Title: Entrust Secure Web Portal
1Secure Web Portal ltinsert AE/SE name heregt
2Agenda
- The Opportunity at Hand
- Entrust Secure Web Portal
- Entrust GetAccess
- Entrust TruePass
- Packages and Pricing
3The Opportunity at Hand Increasing the Value of
your Web Portal
4What is a Portal?
- A single doorway for employees,
customers/citizens and partners into an
organizations online services content
End User
Content
Portal
Services
Tx Requests
5A Portal is Comprised of . . .
Firewall
Firewall
Web Servers
Application Servers
Portal Management
Content Management
End User
DMZ
Intranet
Internet
6The Promise of Portals
Have you realized the full potential and the
associated ROI from your portal? If Not, Why?
7The Market Reality
Achieving higher portal ROI results from adding
more higher value services and transactions.
- Your customers, partners employees are
demanding it - Your competitors are doing it
8What is the Payoff?
Create stronger relationships Improve customer
acquisition retention Accelerate
processes Tighten integration with business
partners Improve employee effectiveness Gain
competitive advantage Improve brand
perception Offer new differentiated services
9How do you Add Value? . . . by Adding
Capabilities
Personalization Knowing who is accessing the
portal and providing them a customized experience
Application Integration Integrating disparate
back-end systems, services content
Personalization
Data
Binding Transactions Replacing paper-based
transactions with digital signatures that bind
all parties
Privacy Protecting transactions and user
information throughout their entire lifecycle
10Personalization
11Application Integration
Data
Content
Personalization
Portal
Services
End User
Tx Requests
Retail Banking
Mortgage/ Loans
Integrating more high value content and services
into the portal provides users with a better
experience
Travel Insurance
Brokerage
12Privacy
- High Value Transactions Need for Privacy
13Binding Transactions
- Most high-value transactions require a binding
record
14Entrust Secure Web Portal Enhanced Security
Enables Higher Value Return
15Building a High-value Portal
High Value Portal
Enhanced Internet Security
Web Portal
Enhanced security enables you to add personalized
access to more and higher value applications,
services and transactions
16Enhanced Internet Security
17Value of Enhanced Security
- Only enhanced security can provide users with the
same level of privacy and trust that they were
accustomed to in the paper world
18The Entrust Solution
Content
Personalization
Services
Secure Web Portal Solution
End User
Data
Tx Requests
Identification and Entitlements
Enhanced Identification, Privacy and Verification
Security Management
19Entrust Secure Web Portal
Portal ROI
20Entrust Secure Web Portal
Only Entrust Secure Web Portal provides the
comprehensive enhanced security needed to enable
a high-value web portal
- Builds the foundation for stronger relationships
with customers, partners, citizens and employees
through personalization - Extends portal ROI by adding access to more and
higher value/sensitivity applications, content
and services through enhanced security
21The Entrust Advantage
22Uniquely Positioned to Deliver Value
Entrust Secure Web Portal Advantages
- Comprehensive Enhanced Security
- Automated Security Management
- Flexible Deployment
- Proven Security
23Entrust Secure Web Portal
- Enable more higher value / sensitivity
applications online - Comprehensive enhanced security with multiple
entry points - Lower TCO through automated administration
- Automated management of digital IDs and security
policies lessens administrative burden - User self-enrollment and password resets
significantly cuts down calls to the help desk - Improve online experience with enhanced security
- Single-sign-on across multiple applications and
domains to strengthen relationships from any
computer anywhere - User experience is personalized yet security is
transparent
24Entrust Secure Web Portal
- Increase flexibility to grow as your portal and
security needs change - Investment is future-proofed - can start with a
single capability and easily integrate other
capabilities - Add security while maintaining performance
- Proven deployments servicing millions of users
- Accelerate time to market
- Multiple deployment choices, automated security
management, user self-enrollment and integration
with leading web portal technologies - Increase confidence
- Comprehensive secure architecture from an
industry leader
25In Summary
Accelerate Processes
Offer New Services
CreateCompetitive Advantage
Strengthen Relationships
High Value Portal
Improve Employee Effectiveness
Drive Down Costs
?Portal Value ?Portal ROI
26Entrust Secure Web Portal Comprehensive Enhanced
Security Services
27High Value Portals Identification
Entrust Secure Web Portal Identification
Capabilities
- Identification
- Key enabler for delivering personalized content
- Strengthens the one-to-one relationship and
provides incentive to the user to return to the
portal - Single Sign-On (SSO)
- Manage one user identity for all portal resources
- Deliver convenience to end user
- Lowers administration costs
- Flexible Authentication
- Leverage methods of varying strengths required to
meet the needs of a diverse user community
28Identification Features
Entrust Secure Web Portal Identification
Capabilities
- Single entry and access point for a user across
multiple applications and resources - Supports the broadest range of authentication
methods available today - LDAP (Passwords in external directories), Smart
Cards, Tokens, Certificates, Entrust TruePass
with multiple authentication methods - Open framework enables customers and partners to
plug-in support for new and emerging
authentication technologies, such as biometrics - Identification can be mapped to back-end
applications
29Identification
Entrust Secure Web Portal Identification
Capabilities
Web Servers Across multiple domains
App serversContent managementPortal management
End User
?
