® Brian Breton Gradient Technologies, Inc. NetCrusader P R O D U C T F A M I L Y Extending the...

®

Brian BretonBrian BretonGradient Technologies, Inc.Gradient Technologies, Inc.

NetCrusaderP R O D U C T F A M I L Y

Extending the Benefits of DCEExtending the Benefits of DCE

TOG DCE Program GroupTOG DCE Program Group

[email protected]@gradient.comAmsterdam, January 1998Amsterdam, January 1998

© 1998 Gradient Technologies, Inc.

CommonCommonAuthorization Authorization

ModelModel

NetCrusaderSecurity Server

Multiple Multiple AuthenticationAuthentication

MethodsMethods

Username/Password

Public-KeyCertificate

Two-FactorAuthentication

Customers

Partners

Employees

MultipleMultipleUserUser

PopulationsPopulations

Enterprise Security InfrastructureEnterprise Security InfrastructureMultiple Multiple

EncryptionEncryptionMethodsMethods

DES, SSL,RSA, CAST,

others

Legacy

Heritage

Web-based

Multiple Application TypesMultiple Application Types

DistributedDistributedSecurity Security

ManagementManagement

NetCrusaderCommander


InfrastructureInfrastructureRequirementRequirement• Leverage existing Leverage existing

investmentsinvestments

NetCrusader approachNetCrusader approach• Support multiple Support multiple

application typesapplication types– Web-basedWeb-based

– HeritageHeritage

– LegacyLegacy




NetCrusader approachNetCrusader approach• Support heterogeneous Support heterogeneous

systemssystems– Windows 3.1, 95, NT; Windows 3.1, 95, NT;

MacMac

– AnyAny browser-enabled browser-enabled client!client!

– NT; UNIX (AIX, HP-UX, NT; UNIX (AIX, HP-UX, Solaris)Solaris)


InfrastructureInfrastructureRequirementRequirement• Availability and ScaleAvailability and Scale

NetCrusader approachNetCrusader approach• Leverage proven, Leverage proven,

replicable, distributed replicable, distributed computing services computing services– Security servicesSecurity services

– Directory servicesDirectory services

– Time servicesTime services

– OthersOthers




NetCrusader approachNetCrusader approach• Implement as value-Implement as value-

added filters and added filters and extensions to extensions to commercial Web commercial Web serversservers– NetscapeNetscape

– MicrosoftMicrosoft


NetCrusaderNetCrusaderSecurity ServerSecurity Server

Web browser

+ NetCrusaderNetCrusaderClientClient

Web browseronly

Leverage Existing InvestmentsLeverage Existing InvestmentsMicrosoft/Netscape

Web Server

NetCrusaderNetCrusaderCommanderCommander

ISAPI/NSAPIApplication

ProtocolFilter

Entrust/HTTP;DCE/HTTP

SSL MapperAuthZFilter

SignerNetCrusaderNetCrusaderSecuritySecurityAdapterAdapter

Username/Passwordor Public-Key Certificate

NetCrusaderCredentials

AccessPermissions

Two-factor(optional)



Securing theSecuring theLarge EnterpriseLarge Enterprise

The Integration ofNetCrusader and Entrust


NetCrusader and EntrustNetCrusader and Entrust


Web browser


+ Entrust Client+ Entrust Client

Microsoft/NetscapeWeb Server


ISAPI/NSAPIApplicationCAST

ProtocolFilter

Entrust Cast /HTTP

MapperAuthZFilter


Public-Key Certificate


AccessPermissions

Entrust Session

Entrust/ManagerSecurity Server Entrust

Session

Token Card /SmartCard(optional)


Integrated Product BenefitsIntegrated Product Benefits• Simplified key managementSimplified key management

• Easy-of-use for administrators, users, Easy-of-use for administrators, users, developersdevelopers

• Full encryption capabilitiesFull encryption capabilities

• A single, standardized access control A single, standardized access control managementmanagement

• Easy integration into existing environmentsEasy integration into existing environments


Developing SecureDeveloping SecureWeb-based Java ApplicationsWeb-based Java Applications

The Integration ofNetCrusader and NetDynamics


Copyright ©1997 Gradient Technologies, Inc.

