Post on 02-Jan-2016
transcript
www.novell.com
Introduction to Novell SecureLogin Single Sign-on
Introduction to Novell SecureLogin Single Sign-on
Bob BentleyProduct ManagerNovell, Inc.Bbentley@novell.com
John ClarkDevelopment ManagerNovell, Inc.Jfclark@novell.com
Vision…one NetA world where networks of all types—corporate and public, intranets, extranets, and the Internet—work together as one Net and securely connect employees, customers, suppliers, and partners across organizational boundaries
MissionTo solve complex business and technical challenges with Net business solutions that enable people, processes, and systems to work together and our customers to profit from the opportunities of a networked world
Agenda
• The Password Management Problem• SecureLogin: The Password Management
Solution• How It Works• SecureLogin 3 Features and Architecture• Demonstration• What About Your Organization• Summary/Question and Answer
Introduction
one Net:
Simplify
Secure
Accelerate
Extend
Password Management Problem
passwordshow many
dohave?
you
Password Management Problem (cont.)
Too many to remember!
•Users will• Use weak passwords• Share passwords• Record passwords
Password Management Problem (cont.)
• Security is compromised
Password Management Problem (cont.)
• How does this affect your Help Desk costs
Help Desk Costs
• Did you know… Each time an end-user calls the help desk, it
costs the organization $25 to $50 (Giga) Annually, organizations spend $200-$300 per
user on password management (Hurwitz Group)
(IDC) Annual help desk time spent managing passwords for an average 5,000 user organization with…• 4-8 apps: 4,150 hours• Over 20 apps: 10,700 hours
Password Management Problem: Help Desk Costs
• How big is the problem? First-hand data—• One Novell customer
Spent $32 for each password reset 10,000 users 2 password resets for each user annually
• $640,000 spent annually on password reset
Password Management Problem
• What about your users?
Password Management Problem: End-User Productivity
• Did you know…• The average user scenario: 44 hours per
year performing multiple login tasks to access 4 applications (Hurwitz Group)
• A 5,000 user organization loses 1,479 hours of productive time per month getting help with passwords (IDC)
• Over 70% of users have password problems at least monthly (IDC)
Password Management Problem
• What about data security?
Password Management Problem: Cost of Insecure Data
• Did you know… In 1999, Fortune 1000 companies reported $45
billion in proprietary information loss (Price Waterhouse Coopers)
57% of security breaches were made by on-site employees/contractors accessing unauthorized resources (eWeek)
On-site employees/contractors are the #1 threat to proprietary data security (Price Waterhouse Coopers)
The Holy Grail?
Password Management Solution
Password Management Solution
• Novell SecureLogin A password management solution that single
sign-on enables Windows, web, Citrix/Terminal Server, and host-based applications
Solves 95% of password management problems (IDC)
#1 Market Share Leader (IDC)
it’s one Net
Password Management Solution
• Novell SecureLogin benefits
• Significantly reduces support costs
• Simplifies the end-user experience
• Increases security
• Leverages Novell eDirectory™
eDirectory
Securely Store passwords in eDirectory
Password Management Solution
eDirectory
For on-demand presentation to applications
Password Management Solution
Out-of-the-box support…a partial listing
MSN Messenger
ACT
Browser Pop-ups CorporateTime Entrust
Eudora
Goldmine
ICQ
JUNO
Lotus NotesLotus OrganizerMeeting MakerMS Internet Gaming Zone
MS FrontPage
MS Money 98/99
Quicken
Siebel SalesYahoo! MessengerVisual SourceSafeWindows LogonMS SQL
Microsoft Outlook
Clarify
QuickBooks ProRumba 6
Attachmate Extra! 6.3Attachmate Extra! 6.5
Opera Web
Internet Explorer DialerAOL
Internet Explorer WebInternet Explorer Pop-up
Compuserve
Earthlink
Reflection 7
HostExplorer
PCOM 4.3, 5.0Mindspring
Netscape WebNetscape Pop-up
NeoPlanet Web
MSN
Prodigy
Novell GroupWise®
PeopleSoft
Oracle
SoftFront Track for WinWorldnet
Novell SecureLogin Today
How It Works:Login Experience—Before NSLApplicationApplication
serverserver
ClientClientworkstationworkstation