?
?
30High Value Portals Enhanced Identification
Entrust Secure Web Portal Enhanced
Identification Capabilities
- You cannot move higher value/sensitivity
applications online, unless you can identify
users with certainty - Enhanced identification is critical
- User name and password is not enough for valuable
or sensitive transactions - Multiple-method authentication from any computer
anywhere - Based on digital IDs available via roaming,
roaming with SMS messaging or voice (optional),
local storage, smart cards or tokens - Allows you to deliver more cost effective
authentication balancing strength of
identification with cost and deployment complexity
31Enhanced Identification Cost/Security Tradeoffs
Entrust Secure Web Portal Enhanced
Identification Capabilities
Highest
Value of Transaction
Confidence in Authentication
- Additional Factors
- Challenge Response
- Mobile Device3rd party tokens
Lowest
Cost of Deployment
Highest
Lowest
32Enhanced Identification
Entrust Secure Web Portal Enhanced
Identification Capabilities
Optional Strong Roaming access to digital ID
- Digital ID-based authentication
- Stronger than user name password
- Enables SSO to web resources
- Flexible authentication approaches
- Protection from malicious attacks
33High Value Portals Entitlements
Entrust Secure Web Portal Entitlements
Capabilities
- Entitlements
- Key enabler for delivering personalized content
- To deliver services of any value, sensitivity or
relationship impact you must ensure users access
only authorized resources - Provide appropriate level of access for each
individual, based on their relationship with the
organization - Lowers the cost, reduces development time and
removes the pain of securing applications
individually - Manages risk as more services and applications
are moved to the Web
34Entitlements Features
Entrust Secure Web Portal Entitlements
Capabilities
- Roles Based Access Control (RBAC)
- Proven model for simplifying and managing large
numbers of users and privileges - An organization defines roles based on the
varying levels of access that it needs - Roles are then mapped to appropriate users and
resources to deliver the appropriate entitlements
and access control - Rules
- The roles-based model is further refined by
allowing the customer to define rules based on
Boolean logic (e.g. A user can only access a
resource if he is a Supplier and Manager )
35Roles Based Access
Entrust Secure Web Portal Entitlements
Capabilities
36High Value Portals Privacy
Entrust Secure Web Portal Privacy Capabilities
- You cant integrate more and higher
value/sensitivity impact applications, if
information is at risk of being exposed - Privacy is critical
- Confidentiality and privacy protection through
encryption of data from browser to back-end - Benefits
- Protection against theft of user data from web
servers - SSL only protects from the browser to the Web
Server
37Enhanced Privacy
Entrust Secure Web Portal Privacy Capabilities
- Confidentiality and privacy protection through
encryption of data from browser to back-end - Protection against theft of customer data from
web servers - Global Impact
- Gramm-Leach-Bliley Act
- HIPPA (Healthcare)
- EU directive on data security privacy
38 High Value Portals Verification
Entrust Secure Web Portal Verification
Capabilities
- You cant integrate more and higher
value/sensitivity applications, if transactions
are not binding - Verification is critical
- Accountability through electronic proof of
transactions (verifiable) via digital signatures - Benefits
- Paperwork reduction since even complex
