|
Close Window |
ActivCard Strong Authentication Solution
for Check Point Remote Access
It's
a fact that VPNs are fast becoming core elements of standard IT infrastructure.
This initial investment in productivity, mobility, and streamlined access
from any location for employees and business partners creates another challenge
for those chartered with securing the enterprise:
- Is a static password really good enough to prove the identity of the person accessing valuable data, communications, and applications?
- Does the encryption of data in transit in anyway minimize the baseline requirement of first verifying the digital identity of the recipient?
- Is two-factor authentication a line of defense that should be included in your VPN deployment?
ActivCard® provides the answers and optimal solutions to address those questions: ActivPack™ for Windows is the easiest and most secure way to authenticate user identity prior to granting users remote access to network resources via Check Point™ VPN-1/FireWall-1. ActivPack validates user identity with token-based one-time passwords before the VPN-1 Gateway establishes a secure tunnel to Check Point VPN-1 clients (SecuRemote or SecureClient). With the combined solution, all communications are encrypted to the FireWall-1 and VPN-1 Gateway using standard RADIUS protocol.
ActivPack is a RADIUS and TACACS+ compliant authentication server and user management system that enables deployments of two-factor authentication devices including keypad tokens, USB keys, soft tokens, and smart cards. The system offers a scalable AAA solution for verifying authentication requests and administering authentication policies across enterprise networks.
|
for Check Point "Solution Notes"
- Multiple Authentication Methods – Challenge/Response, Synchronous, and static
- Multiple Authentication Devices – Smart cards, hardware, and software tokens and USB tokens
- Integrates with existing Microsoft® Windows® NT and Windows® 2000 infrastructure and resources – MS SQL Server, Oracle®
- Management Console with role based administration for flexible administration and user support
- Import of user data from Domains, SQL database, and LDAP servers
- Flexibility to import device secrets or initialize locally via the Management Console enabling the enterprise to control the secrets
- Advanced features such as user roaming, proxy, authentication routing, failover, and synchronous replication
- Centralized administration for users, devices, and profiles