RSA Security Overview RSA SecurID Solution Citrix / RSA Security Advantages Citrix Secure Gateway

38  Download (0)

Full text

(1)
(2)

Agenda

RSA Security Overview

RSA SecurID Solution

Citrix / RSA Security Advantages

(3)

RSA Security at a Glance

World leader in cryptographic innovation

RSA, RC2, RC4, RC5, MD5PKCS standards

Pioneering new digital signing and access management products

World leader in encryption software

Nearly 1,000,000,000 copies of RSA BSAFE® components in use worldwide, in everything from Web browsers to cellular phones

World leader in strong authentication

(4)

Ensuring Authenticity …

(5)

… Means Solving these Problems

User Identity

User Identity

PrivilegesPrivileges

(6)

User Identity

User Identity

PrivilegesPrivileges

and and PersonalizationPersonalization DataData PrivacyPrivacy Transaction Transaction Integrity Integrity

With Enabling Technologies

(7)

Delivered in RSA Products

User Identity

User Identity

PrivilegesPrivileges

and and PersonalizationPersonalization DataData PrivacyPrivacy Transaction Transaction Integrity Integrity

AuthenticationAuthentication EncryptionEncryption AuthorizationAuthorization PKIPKI

(8)

Enable

Enable

The e-Security Continuum

Defend

Defend

Intrusion detection

Vulnerability assessment Enable EnableFirewallAntivirus Detect Detect

AuthenticationAuthentication

AuthorizationAuthorization

PrivacyPrivacy

(9)

RSA SecurID

A family of products that confirm an individuals

identity online, with over 11 million RSA SecurID

(10)

Security Pyramid:

Identity is the Foundation

Policies and Procedures

Policies and Procedures

Strong Authentication

Strong Authentication

Authorization

Authorization

Encryption

Encryption

Audit

(11)

Identification

vs

.

Authentication

Identification

Who are you? “I am John Smith.”

(12)

“Password”

The Different Factors of Authentication

Something you knowPassword

PIN

“mother’s maiden name”

Something you havePhysical key

Token

Magnetic card

Smart card

Something unique about youFingerprint

Iris/retina

Face recognition

(13)

Authentication concerns

Freeware tools

Password database management

Help desk costs

End user password strength

Social Engineering

Former Employees

(14)

Need for Strong Authentication

Certificates

Exportable

Binds to machine

No default security

Expensive to renew

Biometrics

Non-replaceable

Unreliable - false positives “good enough”

Static - prone to replay attacks

(15)

Strong Authentication

ACE/Server - SecurID

Two Factor AuthenticationSomething you knowSomething you haveChanges every 60 secondsOne-time password

(16)

PIN &

PIN &

(17)

Time-based Token Authentication

username:JSMITH

Passcode: 2468 234836

PIN

TOKENCODE

Token code: Changes every 60 seconds

Unique seed

Clock

synchronized to UCT

(18)
(19)

RSA SecurID Product Family:

System Components

+ACE/Server

ACE/Agents

(included)

SecurID Authenticators

(20)

ACE / Server - the Power Behind

SecurID

Authentication Engine, User, and

Policy Manager behind SecurID

Carrier-Class Performance and Scale

Over 12,000 installations

Tens of thousands of users per site

Manageability and Control

(21)

The Expanding RSA SecurID Family

RSA SecurID hardware tokens

RSA SecurID software tokens

RSA SecurID smart cards

RSA SecurID for the Palm

Computing Platform

(22)

RSA SecurID Hardware Tokens

RSA SecurID Standard Card RSA SecurID

PINPAD

RSA SecurID Key Fob

RSA SecurID ComboReader

(23)

Software token

Similar to a Pin Pad

Installed directly on users desktop

Easy to use and install

Palm™ Handhelds

Ericsson R380s smart phone

Nokia 9210 Communicator

(24)

Intercept access requests and forces

RSA SecurID

authentication

Software embedded in or layered on top

of

225+

network infrastructure products from

over

150+

vendors

Remote Access Servers (RAS)

Routers

Firewalls

VPNs

WEB

Enables

RSA SecurID

strong authentication to

integrate with your existing & future infrastructure

(25)

Agents for Network and Application

Access

UNIX - AIX, HP/UX, Solaris

IBM MVS OS/390

IBM AS/400

Microsoft Windows NT and IIS

Microsoft Windows 2000

Novell NMAS

Netscape

Lotus/Domino

(26)

RSA SecurID – Environment

Mainframe Network Unix Applications Applications & & Resources Resources Intranet Web Server RSA ACE/Server Internet RAS VPN or Firewall E-Business E-Business RSA Agent Remote Access

Remote Access Enterprise Enterprise

(27)

NFuse – Key Benefits

Virtual Workplace

User-specific web-based application access “Anytime, Anyplace, Anywhere”

Integration

Provide users with the broadest range of Windows and/or UNIX applications, all from a single Web browser

Personalization

Customize the content around applications and the application set that each user receives

Control

(28)

Web Application Deployment

Users

want:-– Secure Access

Rich Functionality

Interface of current applications, within a web browser

Issues faced are:-

Cannot guarantee the identity of users accessing sensitive data and applications

Difficult to deploy

(29)

The Most “Basic” Web Security Solution

Weak

Password

Authentication

SSL Encryption Only

SSL Encryption Only

NFuse Web Server &

CSG

Privacy

Authentication

(30)

A “Zero Footprint” Web Security Solution

SSL Encryption

SSL Encryption

w/ Two-Factor Authentication

w/ Two-Factor Authentication

NFuse Web Server &

CSG

Two-Factor User

Authentication

Privacy

(31)

NFuse Login

(32)

Stronger NFuse Login

(33)

Citrix Secure Gateway

Key Benefits

Denies direct access to internal resources over the Internet

Use 2-factor authentication without touching MetaFrame

Simplified client firewall traversal

(34)

RSA SecurID – Key Benefits

Secure Authentication

Guarantees user identity unlike traditional static passwords

Passwords – they are the weakest link… goodbye!

Quick Time to MarketZero Footprint

Ease of Use

Cost Reduction

Passwords expensive to maintain

Reduction in Helpdesk calls

Wide Range of Authentication Form FactorsFlexibility of choice

Hardware

Software

(35)

Users now

have:-– Secure Access

Rich Functionality

Interface of current applications, within a remote thin client session

Issues resolved are:-

Cannot guarantee the identity of users accessing sensitive data and applications

Difficult to deploy

Difficult to manage within the web environment

Secure Web Solutions

(36)

Summary

Secure Virtual Workplace

Ensuring trusted user identities, web-based

access, to applications & resources they require

(37)

Questions?

(38)

The Most Trusted Name in e-Security™

Figure

Updating...

References