase - recovers encrypted files/folders
after SecureSuite has been uninstalled or if user
account has become unavailable
-
Supports
file/folder portability for token devices that
support key storage
-
Secured files or
folders can be shared with other users
|
|
SecureLaunch |
|
-
Prevents
unauthorized users from running any Windows based
32-bit application
-
Three different
levels of application protection states can be
defined - allow access, access with
authentication, never allow access
-
Applications
enrollment via system settings
-
Security policies
can be applied to single users or a whole group
|
| |
|
|
System Administration - Tools |
-
MMC snap-in user
manager extension - allows for domain account
administration
-
MMC snap-in for
policy, device, system, and application management
-
Event log -
detailed event log is viewable via native Windows
event viewer
-
Granular event
reporting tool via system snap-in - administrator
determines which type of event is recorded*
-
SecureSuite XS
upgrade utility - offers streamlined upgrade
process from prior versions of SecureSuite XS and
SecureSuite 3.5*
-
Domain info via
SysTray - shows domain connection, status and type
of logon*
|
|
Administrator - Optional
Security Policies |
-
Randomization of
Windows password - for increased security
-
Credential caching
- disconnected logon to domain account
-
Supports Windows
account lock-out policies
-
Windows based
length and complexity requirements for passwords
-
Allow/disallow
users to enroll new authentication devices/methods
-
Allow/disallow
users to modify their authentication credentials
-
Authentication
requirements for admin tools, user tools & apps
-
Action - lock, log
off, none - on token/device removal
-
Account operator
group support for limited rights account
management
-
Simple installation
of additional supported authentication technology
via device module and Windows modified install
-
Silent/Scripted
Install support - remote installation capability
via client management tools i.e. SMS*
|
| * indicates new
features |
|
|
|
|
| |
|
|
|
