SafeConduct
Application Access Security for New and Legacy Systems
SSL Standard
SafeConduct brings benefits of the Secure Sockets Layer (SSL) v3.0 standard, including digital certificate authentication and 256-bit data encryption, to any point-to-point Internet or VPN application data traffic. The SafeConduct product family transparently works with new and legacy applications. Using SSL data security standard, the most widely used protocol for security data transmission on the Internet, SafeConduct eliminates significant information security and privacy risks.
Secure channel
SafeConduct (for ODBC SSL, OLE DB SSL, JDBC SSL, or .NET provider SSL) builds an invisible and secure channel between two TCP/IP nodes. Before any application data traffic is sent, SafeConduct authenticates the machines, securely negotiates encryption keys, transmits secured user ID/password data, and finally transmits secured application data between the two nodes. SafeConduct prevents unauthorized machines from accessing applications. Application security is ensured by preventing unauthorized access to any application data transmitted over TCP/IP networks.
SafeConduct (using SSL security) monitors and intercepts TCP/IP data at pre-configured port addresses. Once secure communication is established between the two TCP/IP nodes, SafeConduct routes application data traffic to the true destination application port address. SafeConduct Server may be installed on a machine other than the one of the server application in order to redirect requirements for SSL encryption processing. SafeConduct Server acts as an SSL proxy.
Server and Client for all platforms
The SafeConduct product family includes the SafeConduct Server, the SafeConduct Windows Client, and the SafeConduct Java Client. The SafeConduct Windows client runs on Windows client and server platforms as an application or service. The SafeConduct Java Client can be used on multiple client and server platforms including, but not limited to Linux, Solaris, Windows, IBM OS390 and zOS, IBM iSeries/AS400, IBM AIX, Mac OSX, and OS/2. The SafeConduct Server can similarly be used on multiple client and server platforms.
The SafeConduct Server includes support to allow an administrator to remotely terminate its function. This allows systems administrators to easily prevent application access during maintenance or batch processing periods.
| Key Features |  | Benefits | |
 | |||
| SSL and TSL support - 256 bit encryption | | Data protected from unauthorized access | |
| |||
| NIST FIPS 140-2 validated crypto and SSL functions | | Approved US Government standards | |
| |||
| Node-to-Node authentication | | Assurance that only authorized point-to-point pairs may exchange data | |
| |||
| No change required to application source code | | Protect Investments | |
| |||
| Broad platform support | | Single tool for enterprise deployment | |
| |||
| Data encryption using the DigitalSignature Standard (DSS), with theDigital Signature Algorithm (DSA) and RSA algorithm | | Standards-based, secure architecture | |
| |||
| Extensive internal and Windows log reporting and accessibility | | Audit tool for data analysis | |
| |||
| Graphical tools for certificate generation and management | | Faster administration processing | |
| |||
| Optional integration with certificates obtained from an external certificate authority | | Flexible support for third-party security | |
| |||
Server
Any platform with Java Run-time Environment 1.3 and later
Client
Any platform with Java Run-time Environment 1.3 and later
or
Windows 2003/XP/2000/NT/ME/98
No comments:
Post a Comment