RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Aladdin eToken Network Logon Is removed from sales

Product
Developers: Aladdin R.D.
Technology: Cybersecurity - Authentication,  Means of enciphering are cybersecurity

Content

eToken Network Logon – is intended for cardinal solution of the problem of "weak" passwords during the work on computers under management Microsoft Windows

  • Input on the computer and in Windows network using eToken.
  • User registration by the difficult password or the digital certificate.
  • Blocking of the computer at detachment of eToken.
  • Solution of the problem of "weak" passwords.
  • Integration into a public key infrastructure.
  • The certified version.

Appointment

In the simplest scenario of use eToken Network Logon:

  • generates for the user the new difficult password for an input in Windows (length of 14 characters, surely containing letters of an upper and lower case, digits, special characters);
  • will change the current user password of Windows for the new difficult password;
  • will save the new difficult password for an input in Windows in a secure memory of an USB key or smart card of eToken.

For an input in Windows it is enough to connect eToken and to enter a user password for the eToken key. The password Windows which is stored in a secure memory of the eToken key will be schitan from memory of a key and is transferred to Windows - it excludes a possibility of peeping or interception of the password Windows by the malefactor and does really possible use in the environment of Windows of passwords, difficult and resistant to search.

eToken Network Logon provides:

  • Two-factor authentication of users on the computer and in Windows network using USB keys or smart cards of eToken;
  • Use of registration names and passwords for local login or for an input in the domain;
  • Use of digital certificates of X.509, certificates of the user with a smart card and private keys for an input in the domain;
  • Generation and subsequent application of the accidental passwords unknown to the user.

2017: Removal from sales of products of the line of eToken

The notification on plans of the termination of sale, support and maintenance of USB tokens and smart cards of the eToken PRO family (Java), eToken and CIPF of Kriptotoken as a part of the products eToken GOST[1].

Products of the line of eToken are removed from sales since the beginning of 2017. The conditions of completion of sales and product lifecycle of a line of eToken PRO (Java) specified in the table provided below extend to all existing form factors (an USB token, a smart card and so forth). The list includes the products which both are not certified, and certified. The detailed list of models for all listed products is specified in the section "Articles and names" of the Notification.

Model

  • last sale date on January 31, 2017, end date of support on December 1, 2020.
  • eToken 4100 Smartcard, eToken 5100/5105, eToken 5200/5205

  • last sale date on August 31, 2017, end date of support on December 1, 2018.
  • The products containing a CIPF of Kriptotoken (eToken GOST)

Technical support of the products purchased earlier will be performed before end of the paid period of technical support.

Instead of electronic keys of eToken PRO (Java) and eToken the Aladdin R.D. company offers new domestic USB tokens, smart cards, the built-in modules of security (chips), OTR tokens of JaCarta PRO, JaCarta PKI, JaCarta WebPass developed and manufactured by it in the Russian Federation.

The substituted model

  • eToken, eToken PRO (Java), SafeNet eToken
    • JaCarta PRO - Compatible model
    • JaCarta PKI - Functional analog

  • there is no eToken PRO Anywhere -
  • eToken NG-FLASH (Java) - In 2018 it is going to provide a similar product in JaCarta line
  • eToken NG-OTP (Java) - The functional analog creating value OTR and transferring him on USB port

Possibilities of eToken Network Logon

Functionality

eToken Network Logon can be installed on computers and notebooks running OS Microsoft Windows, united in the working group or the domain Windows.

After the eToken Network Logon installation the standard invitation for an input in Microsoft Windows is replaced new which expands opportunities for user login:

  • it is possible to connect a smart card (eToken) with private key and the certificate of the user, to enter a user password for eToken and to log in;
  • it is possible to click CTRL+ALT+DELETE, to enter a user name, the password and (if necessary) a domain name, to click OK and to log in.

For each of these two methods of authentication improvements are provided in eToken Network Logon: Instead of to enter every time the user name and the difficult password, the user once saves them in memory of eToken, and afterwards only connects eToken and enters for it a user password.

To log in, having shown the certificate of the user with a smart card, it is necessary to connect eToken and to enter for it a user password. If eToken is already connected, it is not necessary to take out it and to connect repeatedly, it is only enough to click CTRL+L, and then to enter a user password for eToken.

