introduction to novell securelogin single sign-on bob bentley product manager novell, inc....

www.novell.com

Introduction to Novell SecureLogin Single Sign-on

Introduction to Novell SecureLogin Single Sign-on

Bob BentleyProduct ManagerNovell, Inc.Bbentley@novell.com

John ClarkDevelopment ManagerNovell, Inc.Jfclark@novell.com

Vision…one NetA world where networks of all types—corporate and public, intranets, extranets, and the Internet—work together as one Net and securely connect employees, customers, suppliers, and partners across organizational boundaries

MissionTo solve complex business and technical challenges with Net business solutions that enable people, processes, and systems to work together and our customers to profit from the opportunities of a networked world

Agenda

• The Password Management Problem• SecureLogin: The Password Management

Solution• How It Works• SecureLogin 3 Features and Architecture• Demonstration• What About Your Organization• Summary/Question and Answer

Introduction

one Net:

Simplify

Secure

Accelerate

Extend

Password Management Problem

passwordshow many

dohave?

you

Password Management Problem (cont.)

Too many to remember!

•Users will• Use weak passwords• Share passwords• Record passwords

Password Management Problem (cont.)

• Security is compromised

Password Management Problem (cont.)

• How does this affect your Help Desk costs

Help Desk Costs

• Did you know… Each time an end-user calls the help desk, it

costs the organization $25 to $50 (Giga) Annually, organizations spend $200-$300 per

user on password management (Hurwitz Group)

(IDC) Annual help desk time spent managing passwords for an average 5,000 user organization with…• 4-8 apps: 4,150 hours• Over 20 apps: 10,700 hours

Password Management Problem: Help Desk Costs

• How big is the problem? First-hand data—• One Novell customer

Spent $32 for each password reset 10,000 users 2 password resets for each user annually

• $640,000 spent annually on password reset

Password Management Problem

• What about your users?

Password Management Problem: End-User Productivity

• Did you know…• The average user scenario: 44 hours per

year performing multiple login tasks to access 4 applications (Hurwitz Group)

• A 5,000 user organization loses 1,479 hours of productive time per month getting help with passwords (IDC)

• Over 70% of users have password problems at least monthly (IDC)

Password Management Problem

• What about data security?

Password Management Problem: Cost of Insecure Data

• Did you know… In 1999, Fortune 1000 companies reported $45

billion in proprietary information loss (Price Waterhouse Coopers)

57% of security breaches were made by on-site employees/contractors accessing unauthorized resources (eWeek)

On-site employees/contractors are the #1 threat to proprietary data security (Price Waterhouse Coopers)

The Holy Grail?

Password Management Solution

Password Management Solution

• Novell SecureLogin A password management solution that single

sign-on enables Windows, web, Citrix/Terminal Server, and host-based applications

Solves 95% of password management problems (IDC)

#1 Market Share Leader (IDC)

it’s one Net

Password Management Solution

• Novell SecureLogin benefits

• Significantly reduces support costs

• Simplifies the end-user experience

• Increases security

• Leverages Novell eDirectory™

eDirectory

Securely Store passwords in eDirectory

Password Management Solution

eDirectory

For on-demand presentation to applications

Password Management Solution

Out-of-the-box support…a partial listing

MSN Messenger

ACT

Browser Pop-ups CorporateTime Entrust

Eudora

Goldmine

ICQ

JUNO

Lotus NotesLotus OrganizerMeeting MakerMS Internet Gaming Zone

MS FrontPage

MS Money 98/99

Quicken

Siebel SalesYahoo! MessengerVisual SourceSafeWindows LogonMS SQL

Microsoft Outlook

Clarify

QuickBooks ProRumba 6

Attachmate Extra! 6.3Attachmate Extra! 6.5

Opera Web

Internet Explorer DialerAOL

Internet Explorer WebInternet Explorer Pop-up

Compuserve

Earthlink

Reflection 7

HostExplorer

PCOM 4.3, 5.0Mindspring

Netscape WebNetscape Pop-up

NeoPlanet Web

MSN

Prodigy

Novell GroupWise®

PeopleSoft

Oracle

SoftFront Track for WinWorldnet

Novell SecureLogin Today

How It Works:Login Experience—Before NSLApplicationApplication

serverserver

ClientClientworkstationworkstation

3) Provide credentials

4) Application

starts

1) Launch application

2) Credential challenge

Login ID:

