Enterprise Single Sign On Manager (E-SSOM) - Tools4Ever.com
Enterprise Single Sign On Manager (E-SSOM) - Tools4Ever.com
Enterprise Single Sign On Manager (E-SSOM) - Tools4Ever.com
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
TECHNICAL LEAFLET<br />
TOOLS4EVER<br />
IDENTITY GOVERNANCE & ADMINISTRATION<br />
enterprise single sign-on manager (e-ssom)<br />
tools4ever’s enterprise single sign-on manager (e-ssom) <strong>com</strong>prises a number of functional<br />
modules. it’s possible to begin with the most user-friendly and visible modules to quickly<br />
enable support within the organization; the e-ssom architecture permits a phased rollout.<br />
e-ssom offers the following modules:<br />
automated login (al)<br />
The Automated Login module ensures that a user only needs to identify<br />
himself once and does not have to log in afresh for each application. Automated<br />
Login handles all the log-in screens for an end-user automatically.<br />
Features in this module include:<br />
u Support for all conceivable types of applications, Telnet, mainframe,<br />
Java, Flash, Client-Server, HTML, VBScript, etc.<br />
u System Administrators manage the application definitions<br />
u AD group membership regulates which end-users are granted<br />
access to Automated Login and to which applications<br />
u End-users can delegate application access to<br />
colleagues if enabled by System Administrators<br />
u All actions by the end-user are stored centrally in a SQL database<br />
authentication management (am)<br />
Authentication Management arranges two-factor authentication and replaces<br />
the normal Windows login by a pass-card with a PIN code. Authentication<br />
Management supports a number of physical recognition types:<br />
cryptographic passes, USB tokens, certificates, active RFID and biometrics.<br />
Features in this module include:<br />
u Adjustable <strong>com</strong>plexity of the PIN code<br />
u Adjustable memory period for the introduced PIN code<br />
u End-user self-service for linking pass-cards to their<br />
username / password<br />
u Connections to existing access systems<br />
u Delegation module so that managers can reset PIN<br />
codes or withdraw and issue pass-cards<br />
virtual desktop automation (vda)<br />
Introducing desktop virtualization (e.g. VMware View 4.5 with Citrix XenApp) yields many benefits for organizations. <strong>On</strong>e of the benefits of VDI is being able<br />
to take sessions easily from desktop to desktop (Follow Me). The VDA module by E-<strong>SSOM</strong> is fully integrated with all VDI types and produces a user-friendly<br />
form of Follow Me. The user only has to introduce the pass-card to the reader and within 8 seconds the VDA module enables a reconnect with the open<br />
session, 100% automatically.<br />
Features of this module include:<br />
u <strong>On</strong>e-Touch-Access: The end user simply logs in, for example by placing a card on the reader<br />
u Support for tapping<br />
u Adjustable memory period for the introduced PIN code<br />
u Multiple pass-cards possible per end-user<br />
u Enforcing that only pass-cards may be used which are already registered in another system<br />
www.tools4ever.<strong>com</strong>
TECHNICAL LEAFLET<br />
TOOLS4EVER<br />
IDENTITY GOVERNANCE & ADMINISTRATION<br />
sso anywhere<br />
SSO Anywhere offers external SSO so that those working at home with<br />
their PC or laptop only have to log in once, after which access is<br />
automatically granted to all applications and resources in the network<br />
and the cloud. The end-user logs in to SSO Anywhere with the username<br />
and password registered in Active Directory.<br />
Features of this module include:<br />
u Seamless integration with Active Directory<br />
u No extra investment needed for firewall products or similar<br />
u SSO Anywhere <strong>com</strong>municates with the central E-<strong>SSOM</strong> server<br />
so that changes are always available everywhere<br />
self-service<br />
password reset (spr)<br />
The SPR module offers end-users the ability to reset their passwords<br />
themselves without the intervention of the helpdesk. End-users identify<br />
themselves by answering a number of personal questions correctly (e.g.<br />
‘What is your mother’s maiden name?’). The SPR module is integrated in<br />
the Active Directory Windows log-in screen, but is also available for web<br />
interfaces such as Outlook Web Access, Intranet portal, etc.<br />
Features of this module include:<br />
u Automatic logging of password resets in the helpdesk application<br />
u Password reset can be applied in multiple systems and applications,<br />
eDirectory, Active Directory, Unix,<br />
Lotus Notes, SAP, etc.<br />
u Available in several languages<br />
u The questions, number of questions, length and form of answers<br />
are all configurable<br />
central server<br />
In order for each module to operate, the Central Server is a minimum<br />
requirement. The Central Server is not a hardware appliance, but a<br />
software service installed on any Windows server. The Central Server<br />
manages the definition of the application profiles, the log-in details of<br />
end-users per application and the audit details. The server is managed<br />
via the E-<strong>SSOM</strong> console.<br />
Features in this module include:<br />
u Redundant data via SQL Server cluster or replication<br />
u High availability 99.999% via automatic failover and offline caching<br />
on clients<br />
u Reporting engine for automated HTML, e-mail and CSV reports<br />
u Intuitive interface for defining applications<br />
u Delegated interface so that the helpdesk can carry out<br />
administrative tasks<br />
windows server<br />
work stations<br />
e-ssom<br />
service<br />
e-ssom<br />
client<br />
login<br />
login<br />
login<br />
cfg<br />
inlog
Change language