Escolar Documentos
Profissional Documentos
Cultura Documentos
Features
Automatic Authentication
User Activation
Self-Service Admin
The Challenge
Enterprise IT is
blowing up
You've gone from managing dozens of user
accounts to managing thousands. Every user
is requesting a unique set of cloud apps. And
they all want to work from anywhere, on their
own devices. Yikes.
We feel you. Okta helps IT teams spend less
time administrating and more time plotting
strategy. We do it by providing a centralized
location where users can simply and securely
access their apps, and where IT can
Boost your people's productivity by cutting the time they spend logging in
and getting set up on apps
Decrease IT costs by eliminating helpdesk calls for forgotten passwords, lost
URLs, password resets, and account lock-outs
Get more work done
Adaptive Multi-factor
Authentication
Secure your apps and VPN with a robust policy framework, a comprehensive set of
modern second-verification factors, and adaptive, risk-based authentication that
integrates with all of your apps and infrastructure.
Learn more
Features
User identity
Network
Application
Device
We would like to take you through the detailed feature list and how best neXus SSO can work with your
environment. Please free to write to us or call us to fix an appointment.
Note of SSO
How many passwords can your employees remember and how much time must your admin
spend on resetting passwords? How about one click access to your organizations
applications on premises or on the cloud? Most employees tend to re-use passwords or
keep common password for all applications compromising on security.
Single sign-on (SSO ) is a user authentication process that allows a user to enter
one name and password in order to access multiple applications these
applications could be residing anywhere . SSO authenticates the user for all the
applications they have been given rights to and eliminates further Username / Password
prompts when they switch applications during a particular session.
The user gets to see only those applications that he has access to for eg. a sales
guy may not have been access to Accounts Application hence when the sales guy logs in
he does not even see the Accounts Application Logo in his URL . Since SSO is like one Key
which opens many doors hence many enterprises combine SSO with 2 factor
authentication to ensure that only the right user access these applications.
Nexus SSO solution can combine SSO plus 2FA. The Nexus SSO solution actually helps in
security and compliance since all the access to applications is through the SSO gateway (this
is an SSL encrypted Gateway) we can very derive reports of who has accessed what
applications for what duration etc. and these reports can be used for compliance as well.
Access for Admin ( via Putty etc) can also be done through the SSO as well and they can be
held accountable for their activities -
Another important feature to note is that there are 2 Types of SSOs Enterprise SSO which
works with Web based applications and Client server applications this requires a client to be
installed hence does not work for mobile users / Home PCs etc . Nexus is not into
Enterprise SSO and this is not very popular well.
The other Type of SSO is Web based SSO which works for Web based applications/Terminal
servers / Telnet / SSH and other Text based clients. The Nexus SSO does not require any
clients and does not require you to change you applications. It works with applications which
are not integrated with your AD as well. For integration with various applications Nexus
support various standards like ADFS, SAML ,. Oauth etc One Term you must be familiar with
Is Identity Federation which is basically linking a persons identity across multiple
different systems this is basically the technical term for SSO over various cloud
applications if a customer uses this Term it implies that he is looking for a kind of SSO
which Nexus can very well handle .
Agent:
Mr.XXX, May I take few minutes of your time to brief you on Nexussafe SSO and
identity federation
Prospect:
Sure.
Agent:
Prospect:
Agent:
Let me brief u on single sign on and identity federation. There 2 types of sso web
based sso and enterprise sso. We are not in the domain of Enterprise sso only web based sso. This
works for all web based apps/ Terminal servers and can be accessed from any device without the need
of any client agents or any change In your applications does your company use any cloud
applications ?
Prospect:
Yes do use Salesforce.com and Amazon cloud , I am looking for a SSO for my cloud
applications plus in built applications
Agent:
Great our sso works apart from Web apps with Telnet, SSH and Terminal server as well.
Prospect:
Agent:
Sure by default we support SOX Hippa and other compliance report formats you can
customize the reports as well .