Password:

frank

*******

How It Works:Login Experience—With NSL

ApplicationApplicationserverserver

Novell Novell eDirectoryeDirectory

ClientClientworkstationworkstation

4) NSL requests

secret from eDirectory

Login ID:

Password:

2) Launch application

3) Credential challenge

1) Authenticate to eDirectory

5) NSL receives secret (ID/PWD) from eDirectory,

then authenticates to application

NSL 3.0 Features:Client-Side Features

Comprehensive single sign-on• Windows applications• Groupware and client/server

applications• Web sites• Terminal emulators• Citrix/Terminal Server

Script development options• Wizards for simple application

integration tasks• Advanced login scripting for

complex application integration tasks

• Password policy enforcement

Deployment options• Client32™, LDAP or ADSI• Client-only or client-server

configuration with Novell SecretStore®

• Local cache for remote/ disconnected use

Other user features• NMAS SE built in• Screenlock for Win9x• Simple configuration tool for

users

NSL 3.0 Features, Server-Side Features and Administration

Server-side options, whenimplemented on eDirectory• SecretStore v3 Server• NMAS v2 Server

Administration tools• ConsoleOne® Administration

for eDirectory configurations• Script editor administration for

LDAP, ADSI configurations

Administrative capabilities

• Single point of management for deploying organization-wide scripts, password policies

• Administrator sets overriding values for user options

• SNMP monitoring of login events and performance

NSL 3.0 Components:Standard eDirectory Environment

eDirectory

NMAS Data

Corporate scriptsPassword policies

User secretsUser scripts

Client32

Local cache(Optional)

Scriptengine

SecureLoginclient

WebSSO

WinSSO TLaunch

Main module

Notes

eDirectoryserver

NMAS

SecretStore

NSL 3.0 Components:LDAP Environment

LDAP

Local cache(Optional)

Scriptengine

SecureLoginclient

WebSSO

WinSSO TLaunch

Main module

Notes

eDirectoryserverwith

NLDAP

eDirectory

Corporate scriptsPassword policies

User secretsUser scripts

NSL 3.0 Components: Citrix/Terminal Server Environment

Client32Scriptengine

Citrix/Terminal Server with SecureLogin client installed

WebSSO

WinSSO TLaunch

Main module

Notes

eDirectory

NMAS data

Corporate scriptsPassword policies

User secretsUser scripts

eDirectoryserver

NMAS

SecretStore

PC client Browser Mac Pocket PC

UNIX Linux ICA clients

DemonstratiDemonstrationon

NSL 3.0 Requirements

• NSL 3.0 client platforms Windows 98/ME Windows NT/2000/XP

• For client-only install (no server install)

Any *NDS® platform (including NetWare® 4)

Any eDirectory platform MS ADS NT Domains

• For client/server install (SecretStore)

Any eDirectory platform• NetWare 5+• Windows NT/2000• Solaris• Linux

*Novell Directory Services®

Part of Novell Secure Access Suite

• SecureLogin integrates with other Novell security products

Novell Modular Authentication Services (NMAS™)• Use biometrics, smart cards or tokens to completely

eliminate passwords

Novell iChain®

• Extend single sign-on benefits to external employees and customers

Novell Account Management (NAM)• Automatically sign on to platforms such as NT/2000,

OS/390, or UNIX

Summary

• Solves the password management problem Reduces help desk costs Improves security Streamlines end-user experience

• Works with your organization’s applications• Integrates with other Novell security

products• Achieves a quick return on investment

What About Your Organization?

• Find out how much the password problem is costing you, and how much you would save with SecureLogin 3

• CIO View’s ROI Calculatorwww.novell.com/products/securelogin/roitool/

For More Information…

• Other BrainShare 2002 sessions on SecureLogin

TUT243: Automating Mainframe Authentication Using SecureLogin

TUT244: Securing the Net: Web Authentication Using SecureLogin

TUT344: Advanced Novell SecureLogin Configuration

BUS244: Healthcare Solutions Using Novell SecureLogin (NSL) and Novell Module Authentication Service (NMAS)

For More Information…

• For more information on Novell SecureLogin 3, please visitwww.novell.com/products/securelogin

Brochure, Flyer White Paper ROI Tool News and Reviews