etoken tms 5 0 ca n.
Skip this Video
Loading SlideShow in 5 Seconds..
eToken TMS 5.0 CA PowerPoint Presentation
Download Presentation
eToken TMS 5.0 CA

Loading in 2 Seconds...

play fullscreen
1 / 25

eToken TMS 5.0 CA - PowerPoint PPT Presentation

  • Uploaded on

eToken TMS 5.0 CA. June 09. eToken TMS 5.0 Agenda. The challenge: Authenticator life-cycle management eToken TMS (Token Management System) eToken TMS 5.0 – Release Highlights. Authentication Management Challenge.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'eToken TMS 5.0 CA' - lenore

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
etoken tms 5 0 agenda
eToken TMS 5.0 Agenda
  • The challenge: Authenticator life-cycle management
  • eToken TMS (Token Management System)
  • eToken TMS 5.0 – Release Highlights
authentication management challenge
Authentication Management Challenge

The management of an authentication solution in an enterprise involves a number of interrelated elements:

  • UsersIdentities in the organization
  • Organizational policiesAccess rights for user groups; required security measures
  • Security devicesAuthentication devices provided to users
  • Security applicationsApplications to be used by each user (e.g. Network Logon, disk encryption)
life with a management system
And There’s Much More…


ERP System


Organizational Policies

Network Logon

Life With a Management System

1. New employee gets token upon arrival

2. Employee performs token self-enrollment

3. Employee starts working

why use a token management system
Why Use a Token Management System?

With a management system in place you can:

  • Reduce administrative errors (potentially costly!!) by streamlining processes
  • Reduce workload of your IT staff with automated processes and user self-service tools
  • Control your authenticator inventory and usage
  • Enhance user productivity
  • Fully audit token usage for regulatory compliance

Make your authentication solution a reality!

tms framework view
TMS Framework View
  • Robust system for deploying, managing and using authenticators
  • TMS links users, organizational policies, security devices & security applications
authenticator life cycle management with tms
Authenticator Life-Cycle Management with TMS
  • Authenticator assignment
  • Authenticator enrollment
  • Authenticator update
  • Password reset/change
  • Authenticator replacement
  • Authenticator revocation/ disablement
tms management components
TMS Management Components
  • The following web sites/services installed on the TMS server:
    • eToken TMS Management Center: TMS management site, used by administrator & helpdesk
    • eToken TMS Self Service Center: Self service site, used by corporate end users
    • eToken TMS Remote Service: Self service site for end users- for employees on the road in case of lost authenticators or forgotten passwords)
    • TPO Management Web Service: A web service - used by the TPO editor for configuring TMS settings
tms key features 1
TMS Key Features (1)
  • Supports all eToken devices and applications
  • Integrated with Microsoft Active Directory, Microsoft SQL Server and OpenLDAP
  • Web-based user self-service, help desk, and administration tools
  • Open architecture
    • Supports security applications with configurable connectors
    • Supports solutions including: network logon, VPN, web access, secure email, data encryption, boot protection, SSO, certificate management, IdM…
    • Robust SDK
  • Secure solution for employees on the road who lose/forget their authenticators
tms key features 2
TMS Key Features (2)
  • Supports scalable, distributed administration
    • Management of multiple domains from a single web-based interface
    • Role-based administration
    • Different user data encryption keys for different domains
  • Full auditing and reporting capabilities
  • Supports clustering, redundancy, scalability – based on Microsoft Windows Server 2003 and IAS
  • Centralized client software deployment
  • Supports multiple client platforms: Windows, Linux and Mac OS
tms key differentiators in the market
TMS Key Differentiators in the Market
  • A single life-cycle management system for your entire solution
  • Full integration with Microsoft Active Directory
    • Familiar and intuitive usage for administrators
    • Direct link with user data – no need to replicate
    • Fully integrated with AD user rules and policies
    • All user data are located and managed in one place
  • No proprietary server
  • Integration with multiple security applications + SDK
    • Flexibility to support current & evolving requirements
  • Designed for enterprises & managed service providers
tms business value mssps
TMS Business Value: MSSPs
  • Easily manage your customers’ solutions
    • Manage multiple customer domains from a single web-based interface
    • Allow local customer site management with web-based user and admin tools
    • Enable your customers to view reports online
  • Control activities with role-based administration
    • Permissions can be assigned per domains, OUs, groups, & tasks
  • Keep your customers’ data secure
    • Built-in user data encryption capabilities
    • Different encryption keys for diverse customer domains
  • High availability, non-stop service
tms business value compliance
TMS Business Value: Compliance
  • Excellent reporting tools
    • Set of built-in reports including: token usage, connected tokens, token inventory and status, attendance reports
    • Support for external reporting tools to generate other reports you may need
  • Full auditing capabilities
    • Complete event logs
    • Fully customizable email alerts to track any irregular or problematic usage right when it happens
  • Enhanced internal data controls and protection of individuals’ privacy
    • Complete control over each administrator’s abilities
    • Advanced user data encryption capabilities
etoken tms 5 0 highlights
eToken TMS 5.0 - Highlights
  • Support for eToken PRO Anywhere
  • Support for eToken Virtual and MobilePASS (SoftOTP) products
  • Card printing support
  • Multi Forest Active Directory support
  • Novell eDirectory user store support
  • Simplified licensing mechanism - cross domain
  • Simplified installation and configuration (OTP*)
  • Updated platform support (Windows 2003 64 Bit)
  • Support for TMS 5.0 user token management in Linux & MAC
    • TMS Self service & TMS remote
  • Expanded TMS API
  • MS CA Based Key Archival support
  • Improved logging and error handling capability
  • Enhanced technical documentation
authenticator management
Authenticator Management
  • eToken TMS enables full life cycle management
  • Including TMSservice - End-user portal
  • The End-user site enables tasks such as:
    • Enroll a new authenticator
    • Update the content of an enrolled authenticator
    • Change/Reset eToken password
    • Disable/Enable an eToken
    • Replace a Lost/Damaged authenticator (including revocation)
    • Manage OTP authenticator including MobilePASS
    • Enroll eToken Virtual and eToken Virtual Temp
post enrollment self management
Post-Enrollment Self Management