Prospect:
the solution.
Would like to have a POC or webex session on the same .Also send some datasheets on
Agent:
No Problem We will arrange the same. However u needs to reconfirm on the number of
users and applications u are using.
Prospect:
Agent:
May I know whether you have allocated any Budget or it can be created?
Prospect:
Agent:
May I know who will be the final decision Maker & whether they will be part of
this demonstration.
What is 2 FA
2FA for Multi Factor authentication is a 2 step verification process . What the user
knows ( user name / password ) is called the First Factor of authentication , what
the user has ( a Hardware token , SMS OTP or Crypto Token containing a digital
Certificate) is known as the second Factor of authentication and finally what the
user is ( Biometric ) is the third factor of authentication .
User name and Password is static information which is likely to get compromised in
various ways hence a extra layer of security is required in the form of a 2FA which
contain usually a dynamic piece of information like a Hardware token with a number
which changes with time or an OTP which is a different number every time . The
most popular form of 2FA today in the Corporate world is Soft Tokens. A soft token is
an app which is installed in your laptop/ Mobile or Tablet and has a PIN which is
secret and known only to the user, every time the PIN is entered the App throws an
different number which is your OTP. This works like your hardware token except that
it is using the computing power of your mobile device. Soft token avoids headaches
of SMS services and also logistical and battery life issues of Hardware tokens
Who are the Potential Users of 2FA ?
Well anyone with a concern for security is a potential users. However for the
purposes of lead Generation let us look at the following criteria
1) Any one using SSL VPN- SSL VPN is used to give access to users from outside
the LAN , these could be customers and Partners . SSL VPN has a username
password and a 2FA is a excellent additional layer of security. The SSL VPN
could be from any brand it does not matter . Usually someone with more than
200 SSL VPN users goes for 2FA
2) Any Enterprise using cloud based applications like Office 365 or Google apps,
the reasons are obvious now even Microsoft promotes cloud based 2FA
however giving your security to the same Service provider who handles your
data is not such a good idea. We give a in premise 2FA for the cloud users.
Companies often have their servers hosted in DCs these enterprises are also
good potential users of 2FA .
3) IT/ Ites/ Research firms These enterprises sometimes have multiple users
accessing the same machine hence they have 2FA for Domain users as well.
Many large companies who are sensitive about data security have 2FA for
even offline ( out of LAN ) i.e they want that the user use 2FA to even boot
the computer a combination of Laptop encryption plus 2FA is common for
many large firms .
Invisible Token
Invisible token is an applet from Nexus which embeds itself in the browser of the
device and enables the user to do Device Binding . This method is superior to the
traditional Mac based device binding which can now be spoofed easily . There is no
need to mention to the customer the term Invisble token however customer will
ask if devices can be enrolled and removed easily - and yes we can do the same .
neXus helps you secure Microsoft Office 365 by providing the secure multi-factor authentication technology
you need.
We offer a software-based solution that lets you choose your authentication method depending on your
specific security requirements. After the user successfully enters his first factor (password) with Microsoft
Office 365, he is redirected to the neXus authentication page, from where he can log in using his preferred
or his organizations pre-defined authentication method.
Authentication methods available for strong authentication with neXus:
Software (Mobile) Tokens
SMS one-time-passwords (OTPs)
Hardware Tokens
You can also opt for device binding as an authentication factor. With device binding, only pre-approved
and validated devices can be used to access Microsoft Office 365. This feature also proves immensely
effective for organizations implementing Bring Your Own Device (BYOD).
The neXus authentication solution allows you to implement a consistent authentication policy for all your
Microsoft Office 365 users. It runs on all devices (laptops, smart phones, tablets) and across platforms
(Windows, Mac OS, Windows phone, iOS and Android).
How can we help you integrate this with your existing infrastructure? Contact us
Learn more about the related neXus products:
PortWise Authentication Server
Hybrid Access Gateway
Invisible Token