3) Provide credentials
4) Application
starts
1) Launch application
2) Credential challenge
Login ID:
Password:
frank
*******
How It Works:Login Experience—With NSL
ApplicationApplicationserverserver
Novell Novell eDirectoryeDirectory
ClientClientworkstationworkstation
4) NSL requests
secret from eDirectory
Login ID:
Password:
2) Launch application
3) Credential challenge
1) Authenticate to eDirectory
5) NSL receives secret (ID/PWD) from eDirectory,
then authenticates to application
NSL 3.0 Features:Client-Side Features
Comprehensive single sign-on• Windows applications• Groupware and client/server
applications• Web sites• Terminal emulators• Citrix/Terminal Server
Script development options• Wizards for simple application
integration tasks• Advanced login scripting for
complex application integration tasks
• Password policy enforcement
Deployment options• Client32™, LDAP or ADSI• Client-only or client-server
configuration with Novell SecretStore®
• Local cache for remote/ disconnected use
Other user features• NMAS SE built in• Screenlock for Win9x• Simple configuration tool for
users
NSL 3.0 Features, Server-Side Features and Administration
Server-side options, whenimplemented on eDirectory• SecretStore v3 Server• NMAS v2 Server
Administration tools• ConsoleOne® Administration
for eDirectory configurations• Script editor administration for
LDAP, ADSI configurations
Administrative capabilities
• Single point of management for deploying organization-wide scripts, password policies
• Administrator sets overriding values for user options
• SNMP monitoring of login events and performance
NSL 3.0 Components:Standard eDirectory Environment
eDirectory
NMAS Data
Corporate scriptsPassword policies
User secretsUser scripts
Client32
Local cache(Optional)
Scriptengine
SecureLoginclient
WebSSO
WinSSO TLaunch
Main module
Notes
eDirectoryserver
NMAS
SecretStore
NSL 3.0 Components:LDAP Environment
LDAP
Local cache(Optional)
Scriptengine
SecureLoginclient
WebSSO
WinSSO TLaunch
Main module
Notes
eDirectoryserverwith
NLDAP
eDirectory
Corporate scriptsPassword policies
User secretsUser scripts
NSL 3.0 Components: Citrix/Terminal Server Environment
Client32Scriptengine
Citrix/Terminal Server with SecureLogin client installed
WebSSO
WinSSO TLaunch
Main module
Notes
eDirectory
NMAS data
Corporate scriptsPassword policies
User secretsUser scripts
eDirectoryserver
NMAS
SecretStore
PC client Browser Mac Pocket PC
UNIX Linux ICA clients
DemonstratiDemonstrationon
NSL 3.0 Requirements
• NSL 3.0 client platforms Windows 98/ME Windows NT/2000/XP
• For client-only install (no server install)
Any *NDS® platform (including NetWare® 4)
Any eDirectory platform MS ADS NT Domains
• For client/server install (SecretStore)
Any eDirectory platform• NetWare 5+• Windows NT/2000• Solaris• Linux
*Novell Directory Services®
Part of Novell Secure Access Suite
• SecureLogin integrates with other Novell security products
Novell Modular Authentication Services (NMAS™)• Use biometrics, smart cards or tokens to completely
eliminate passwords
Novell iChain®
• Extend single sign-on benefits to external employees and customers
Novell Account Management (NAM)• Automatically sign on to platforms such as NT/2000,
OS/390, or UNIX
Summary
• Solves the password management problem Reduces help desk costs Improves security Streamlines end-user experience
• Works with your organization’s applications• Integrates with other Novell security
products• Achieves a quick return on investment
What About Your Organization?
• Find out how much the password problem is costing you, and how much you would save with SecureLogin 3
• CIO View’s ROI Calculatorwww.novell.com/products/securelogin/roitool/
For More Information…
• Other BrainShare 2002 sessions on SecureLogin
TUT243: Automating Mainframe Authentication Using SecureLogin
TUT244: Securing the Net: Web Authentication Using SecureLogin
TUT344: Advanced Novell SecureLogin Configuration
BUS244: Healthcare Solutions Using Novell SecureLogin (NSL) and Novell Module Authentication Service (NMAS)
For More Information…
• For more information on Novell SecureLogin 3, please visitwww.novell.com/products/securelogin
Brochure, Flyer White Paper ROI Tool News and Reviews