transactions can be signed online - Accelerate processes
- Reduce costs
39Enhanced Verification
Entrust Secure Web Portal Verification
Capabilities
- Accountability through electronic proof of
transactions (verifiable through digital
signatures) - Time stamped receipts of signature
- Entire context of document can be signed
40Customer Success
Entrust GetAccess Customer Success
Telia Happy customer for 3 years with 600,000
users
Washington Mutual 1.5 million users rolled out
in 6 weeks
Perot Systems Using GetAccess, Mobile Server
TruePass internally now a Perot bundle for
customers
Telefonica Using GetAccess Mobile Server to
secure B2C portal
41Customer Success
Entrust TruePass Customer Success
Illinois EPA Using Digital Signatures with
Accelio eForms for Verification
RBC Improving Customer Service by Delivering
Automated Transaction Processing Applications
Online
42Customer Success
Entrust Secure Web Portal Customer Success
43Summary
Entrust Secure Web Portal Summary
- Only Entrust Secure Web Portal provides the
enhanced security needed to enable a high value
web portal - Delivers enhanced security
- Identification, entitlements, verification,
privacy and security management - Powers personalization
- Enables moving more and higher value/sensitivity
applications online - Entrust Secure Web Portal advantages
- Comprehensive Enhanced Security
- Automated Security Management
- Flexible Deployment
- Proven Security
44Putting it All Together
Entrust Secure Web Portal Architecture
Firewall
Firewall
Web Servers
Application ServerPortal ManagementContent
Management
End User
Optional External Authorization Service
User ID / PW
Roaming Optional EAS
Portal Application Plug-ins
GetAccessRunTimes
Local Storage
TruePassRunTimes
Smart Cards Tokens
Digital ID
(DMZ)
(Intranet)
(Internet)
45Entrust GetAccess 4.6
46GetAccess Delivers Performance
Entrust GetAccess Advantages Performance
Performance
- Availability Automatic fail-over, system
monitoring, auto restart to ensure highest
availability - Throughput Proven performance for million of
users exceeds market reqts - Deployment Speed Automatic (self-serve)
registration and automatic entitlements
provisioning (via LDAP) lower deployment time and
cost - Corporate More cash than NETE RSAS
BALT140 active customers
47Availability
Entrust GetAccess Advantages Performance
48Availability
Entrust GetAccess Advantages Performance
Server Components
Web Serverwith Runtime
?
Multiple Active Servers
GetAccess connected to back-end
- Automatic No intervention needed
- Transparent No user/session data lost
- Immediate No downtime
- Standards Based Robust
- Dynamic No configuration needed on Web server
49Throughput
Entrust GetAccess Advantages Performance
50Architecture Based on Real World
Entrust GetAccess Advantages Performance
- Entrust GetAccess performance reflects its more
secure architecture - GetAccess performs identification and
entitlements assertion at login - At login, entitled resources are assigned to
eliminate the need for caching. - Slower than identification only login but
eliminates the need to test entitlements again on
subsequent accesses - SMS ensures that user updates are instantly
provided - Competitive architectures assess entitlements at
each access attempt - Slows every subsequent step after login
- Requires the use of the insecure caching
architecture
51GetAccess Delivers Performance
Entrust GetAccess Advantages Performance
Web Server with
End User
Server
52Competitor Performance
Entrust GetAccess Advantages Performance
Web Server with
End User
Server
?