NetDynamics ComponentsNetDynamics Components

• NetDynamics StudioNetDynamics Studio– A visual tool that allows developers to create A visual tool that allows developers to create

database applications easily, using data and database applications easily, using data and code objects code objects

– Supports wizards, Java classes, generation of Supports wizards, Java classes, generation of server-side Java code server-side Java code

• NetDynamics Application ServerNetDynamics Application Server– High-performance, scalable Java-based server High-performance, scalable Java-based server

that controls applications and database that controls applications and database connectionsconnections



Web browser

NetCrusader V3 and NetdynamicsNetCrusader V3 and NetdynamicsMicrosoft/Netscape

Web Server


NetDynamicsSecurity AdapterProtocol

Filter

SSL,Entrust/HTTP,

DCE/HTTP

MapperAuthZFilter

Signer



AccessPermissions


DBMS

NetDynamicsApplicationServer(s)


Developing SecureDeveloping SecureWeb-based ApplicationsWeb-based Applications

The Integration ofNetCrusader and Bluestone Sapphire/Web


Sapphire/Web ComponentsSapphire/Web Components

• Sapphire/Web IDESapphire/Web IDE– A visual tool that allows developers to create database A visual tool that allows developers to create database

applications easily, using data and code objectsapplications easily, using data and code objects

– Supports Java, C, C++ & numerous middleware choices Supports Java, C, C++ & numerous middleware choices including: IIOP, RMI, DCE, SSL and more...including: IIOP, RMI, DCE, SSL and more...

• Sapphire/Web Application ServerSapphire/Web Application Server– High-performance, replicable, fault tolerant server that High-performance, replicable, fault tolerant server that

controls applications and database connectionscontrols applications and database connections

• Sapphire/Web State ServerSapphire/Web State Server– Enables dynamic swapping of users between app serversEnables dynamic swapping of users between app servers



Web browser

NetCrusader V3 and Sapphire/WebNetCrusader V3 and Sapphire/WebMicrosoft/Netscape

Web Server


Sapphire/WebSecurity AdapterProtocol

Filter

SSL,Entrust/HTTP,

DCE/HTTP

MapperAuthZFilter

Signer



AccessPermissions


DBMS

Sa[[hire/WebApplicationServer(s)

Java, C++, C

SapphireWebState Server


Application Development & Deployment Time

Web-based Applications Web-based Applications Cuts Time-to-MarketCuts Time-to-Market

Traditional Client/Server Tools

First-GenerationWeb Tools (CGI, C++)

Second-Generation Web Tools

Application Development Time

Application Deployment Time

Key

NetDynamics/BluestoneNetDynamics/BluestoneAdvantageAdvantage


Integrated Product BenefitsIntegrated Product Benefits• More administrator control over application access More administrator control over application access

control policiescontrol policies– Exports data bindings to NetCrusader for enforcement Exports data bindings to NetCrusader for enforcement

and administrationand administration

• Easier management of security infrastructureEasier management of security infrastructure• Single standardized facility for access control Single standardized facility for access control

managementmanagement• Consistent security model across all tiers in the Consistent security model across all tiers in the

distributed environmentdistributed environment• Easier application development through more flexible Easier application development through more flexible

access control mechanismsaccess control mechanisms


Extending Enterprise Security Extending Enterprise Security with Two-factor Authenticationwith Two-factor Authentication

The Integration ofNetCrusader & PC-DCE and

Security Dynamics SecurID Token Cards


NetCrusader and SecurID Token Cards NetCrusader and SecurID Token Cards


Web browser


+ SecurID + SecurID



ProtocolFilter

DCE/HTTP

MapperAuthZFilter

Signer NetCrusaderNetCrusaderSecuritySecurityAdapterAdapterUsername/Password

or Public-Key CertificateNetCrusader

CredentialsAccessPermissions

NetCrusaderNetCrusaderCommander Commander

SDI Client

SDI ACESDI ACEServerServer


Integrated Product BenefitsIntegrated Product Benefits

• Two-factor authentication adds extra level Two-factor authentication adds extra level of securityof security

• Eliminates use and risk of passwordsEliminates use and risk of passwords

• Removes user password managementRemoves user password management


Portable Public-Key Portable Public-Key AuthenticationAuthentication

The Integration ofNetCrusader and

Litronic SmartCards and Readers


NetCrusader and LitronicNetCrusader and LitronicSmartCards and ReadersSmartCards and Readers


Web browser

& optional NetCrusaderNetCrusader

ClientClient




ProtocolFilter

SSL,Entrust/HTTP,

DCE/HTTP

MapperAuthZFilter




AccessPermissions

LitronicSmartCardand Reader



• Public Key authentication and mapping to a Public Key authentication and mapping to a NetCrusader Universal IdentityNetCrusader Universal Identity

• Single sign-on (SSO) to NetCrusader Single sign-on (SSO) to NetCrusader enabled applications including internally enabled applications including internally developed and 3rd party like SAP & developed and 3rd party like SAP & PeoplesoftPeoplesoft


PeopleSoft looks to industrial PeopleSoft looks to industrial strength securitystrength security

The Integration ofNetCrusader and PeopleSoft



• Public Key authentication and mapping to a Public Key authentication and mapping to a NetCrusader Universal IdentityNetCrusader Universal Identity

