Authentication and Centralised Management

Built by administrators for administrators

iDENprotect server is a comprehensive dynamic web based platform that can be installed on-premise or hosted. The platform itself is designed to manage provisioning and authentication workflows with simplicity and ease, whether for internal users or external partners or customers.

Its feature rich capabilities allow the platform to integrate into a number of different systems through enterprise connecting micro-services or, depending on the implementation, operate as an all-in-one platform by using its own databases, Certification Authorities and other web based services. It provides a central point for the verification of identities and a trust mechanism to serve other security systems such as VPN servers, firewalls and other systems and applications.

Unlike many other platforms, iDENprotect server has been built by administrators for administrators and includes useful tools to manage users and systems with efficiency and ease. iDENprotect server is a fantastic choice for any organisation who wishes to manage risk and secure their data and networks, whether that is within financial services, government, manufacturing, or retail.

Benefits

Enterprise Connectivity and Scalability

iDENprotect server is perfect for enterprise due to its rich APIs and connectors. As iDENprotect server is based on trusted PKI (Public-Key Infrastructure) standards, it can integrate seamlessly with existing certification authorities and LDAP directory services. iDENprotect server can connect to many variants of databases such as MySQL, Oracle and many more. The PKI connector allows connections to existing Certification Authorities or can act as a subordinate Certification Authority should that particular deployment be chosen. iDENprotect server supports a number of Certification Authorities such as Microsoft, EJBCA and more.

With its unique architecture either being based on physical or virtual server platforms, it is possible to either scale up or scale out without the traditional restrictions, allowing thousands of users to be managed from the same platform. Leveraging existing services and systems, iDENprotect server can be simply joined to your network without disruption or changes in business or operational processes, removing unnecessary overheads associated with implementation and support.

SME Business Architecture

For scenarios where infrastructure such as PKIs and Databases are not common, iDENprotect server is able to use its internal capabilities to provide the services needed without connecting to other services. It is possible to use the internal Database and internal PKI without having to setup other services and systems outside of iDENprotect server. All of the complexities associated with this technology are managed by the automation service that runs on the iDENprotect server platform, ensuring that installing and managing iDENprotect server can be done with ease without the advanced skills normally associated with database and PKI technology.

features

Features

Supporting Authentication Technology

iDENprotect server is the platform where all iDENprotect products can be managed centrally and simultaneously. iDENprotect server can manage and authenticate the following iDENprotect features:

  • Challenge/Response
  • HOTP
  • TOTP
  • Digital Signatures
  • iDENprotect plus Bluetooth devices
  • iDENprotect Embedded
  • Push Notifications
  • QR Codes
  • Out-of-band mechanisms (e.g. email)
Supporting Secure Access

iDENprotect supports a number of technologies that are used within organisations to provide safe and secure access to systems and data. These technologies include

  • VPN Services
  • Firewalls
  • VDI technologies
  • SSL VPNs
  • Custom Applications and services

Using the rich features of iDENprotect server, services that use web technologies such as OpenID, OATH and SAML can be integrated to iDENproect server with the server providing a centralised and trusted Identity Provider service for web and cloud applications.

Service Automation

iDENprotect server helps in the migration away from traditional authentication providers and enables a flexible rollout due to its clever machine automation. iDENprotect server can auto-enrol a user without the administrator needing to be involved but with piece of mind the enrolment will be secure and not subject to misuse. User data within iDENprotect server is synchronised with other trusted data repositories within the organisation to avoid mismatch or over duplication. The connection to entitlement systems allows users to be added or revoked as part of mover and leaver processes to ensure the organisation meets is own legal, regulatory, or internal security policy obligations.

Self-management website

The management portal provides information such as user logons, user locations, user types as well as the necessary success and failure audit features. The management portal is also role based, ensuring the correct support staff have the correct rights to perform their roles without compromising the least privilege principle. iDENprotect server APIs can also be used to manage the server from other remote servers, ensuring the service can be run efficiently and with lower support overheads.

specifications

Supported systems, standards and server specifications

Supported Services and Systems
Supported Operating Systems
  • Redhat Enterprise Linux version 6.x, 7.x (64-bit)
  • CentOS 6.x, 7.x (64-bit)
Supported Virtual Technology VMware ESXi Server version 5.5, 6.0, 6.5
Supported Web Browsers Chrome 5.x, Firefox ESR45, Internet Explorer 10, 11
Supported web servers
  • Apache Tomcat 8.5.5
  • JBoss 7x
Supported LDAP Services
  • Windows Server 2008 R2SP1 AD
  • Windows Server 2012 AD, 2012 R2 AD
  • OpenLDAP v2.4.x
Supported Databases
  • Oracle 12c (64-bit, Linux, Windows)
  • Microsoft SQL Server 2008 R2SP2, 2012SP1, 2014 (Windows)
  • MySQL v5.x (Linux, Windows)
  • MariaDB v10.2 (Linux, Windows)
Supported Entitlement Systems
  • Windows Server 2008 R2SP1 AD
  • Windows Server 2012 AD, 2012 R2 AD
Supported HSM
  • Safenet Luna
  • Safenet ProtectServer
  • Thales nShield & netHSM
  • Utimaco CryptoServer
Supported Standards
Cryptography ECDH, ECDSA, AES128, SHA256, PBKDF2
PKI Standards x.509
Authentication Standards RFC 6238, RFC 4226 ad RFC7522