53Improvement Release after Release
Entrust GetAccess Advantages Performance
- While continuing to ensure security, Entrust has
demonstrated increased performance in login rates
and authorizations release after release
400 Improvement
GetAccess 3.2
4.0
4.5
4.6
54Throughput
Entrust GetAccess Advantages Performance
- GetAccess can sustain 20 logins per second or 40
burst (med config)
55Registration Provisioning
Entrust GetAccess Advantages Performance
56Auto-Registration Provisioning
Entrust GetAccess Advantages Performance
Server Components
Web Serverwith Runtime
End User
57Auto-Registration Provisioning
Entrust GetAccess Advantages Performance
Server Components
Web Serverwith Runtime
End User
58GetAccess Delivers Flexibility
Entrust GetAccess Advantages Flexibility
Flexibility
- Interoperability Working with variety of web
infrastructure platforms plus proxy solution (for
server independence) allows us to sell into
almost any environment - Administration Delegation of specific functions
and/or specific user groups allows you to
leverage current business processes - Web and Non-Web App Support Support for non-web
app identification and entitlements allows you to
extend your portal efforts deeper for more
services - Wireless PDA, phone support allows you to reach
broader audiences
59Platform Support
Entrust GetAccess Advantages Flexibility
How?
- GetAccess supports all industry leading
infrastructure components including - Web Servers Operating Systems
- Databases Directories
- Authentication technologies
- GetAccess Proxy server addresses situations where
you need support for a Web platform we dont
currently offer
60Platform Support
Entrust GetAccess Advantages Flexibility
GetAccess 4.6
61Administration
Entrust GetAccess Advantages Flexibility
How?
- Absolutely no desktop software purely
browser-based - Allows granular delegated access based on Who
AND What - Allows definition of administrators such as
- Joe can only reset passwords, but for all users
- Charlie can only assign the HR role for users in
NY
62Administration
Entrust GetAccess Advantages Flexibility
Super User
New York
Santa Clara
Ottawa
63Multi-Domain Support
Entrust GetAccess Advantages Flexibility
How?
- GetAccess provides single-sign-on across multiple
Internet Domains - Only GetAccess provides Entitlements across
multiple Internet Domains - Only GetAccess provides Centralized Session
Management across multiple Internet Domains
64Multi-Domain Support
Entrust GetAccess Advantages Flexibility
65Interoperability
Entrust GetAccess Advantages Flexibility
How?
- Due to its adherence to open standards and
flexible architecture, GetAccess has demonstrated
interoperability with the broadest range of
third-party tools available in the market today - WebLogic Websphere Domino
- Documentum Broadvision Oracle
- ATG Dynamo Peoplesoft Epicentric
- Plumtree iPlanet App Svr Others
66Interoperability
Entrust GetAccess Advantages Flexibility
- Real World Examples
- IBM WebSphere - Hydro Quebec, McLane Co., One
Galaxy/Spanish Bay - BEA WebLogic Sprint, Vodafone, Yazaki
- Epicentric Large multi-national financial
institution - Plumtree Corporation Zimmer
- BroadVision - Agilent Technologies, KPN, Ricoh,
Telia - Vignette Egg, AutoDesk
- Peoplesoft - Partners Healthcare
- NetDynamics - 3Com, BYU
67Non-Web Integration
Entrust GetAccess Advantages Flexibility
How?
- With its CAAS API, GetAccess allows customers to
expand their Identification and Entitlements
umbrella to protect non-Web and legacy
applications - IVR Client/Server Mainframe
- Emerging technologies (Streaming Audio/Video,
etc.)
68Wireless Support
Entrust GetAccess Advantages Flexibility
How?
- The GetAccess Mobile Server allows users to
access online resources using non-traditional
devices such as PDAs and mobile phones
69Wireless Support
Entrust GetAccess Advantages Flexibility
Server Components
Web Server with
End User
Standard GetAccessarchitecture
Snap-in Mobile Server
Mobile Server
70Customization
Entrust GetAccess Advantages Flexibility
How?
- GetAccess has a robust set of toolkits to allow
you to integrate your applications as tightly as
they need - Only GetAccess provides events (hooks) that
allows you to modify the behavior of the system
at critical junctures (logins, logouts,
revocation, user creation, etc.) - Support provided in Java and C
71Easy Migration to Entrust TruePass
Entrust GetAccess Advantages Flexibility
How?
