Secure Network Access

_

Secure Network Access

TrustSec Secure Network Access Solution provides a secure and reliable connection to local and remote network resources and applications. Using hardware token (PKI/OTP) that holds the user’s credentials is the basic idea of the solution.

Network resources are now an important and essential part of any enterprise’s business. Each enterprise has a network resource that can be used by all/some network users.

TrustSec solution includes two alternatives:

  • PKI Based Secure Network Access.
  • OTP Based Secure Network Access.
_

PKI Secure Network Access

This solution is intended to provide a hardware authentication technique to local network resources through secure domain login. The benefits of using TrustSec secure Network access PKI solution, the following benefits will acquired:

High Security

A number of security mechanisms are employed, helping significantly to eliminate the risk of fraud, attacks and misuse from unauthorized individuals and hackers. The user ID is stored on secure Hardware that cannot be duplicated. The hardware is protected by user PIN/Fingerprint to assure only the token owner will use it.

Easy Administration

TrustSec PKI solution for Network access domain login provides easy and simple method to control the access to the network using Certificate Revocation List (CRL). CRL enables the admin to prevent a user from access the network temporarily or permanently.

Compatibility

TrustSec Secure Network PKI access solution is compatible with different operating systems so that it can be used in different network architectures.

Ease of use

TrustSec Secure Network PKI Access solution provides easy way to end users to access the network. User just plug the token and enter the token PIN to access.

Standards Complied

TrustSec PKI network access solution supports the X.509 standards and CRL standards version 3.0. The solution supports the PKCS#11 for hardware security devices (token or smart card).PKI-FIDO2-TOKEN

_

OTP Secure Network Access

One-Time Password Today is one of simplest and most popular forms of two-factor authentication for securing network access.

High Security

OTP RADIUS system allows the user information to be stored on one host, minimizing the risk of security loopholes.

Two reasons cause this ultimate security. The first is the use of the OTP authentication technology. And the second is the strong secure communication between the system entities, which achieved by the Radius protocol. Hence two major security technologies are integrated together to produce the OTP Radius System. E-Code Solution solves the problem of password caching.

Ease of use

One click/touch; one response. The user has no need to identify himself through multiple steps, just submit his username and OTP and make one click/touch, where the domain passes the submitted credentials and identities, return back with respond of Accept or Reject.

The OTP solution requires no driver to be installed at the user side.

Interoperability

TrustSec Secure Network Access OTP solution is easy to integrate and work within any network infrastructure. This is due to the fact of using standard protocol (RADIUS).

Flexibility

The authentication is easy and fixed method for any domain access trial.

Traceability

TrustSec Secure Network OTP Access solution provides access tracking method that the system admin will use to view the users activity. OTP solution uses log file to do that.

High Performance

The OTP server responses quickly to authentication requests received from domain servers.

High availability

Being based on Linux server, Ubuntu server, then the OTP server is more reliable for long term operation.

Maintainability

Using the available integrated QA tests to troubleshoot and maintain the OTP server components.

Also, with existing testing applications to test the OTP server. Also, the ability to resynchronize token during authentication.

Certification

OTP RADIUS server is OATH certified for both TOTP and HOTP tokens. Also, PSKC encrypted files are supported for secure seed exchange.