JaCarta SecurLogon

JaCarta SecurLogon is a system for the organization of secure access to the computer and in domain network, without the need for the Active Directory setup and/or implementation of Microsoft CA.

JaCarta SecurLogon is focused on preparation of the company for soft junction on PKI infrastructure using certificates. Use of software will help with solution of the problem of "weak" passwords of users, regularity of their change on computers of employees and will raise the security level by means of implementation of mechanisms of two-factor authentication.

JaCarta SecurLogon helps to raise the security level at an input on the local computer and in corporate network running Windows OS due to transition from authorization by the login and the password to the procedure of two-factor authentication on the basis of a token. Functioning of JaCarta SecurLogon does not require purchases of the server hardware for deployment of the Active Directory and own Certification center for release of certificates of users. Instead of certificates of JaCarta SecurLogon generates difficult passwords (to 63 characters) which register in a token. The solution helps to automate accomplishment by users of requirements and regulations of cybersecurity in the company.

Features of JaCarta SecurLogon

• The organization of two-factor authentication without Active Directory and/or Microsoft CA
  • JaCarta SecurLogon is the ideal solution to go to more reliable methods of authentication without the need for the Active Directory setup and deployment of PKI infrastructure.

• Impossibility of password guessing
  • JaCarta SecurLogon allows to generate on a token accidental passwords, long, difficult and steady against cracking and search, for access to the computer or network. At the same time such passwords are unknown and are not visible to users. On selection of the difficult password at 30-63 of characters (the password contains letters of upper and lower registers, digits, special characters) at the malefactor years will leave. And in case of installation in security policies of function of automatic change of the password on a token, for example, once a day - the problem of password guessing becomes impracticable at all. The generated password registers in an USB token or the user's smart card while he needs only to remember the idle time and a short ^[1].

• This difficult password is not known to the user
  • JaCarta SecurLogon allows to generate passwords of the set length, to save them in memory of a smart card or USB token and to substitute in storage of credentials in such a way that the user does not know the password, and therefore cannot write it and compromise.

• End user performance
  • the User does not need to remember difficult passwords. Besides, he has an opportunity to apply an input on a fingerprint instead of password entry.

Basic functions and possibilities of JaCarta SecurLogon

• Two-factor authentication of users on local (not connected to network) the computer and in the domain Windows using tokens and smart cards of JaCarta and eToken

For an input in OS Microsoft Windows and corporate network the user needs to have surely a token or a smart card of JaCarta or eToken. It is more reliable, than an input by the login and the password.

• Possibility of blocking of the computer at time absence

At time absence of the employee in JaCarta SecurLogon workplace also allows to minimize risk of unauthorized access to the computer or its uses by the unfair third parties. As soon as the user disconnects an USB token or a smart card from the computer, the computer will be automatically blocked.

• Possibility of use of unique biometric characteristics (fingerprint) for an input in OS Microsoft Windows, the domain or for access to network information resources.

• The simplified installation and support

Though JaCarta SecurLogon also represents a separate product, in reality it is expansion of functionality of the free Uniform Client of JaCarta. JaCarta SecurLogon becomes available after the license for this software solution is purchased and set.

• Possibility of use of digital certificates

At deployment of infrastructure of PKI the possibility of use of digital certificates for an input in the domain and on the local computer appears. If in memory of a token there is a certificate of the user and the corresponding private key, they can be used for an input in the domain Windows instead of a user name and the password. Thus, soft junction from password authentication to strict authentication using digital certificates is provided.

JaCarta SecurLogon supports the JaCarta and eToken models:

• JaCarta PKI;
• JaCarta PKI/Flash;
• JaCarta of GOST;
• JaCarta GOST/Flash;
• JaCarta PKI/GOST;
• JaCarta PKI/GOST/Flash;
• JaCarta PKI/BIO;
• JaCarta LT;
• eToken PRO (Java);
• eToken NG-Flash;
• eToken NG-OTP.

2020: Compatibility with Red OS

Within technology partnership of the company "RED SOFTWARE" and "Aladdin R.D." held testing for compatibility of the products. Developers confirmed correctness of a software package JaCarta Management System (JMS), the PC JaCarta of version 1.5 and the SecurLogon PC serving for protection confidential information, turning on personal data in commercial structures, bodies government and at industrial the enterprises, with the operating system RED OS (production of RED SOFT). Results of tests are reflected in the bilateral certificate of compatibility. On June 17, 2020 Red Soft reported about it. In more detail here.

2017: Inspection control in FSTEC of Russia

On December 18, 2017 the Aladdin R.D. company announced that the hardware and software system (HSS) JaCarta SecurLogon underwent inspection control in FSTEC of Russia.

The main changes in a HSS of JaCarta SecurLogon became inclusion in its structure of the certified digital signature facilities JaCarta of-2 GOST, JaCarta PRO devices which can be used in infrastructure for eToken PRO (Java) and also an opportunity for work with operating Microsoft Windows system 10.

FSTEC of Russia (2017)

The FSTEC certificate of Russia No. 3575 certifies that the HSS of JaCarta SecurLogon is the program technical tool of protection against unauthorized access to information which is not containing the data which are the state secret, implementing authentication functions and conforms to requirements for the 4th level of absence control of not declared opportunities and requirements of Specifications. It allows to use JaCarta SecurLogon HSS in personal data information systems to 1 level of security inclusive, the state information systems up to 1 class of security inclusive, and during creation of automated information systems to a class of security 1G inclusive.

2016

JaCarta SecurLogon is included in the Unified register of domestic software

The Aladdin R.D. company, the Russian developer and solution provider for information security support, announced in November registration of the product JaCarta SecurLogon in the Unified register of the Russian programs for electronic computers and databases at number 2129 (Ministry of Telecom and Mass Communications of the Russian Federation). In the presence of the domestic solution, the structures financed from the state and municipal budgets cannot purchase import software in the presence of domestic analogs.

The FSTEC certificate of Russia on JaCarta SecurLogon

The FSTEC certificate of Russia No. 3575 certifies that the hardware and software system JaCarta SecurLogon developed and made by Aladdin R.D. Ltd is the program technical tool of protection against unauthorized access to information which is not containing the data which are the state secret, implementing authentication functions protection against unauthorized access to information conforms to requirements of the regulating document ". Part 1. Information security software. Classification by the level of absence control of not declared opportunities" (State Technical Commission of Russia, 1999) – on the 4th level of control of specifications at accomplishment of the application conditions given in the passport.

The certificate issued on the basis of results of the certification tests which are carried out by testing laboratory Eshelon Scientific and Production Association Ltd is valid till June 3, 2019.