- Remove the barriers to adding higher value or
sensitive applications and transactions that
require enhanced security
72GetAccess Delivers without Sacrificing Security
Entrust GetAccess Advantages Security
Security
- Entrust GetAccesss security capabilities have
been designed from the ground up with the product
not added as patches or after thoughts. This
means that Entrust has not had to sacrifice
performance or flexibility to deliver security. - Non-Caching Architecture GetAccess does not
cache user information in the DMZ where it is
vulnerable to attack for use in hacks such as
identity theft - Centralized Session Management GetAccess
ensures the integrity of each user session to
protect against unauthorized access - Growth to Entrust TruePass Application security
can be seamless increased through the addition of
Entrust TruePass
73No Caching
Entrust GetAccess Advantages Security
- What is caching?
- Components remember things for which they have
made earlier requests to databases, directories,
or back-end systems - The next time a request for that same piece of
information is needed, the software has the
information available and does not need to make a
database dip, LDAP query, etc. - While caching can certainly deliver performance
boosts, it can also lead to serious security
flaws in a systems architecture - This is largely dependent on the nature of the
data being cached and the location of the cache
74Caching Architectures
Entrust GetAccess Advantages Security
- Other vendors use a caching implementation that
is severely flawed - For example, one vendor caches the users
password and privileges - Caching any user privilege information, passwords
in particular, is a significant security risk - It can allow unauthorized or even deleted users
to log in and access resources - Information is cached at their web agent
- This means that the most sensitive data about the
user (password and privilege information) is
available in the DMZ, typically considered the
single most vulnerable part of the corporate
network
75No Caching
Entrust GetAccess Advantages Security
- GetAccess does not cache any user information
whatsoever - In spite of not using a cache, GetAccess can
deliver the performance needed to support portal
deployments of multi-million users - Real-world feedback When other vendors flush
the cache, the system slows to a crawl, to the
point of being unusable
76Other Products With Caching
Entrust GetAccess Advantages Security
Policy Server
Web Agent
Repository
End User
User IDPrivileges
User authentication
77GetAccess Delivers Security No Caching
Entrust GetAccess Advantages Security
Server Components
Web Server with
Repository
User ID PasswordsPrivileges
Privilegesissued as encrypted cookies
End User
User authentication to GetAccess
78Centralized Session Management
Entrust GetAccess Advantages Security
- What is Centralized Session Management?
- Maintaining a centralized session table that
shows all users that have logged in and are
actively using the system at the current time - Provides a single enforcement point for all
session management (timeouts, revocation checks,
etc.) decisions - Enables support for session specific keys
79Centralized Session Management
Entrust GetAccess Advantages Security
- Other vendors provide no Centralized Session
Management - They have no way of knowing who is using the
system at any point in time - No centralized choke point for enforcement of
security policy - Lack of this key architectural component forces
them to use the same key to encrypt credentials
(cookies) for each user - If any users cookies are compromised, the hacker
can then forge credentials for any other user
80Other Products Without Session Management
Entrust GetAccess Advantages Security
Policy Server
Web Agent
End User
81Centralized Session Management
Entrust GetAccess Advantages Security
- GetAccess provides this critical security
capability - The GetAccess Session Management Service (SMS) is
the centralized location for all GetAccess
session control activity - Delivers idle and session timeout and real-time
revocation capability - Since the SMS can serve as a clearing-house for
session-specific keys, GetAccess can encrypt each
users credentials with a randomly generated key
that is unique to each session
82Centralized Session Management
Entrust GetAccess Advantages Security
Web Server with
Web Server with
End User
83True Multi-Domain Support
Entrust GetAccess Advantages Security
- Multi-Domain Support
- Most Global 2000 companies have multiple Internet
domains (e.g. Entrust.com and Entrust.net) for
