RSA Security is renewing its focus on improving the
security of user passwords with RSA Sign-On Manager, a rebranded
version of its SecurID Passage product that the company claims will
make it easier for enterprises to manage user
passwords.
The relaunched product will be available in September and will
be able to manage user log-ins for around 90 different enterprise
applications using single sign-on technology licensed from
Passlogix.
A new RSA technology called IntelliAccess will allow users to
recover forgotten user names and passwords, saving expensive help
desk calls.
Single sign-on technology allows organisations to simplify
management of user access credentials. The products store
credentials for multiple applications, then interact with those
applications on behalf of users during login, allowing users to
keep just one user name and password combination, rather than
maintain a separate set of credentials for each network or web
application they need to access.
The product will work with any x.509-standard digital
certificate authority, as well as a wide range of RSA's two-factor
authentication technologies, including RSA SecurID authenticators,
RSA Smart Cards or USB (authenticators, as well as biometric
identifiers, digital certificates and standard passwords.
Passlogix's V-GO SSO technology provides the single sign-on
functionality. The Sign-On Manager joins that technology to strong
authentication products, for organisations that want to simplify
their users' online experience, but still maintain strict security
around user access, said Phil Fulchino, director of product
management at RSA.
The software-only product uses a Microsoft Windows XP and
Windows 2000 client that authenticates the user at the desktop and
manages access to network and web applications.
A separate Sign-On Manager server stores user credentials and
authentication policies for the applications under management,
periodically updating the Sign-On Manager clients. The server runs
on Windows 2003 machines. A version for the Sun Microsystems
Solaris environment is also due soon.
The Sign-On Manager's IntelliAccess feature allows users to
retrieve forgotten sign-on credentials, even when disconnected from
the Sign-On Manager server, by providing unique, identifying
information at the desktop, which is checked against credential
information stored securely on the client.
Management features also make it easier to maintain strong
security for network- and web-based applications by allowing
administrators to schedule automatic password updates for their
applications. Those passwords and updates are managed by Sign-On
Manager.
The Sign-On Manager is being beta-tested now and is scheduled
for release in September and will cost around $89 for a single user
licence.
Paul Roberts writes for IDG News
Service