Authentication and Centralised Management

iDENprotectServer is a dynamic and flexible centralised management and authentication software solution suited to all organisations large or small, to manage authenticators within the organisation whilst tackling a number of real business challenges associated with security and trust.

iDENprotectServer

iDENprotectServer is a comprehensive dynamic web based platform that can be installed on-premise or hosted. The platform itself is designed to manage provisioning and authentication workflows with simplicity and ease, whether for internal users or external partners or customers.

Its feature rich capabilities allow the platform to integrate into a number of different systems through enterprise connecting micro-services or, depending on the implementation, operate as an all-in-one platform by using its own databases, Certification Authorities and other web based services. It provides a central point for the verification of identities and a trust mechanism to serve other security systems such as VPN servers, firewalls and other systems and applications.

Unlike many other platforms, iDENprotectServer has been built by administrators for administrators and includes useful tools to manage users and systems with efficiency and ease. iDENprotectServer is a fantastic choice for any organisation who wishes to manage risk and secure their data and networks, whether that is within financial services, government, manufacturing, or retail.


Supporting Authentication Technology

iDENprotectServer is the platform where all iDENprotect products can be managed centrally and simultaneously. iDENprotectServer can manage and authenticate the following iDENprotect features:

  • Challenge/Response
  • HOTP
  • TOTP
  • Digital Signatures
  • iDENprotectPlus Bluetooth devices
  • iDENprotect Embedded
  • Push Notifications
  • QR Codes
  • Out-of-band mechanisms (e.g. email)

Supporting Secure Access

iDENprotect supports a number of technologies that are used within organisations to provide safe and secure access to systems and data. These technologies include

  • VPN Services
  • Firewalls
  • VDI technologies
  • SSL VPNs
  • Custom Applications and services

Using the rich features of iDENprotectServer, services that use web technologies such as OpenID, OATH and SAML can be integrated to iDENproectServer with the server providing a centralised and trusted Identity Provider service for web and cloud applications.

 


Enterprise Connectivity and Scalability

iDENprotectServer is perfect for enterprise due to its rich APIs and connectors. As iDENprotectserver is based on trusted PKI (Public-Key Infrastructure) standards, it can integrate seamlessly with existing certification authorities and LDAP directory services. iDENprotectServer can connect to many variants of databases such as MySQL, Oracle and many more. The PKI connector allows connections to existing Certification Authorities or can act as a subordinate Certification Authority shod that particular deployment be chosen. iDENprotectServer supports a number of Certification Authorities such as Microsoft, EJBCA and more.

With its unique architecture either being based on physical or virtual server platforms, it is possible to either scale up or scale out without the traditional restrictions, allowing thousands of users to be managed from the same platform. Leveraging existing services and systems, iDENprotectServer can be simply joined to your network without disruption or changes in business or operational processes, removing unnecessary overheads associated with implementation and support.

SME Business Architecture

For scenarios where infrastructure such as PKIs and Databases are not common, iDENprotectServer is able to use its internal capabilities to provide the services needed without connecting to other services. It is possible to use the internal Database and internal PKI without having to setup other services and systems outside of iDENprotectServer. All of the complexities associated with this technology are managed by the automation service that runs on the iDENprotectServer platform, ensuring that installing and managing iDENprotectServer can be done with ease without the advanced skills normally associated with database and PKI technology.


Service Automation

iDENprotectServer helps in the migration away from traditional authentication providers and enables a flexible rollout due to its clever machine automation. iDENprotectServer can auto-enrol a user without the administrator needing to be involved but with piece of mind the enrolment will be secure and not subject to misuse. User data within iDENprotectServer is synchronised with other trusted data repositories within the organisation to avoid mismatch or over duplication. The connection to entitlement systems allows users to be added or revoked as part of mover and leaver processes to ensure the organisation meets is own legal, regulatory, or internal security policy obligations.

 

Self-management website

The management portal provides information such as user logons, user locations, user types as well as the necessary success and failure audit features. The management portal is also role based, ensuring the correct support staff have the correct rights to perform their roles without compromising the least privilege principle. iDENprotectServer APIs can also be used to manage the server from other remote servers, ensuring the service can be run efficiently and with lower support overheads.

Supported Systems, Standards and Server Specifications 

 

Supported Services and Systems

Supported Operating Systems
  • Redhat Enterprise Linux version 6.x, 7.x (64-bit)
  • CentOS 6.x, 7.x (64-bit)
Supported Virtual Technology
  • VMware ESXi Server version 5.5, 6.0, 6.5
Supported Web Browsers
  • Chrome 5.x, Firefox ESR45, Internet Explorer 10, 11
Supported web servers
  • Apache Tomcat 8.5.5
  • JBoss 7x
Supported LDAP Services
  • Windows Server 2008 R2SP1 AD
  • Windows Server 2012 AD, 2012 R2 AD
  • OpenLDAP v2.4.x
Supported Databases
  • Oracle 12c (64-bit, Linux, Windows)
  • Microsoft SQL Server 2008 R2SP2, 2012SP1, 2014 (Windows)
  • MySQL v5.x (Linux, Windows)
  • MariaDB v10.2 (Linux, Windows)
Supported Entitlement Systems
  • Windows Server 2008 R2SP1 AD
  • Windows Server 2012 AD, 2012 R2 AD
Supported HSM
  • Safenet Luna
  • Safenet ProtectServer
  • Thales nShield & netHSM
  • Utimaco CryptoServer

Supported Standards

Cryptography ECDH, ECDSA, AES128, SHA256, PBKDF2
PKI Standards    x.509
Authentication Standards RFC 6238, RFC 4226 ad RFC7522