which they need to provide secure access - At the very least, companies need to deliver SSO
across these domains - In order to provide true business value,
companies need to be able to provide the full
range of security services (SSO, Entitlements,
Centralized Session Management, Delegated
Administration, etc.) for multiple Internet
domains
84True Multi-Domain Support
Entrust GetAccess Advantages Security
- Other vendors provide only rudimentary
multi-Domain support - Users can be identified to the secondary domains
- They cannot be entitled
- Their sessions cannot be managed
- They cannot be revoked
- This does not deliver much value
85Other Products Multi-Domain without Session
Management
Entrust GetAccess Advantages Security
Policy Store
Web Agent
End User
Domain1.com
86True Multi-Domain Support
Entrust GetAccess Advantages Security
- GetAccess delivers true multi-Domain support
- Resources in secondary domains are protected and
managed just as securely and effectively as those
in the primary domain - All the benefits of Centralized Session
Management are leveraged across all Internet
domains - Only GetAccess provides single sign off across
all domains
87True Multi-Domain Support
Entrust GetAccess Advantages Security
Web Server with
Server Components
End User
Domain1.com
88Entrust GetAccess 4.6 Feature Additions
Entrust GetAccess Advantages New Features
- Performance
- Performance Improvements- Configurable Login
Monitoring- LDAP performance parity - Ease of Administration
- Enhanced monitoring tools - Resource access
logging
- Flexibility
- Expanded platform (W2K)
- Expanded directory support (eDirectory)
- Firewall Friendly No UDP between front and
back-end components - Proxy Server for web server independence
89Entrust GetAccess The Road Ahead
Entrust GetAccess Advantages Roadmap
Under NDA Only
90Entrust TruePass 6.0
91Whats New In Entrust TruePass 6.0
Entrust TruePass Advantages Whats New
- Multiple authentication methods
- Entrust Roaming Profiles
- Entrust Desktop Profiles
- Digital IDs stored on the desktop in the Windows
digital ID store - Digital IDs stored on smart cards
- Multi-domain SSO
- Server-side password policy enforcement
- Client side key generation
- Easier deployment with J2EE support
- Interoperability with non-Entrust CA
- Expanded platform support
- Sun Solaris 8, Microsoft Windows 2000 Advanced
Server , BEA WebLogic Server 6.1 SP2, IBM
WebSphere Advanced and Single Server Advanced
Editions 4.0.1, Macromedia JRun 3.1 Professional,
Active Directory - Improved documentation
- Reverse proxy support
- Latin 1 characters are now supported in usernames
and passwords
92TruePass Roadmap
6.0 (April 02)
Code Name Shogun Release
- Client side key generation
- Client-side key storage
- Smart card support
- Multi-domain single signon
- FIPS 140-1 validation
- Hierarchical CA support
- Solaris 8 (2.8), W2K Advanced Server
- BEA WebLogic 6.1, IBM WebSphere 4.0, JRun Pro 3.1
- Enhanced documentation
- Web Proxy Support
- File sign and upload
- Enhanced client-side application integration
- Separate signing/identification keys
- Easier server-side integration
- Enhanced integration with Entrust GetAccess
- 3 Key pair model for separate signing and
authentication keys
Under NDA Only
Date release features subject to change
93Entrust TruePass Advantages
Entrust TruePass Advantages Comprehensive
Enhanced Security
Comprehensive Enhanced Security
- Enhanced Identification
- Identify users with certainty using strong forms
of authentication - Flexible strong authentication
- Privacy
- Protect information while in transit and in
storage through end-to-end encryption - Verification
- Provide a permanent record of the transaction
through digital signatures
94Multi-Factor Identification Choice
Entrust TruePass Advantages Comprehensive
Enhanced Security
Firewall
Firewall
Application ServerPortal ManagementContent
Management
End User
Web Servers
Roaming Server
Roaming
Roaming External Authorization
Local Storage
Smart Cards Tokens
95Multiple Methods of Strong Identification
Entrust TruePass Advantages Comprehensive
Enhanced Security
Roaming Server
- Supports multiple methods of strong
identification - Roaming
- Roaming with SMS messaging or Voice
- Local PC storage
- Smart cards and tokens
- Benefits
- Flexibility to balance strength of identification
with cost and deployment complexity - Deliver strong identification from any computer
from anywhere
End User
Roaming
Roaming External Authorization
Local Storage
Smart Cards Tokens
96Users Demand Mobility
Entrust TruePass Advantages Comprehensive
Enhanced Security
- Mobile single sign-on using digital certificates
- Any computer, anywhere!