After successful authenticator enrollment, self-management options are added to the TMSService site.



OTP Management

Soft tokens

etoken virtual deployment administrator use case
eToken Virtual Deployment– Administrator Use Case

Administrator enrolls eToken Virtual for a specific user from the TMS Manage. The only supported use case is enrollment to a removable flash device:

  • eToken TMS and eToken Virtual licenses are acquired by the company to provide two-factor authentication using software authenticators.
  • eToken TMS is installed and all the required connectors are configured to enable eToken Virtual usage.
  • Administrator plugs in the user portable device and starts the enrollment process from the TMS Manage web site.
  • eToken Virtual is created on the portable device, locked and set with the initial user password.
  • Notification is sent to the user with the eToken Virtual password.
  • User receives the device and can use it for the authentication.
etoken virtual user enrollment use case
eToken Virtual – User Enrollment Use Case

User accesses the TMS Service web site and enrolls eToken Virtual:

  • TMS and eToken Virtual licenses are acquired by the company to provide two-factor authentication using software authenticators.
  • TMS is installed and all the required connectors are configured to enable eToken Virtual usage.
  • User enters TMS Service web site to enroll eToken Virtual.
  • eToken Virtual is created on the user computer, locked and set with the user password OR user can enroll the eToken Virtual to a portable drive, based on the TMS TPO settings, configured by the administrator.
  • User can use the eToken Virtual for the authentication.

NOTE: Admin Rights Required for eToken PKI Client Installation

mobilepass enrollment and usage
MobilePASS – Enrollment and Usage
  • eToken TMS and MobilePASS license are acquired by the company to enable OTP using software authenticators.
  • Administrator enrolls MobilePASS authenticator for the user in the TMS Manage.
  • The user receives the MobilePASS authenticator, an activation code and PIN via e-mail, SMS etc..
  • The user installs the MobilePASS software.
  • The user enters the activation code and activates the software.
  • OTP is generated using the received PIN.
  • Using the OTP, the user logs on.
additional software solutions using tms
Additional software solutions using TMS:
  • eToken Virtual Temp
    • Time limited temporary authenticator which can be used for a limited period of time instead of a permanent authenticator
      • For each authenticator, the user can enrol one temporary virtual authenticator.
  • eToken Rescue
    • Users who lose their authenticators can create an eToken Rescue authenticator(default expiration 1 month, max 3 months)
controlled availability release
Controlled Availability Release
  • For new prospects who wish to deploy eToken TMS 5.0 CA
  • CA Process
    • Salesperson provides details of prospect and fills CA form, available from Technical Support
      • Reviewed and approved by Authentication product management prior to approval
    • Receives extensive support and ongoing feedback
  • For details, contact: Opher Dubrovsky
  • eToken TMS and PKI Client make your authentication solution a reality!
  • Organization’s own user-repository utilized to handle full life-cycle token management
  • User administration of authentication devices is shifted from IT to HR and users
  • eToken solutions reduce identity and password management costs
  • eToken helps customers achieve regulatory compliance