• Single sign-on (SSO) to PeopleSoft Single sign-on (SSO) to PeopleSoft applicationsapplications

• Secure Web access to Peoplesoft Secure Web access to Peoplesoft applications through standardized access applications through standardized access control managementcontrol management



• Consistent security model across all tiers in Consistent security model across all tiers in the distributed environmentthe distributed environment

• Complements existing relationship with Complements existing relationship with NetdynamicsNetdynamics

• Complements strategy for other RAD Complements strategy for other RAD partners--Bluestonepartners--Bluestone


Secure Web access to Secure Web access to SAP’s R/3SAP’s R/3

An Integration project by Gradient and Deloitte & Touche

for SAP


NetCrusader / Deloitte & Touche NetCrusader / Deloitte & Touche IntegrationIntegration

Access Control Library

NetDynamics Security Adapter

Web Server with WebCrusader Security Adapter

NetDynamicsApplicationServer

NetCrusaderCommander

Web BrowserWeb Browser

Access Control Access Control DatabaseDatabase

SAP SAP ApplicationsApplications

Data SourceData Source


Integrated Product BenefitsIntegrated Product Benefits• Solution (NetCrusader, NetDynamics, and Solution (NetCrusader, NetDynamics, and

D&T) leverages NetCrusader security D&T) leverages NetCrusader security services and NetDynamics development services and NetDynamics development tools to create Web-based front-ends to new tools to create Web-based front-ends to new or existing SAP functionalityor existing SAP functionality

• Secure access to SAP R/3 by extracting Secure access to SAP R/3 by extracting digital signature from public key certificate digital signature from public key certificate and mapping it to a NetCrusader Universal and mapping it to a NetCrusader Universal User IdentityUser Identity


Integrated Product BenefitsIntegrated Product Benefits• Takes advantage of NetDynamics SAP Takes advantage of NetDynamics SAP

Platform Adapter Components (PAC)Platform Adapter Components (PAC)

• Single Sign-On (SSO) extends to include Single Sign-On (SSO) extends to include SAP R/3 applicationsSAP R/3 applications

• Tools for simplified, decentralized Tools for simplified, decentralized management of the security infrastructuremanagement of the security infrastructure


Developing SecureDeveloping SecureObject-based ApplicationsObject-based Applications

The Integration ofPC-DCE and IONA Orbix


PC-DCE and OrbixSecurityPC-DCE and OrbixSecurity

Client Orb Server Orb

Orbix RT

PC-DCE RT PC-DCE RT

Orbix RT

PC-DCE Security Server

IIOP

OrbixSecurity OrbixSecurity


Integrated Product BenefitsIntegrated Product Benefits• Introduces security to object-based Introduces security to object-based

applicationsapplications• No application modification required No application modification required • Consistent security model across all tiers in Consistent security model across all tiers in

the distributed environment the distributed environment • Single standardized facility for access Single standardized facility for access

control management control management • Easier management of security infrastructureEasier management of security infrastructure


There are many others...There are many others...• Transarc DFSTransarc DFS

• Transarc EncinaTransarc Encina

• Checkpoint Firewall-1Checkpoint Firewall-1

• Oracle ANOOracle ANO

• Sybase Open Client, Open ServerSybase Open Client, Open Server

• VersatilityVersatility

• ManugisticsManugistics


Distributed Security ManagementDistributed Security Management

• Graphical management of users and groupsGraphical management of users and groups


NetCrusader and Sapphire/Web NetCrusader and Sapphire/Web deliver the best of security and RADdeliver the best of security and RAD

• CrossRoads 98 Award CrossRoads 98 Award Winner for Security Winner for Security InfrastructureInfrastructure

• CrossRoads 98 Award CrossRoads 98 Award Winner for RAD toolsWinner for RAD tools

NetCrusader


Gradient’s NetCrusaderGradient’s NetCrusadersucceeds in delivering a

comprehensive enterprise-wide security infrastructure thru both innovation and partnership with market and technology leaders

P R O D U C T F A M I L Y

®

NetCrusaderSecurity SolutionsSecurity Solutionsfor the Enterprisefor the Enterprise

Gradient Technologies, Inc.Gradient Technologies, Inc.2 Mount Royal Avenue2 Mount Royal AvenueMarlborough, MA 01752 USAMarlborough, MA 01752 USA+1 508 624 9600+1 508 624 9600

http://www.gradient.com/http://www.gradient.com/

® Brian Breton Gradient Technologies, Inc. NetCrusader P R O D U C T F A M I L Y Extending the...

Documents

Transcript of ® Brian Breton Gradient Technologies, Inc. NetCrusader P R O D U C T F A M I L Y Extending the...