Features

Solution of the problem of "weak" passwords. After installation of a product it is possible: to refuse completely use of passwords at an input on the computer and in network, having passed to use of digital certificates, or to use the difficult passwords stored in memory by eToken (set manually taking into account the requirements to their complexity existing in the organization or which are automatically generated).

Anyway the password stops being "weak" (the risk of its selection by the malefactor is excluded), at possible change of the password by the user the risk of a task by it the new password which is "weak" is excluded, the password is not entered from the keyboard (risks of peeping of the password or its interception are excluded by spyware), the user should not remember the password (cases of its zabyvaniye and recording on paper are excluded).

Gain of security when using passwords. Even if for an input on the computer and in Windows network passwords are used, then using eToken Network Logon it is possible to enhance security of the existing system considerably. Names and passwords of users can be saved in memory of eToken (that will exclude risk of their peeping by the malefactor). It is in addition possible to use the password generator which is built in eToken Network Logon for generation of difficult passwords (it will exclude risk of their selection by the malefactor). The generated password is stored by eToken and remains in it. Quantity of the sets "user name-the password" which are stored in memory of eToken, beyond all bounds.

Simple transition to authentication using digital certificates. At deployment of infrastructure of PKI there is an opportunity to use digital certificates for an input in Windows network and on the local computer. If in memory of eToken there is a certificate of the user with a smart card and the corresponding private key, they can be used for an input in the domain Windows instead of a user name and the password. Thus the smoothness of transition from password authentication to strict authentication using digital certificates is provided.

Automatic blocking of the workstation. At detachment of eToken from USB port there is an automatic blocking of the computer. For unblocking of the computer it is necessary to connect eToken and to enter a user password for eToken. Setup of a product according to requirements of security policy of the organization. The administrator can prohibit or permit the user password entry manually.

Setup of methods of authentication. The administrator can manage authentication methods:

  • what methods are resolved on this computer — use of profiles, application of certificates;
  • what method of authentication is used by default and whether the user can select independently a method in the presence from memory of eToken both profiles, and the certificate.

Advantages

Failure from input of passwords manually. Whatever method of registration was applied — use of the certificates or passwords stored in memory of eToken — at login the user never enters the password. It excludes risks of peeping of the password or its interception on the keyboard input.

Possibility of application of long and difficult passwords. As the user should not enter the password manually, the password can be longer and more difficult, than the user can remember.

Use of the generated accidental passwords unknown to the user. eToken Network Logon allows to generate passwords of the set length, to save them in memory of eToken and to substitute in storage of credentials in such a way that the user does not even know the password, and therefore cannot write and by that to compromise him.

Hardware authentication of users. For login the user should have eToken. It is more reliable, than input of passwords from the keyboard.

Two-factor authentication. eToken Network Logon allows not just to save details of the user in memory of eToken, but also to protect their user password eToken. When using this opportunity loss or theft of eToken will not lead to a password compromise.

Integration into a public key infrastructure. eToken Network Logon supports not only the systems in which passwords, but also safer and modern method of registration using smart cards are applied to authentication of users.

Simplicity and convenience to users. The authentication methods applied in eToken Network Logon it is more convenient for users, than standard methods.

Requirements to complexity of user passwords of eToken are not so high as requirements to complexity of passwords of Windows. Therefore at two-factor authentication it is simpler to enter a simple user password of eToken, than without like that to enter the difficult and long password.

The improved interface at registration using smart cards. If eToken of the user is connected to the computer, it is optional to disconnect it and to connect again. eToken Network Logon allows to click in that case CTRL+L, to enter a user password of eToken and to log in, without touching eToken.

Exclusive

eToken Network Logon is a universal product which can be used on the isolated computer, in the small working group, in simple or difficult domain infrastructure. In each eToken Network Logon environment provides the best in terms of security and convenience an authentication method.

eToken Network Logon can be integrated with eToken TMS (Token Management System), a management system for lifecycle of USB keys and smart cards. It will allow to manage certificates and profiles on a centralized basis.

The certified version

The certified version of eToken Network Logon can be used in ISPDN up to 1 class inclusive and for creation of automated systems to a class of security 1G inclusive.