- broad platform support
- Extensible authentication features ensure
security - Secure storage and download of digital ID
97 2nd Factor Authentication
Entrust TruePass Advantages Comprehensive
Enhanced Security
- 2-factor with phones/pagers
- SMS messages
- Voice messages
- One-time password issued out-of-band
98Flexible Authentication
Entrust TruePass Advantages Comprehensive
Enhanced Security
- Prompt for additional dynamically-verified
information (1 or more fields)
99Enhanced Identification
Entrust TruePass Advantages Comprehensive
Enhanced Security
- Multiple methods of strong authentication
- Password policies enforced at registration time
- Password policies can be customized
- Password never stored at the server
- Password never passed over the network
- Protected from brute force attacks through the
Roaming Server - Option for client-side key generation
100Verifiable Transactions
Entrust TruePass Advantages Comprehensive
Enhanced Security
- Signature covers data and formatting
- Entrust TruePass ensures confirmation is not
altered before signature - Signature can be kept for dispute resolution
- Digital receipt can be provided through built in
signature verification service or via partners
101End-to-End Encryption
Entrust TruePass Advantages Comprehensive
Enhanced Security
- Persistent encryption of forms
- Protect data past the web server
- Only the target server can decrypt!
102End-to-End Encryption
Entrust TruePass Advantages Comprehensive
Enhanced Security
103Entrust TruePass Advantages
Entrust TruePass Advantages Automated Security
Management
Automated Security Management
- Automated security management of users, policies
and digital IDs - Reduces administration costs
- Minimizes help desk calls
- Transparent user security
- Ease of use
104Security Management
Entrust TruePass Advantages Automated Security
Management
- Enhanced Security Management
- Entrust TruePass certificates renew automatically
without user or administrative involvement - Users simply continue to operate in the same way
they always have (no confusing dialogs!) - User Self-enrollment
- Provides scalability, ease of use, and low-cost
ongoing management
105Transparent User Security
Entrust TruePass Advantages Automated Security
Management
- No user software installation
- No dialog boxes for roaming
- Security is transparent
- Integrated into sites existing look and feel
- User self-enrollment
- User password resets
106Ease of Use
Entrust TruePass Advantages Automated Security
Management
Trust Dialogs can be confusing- hard to use -
costly to organizations
No trust dialogs with Entrust TruePass
No trust dialogs with Entrust TruePass for
roaming users
107Ease of Use Summary
Entrust TruePass Advantages Automated Security
Management
108Entrust TruePass Advantages
Entrust TruePass Advantages Flexible Deployment
Flexible Deployment
- Extensible offering
- Future proof your investment by starting with a
single capability and grow as needed - Low cost entry point
- Single entry point needed
- Scale to the largest deployments
- Availability and scalability to match the needs
of the largest deployments - Fast to deploy
- Accelerate time to market with rapid deployment
features
109Availability
Entrust TruePass Advantages Flexible Deployment
- High availability configuration for mission
critical applications - Multiple options for achieving high availability
- Multi-tier architectures
- Horizontal Scaling
- Vertical Scaling
- Fail-over configurations for key components
110Rapid, Low-Cost Deployment
Entrust TruePass Advantages Flexible Deployment
- No client software to deploy
- No software update issues
- new client software automatically downloaded by
browsers - Quickly integrates into existing Web site
- No changes to Web site look and feel
111Self Service Registration Recovery
Entrust TruePass Advantages Flexible Deployment
- Self-service 24x7 convenience
- Supports automatic migration from existing
usernames passwords - Support additional information requirements for
registration - Eliminates expensive password resets
112Ease of Deployment Summary
Entrust TruePass Advantages Flexible Deployment
113Entrust TruePass Advantages
Entrust TruePass Advantages Proven Security
Proven Security
- Secure product architecture
- Centralized enrollment policy control, cross
certification, enforced strong password policies,
and support for multiple authentication methods
provide a trusted and secure environment - Proven security from a market leader in Internet
security - Entrust pioneered the Internet security
marketplace in 1994 and Entrust invented the
technology that is embedded in much of basic
Internet security worldwide
114Increased Trust Summary
Entrust TruePass Advantages Proven Security
115Government Certified
Entrust TruePass Advantages Proven Security
- TruePass is FIPS 140-1 certified (Release 5.2 and
on) - First Java applet to be certified
- Overall system certification
116Platform Support
Entrust TruePass Technical
117Platform Support
Entrust TruePass Technical
118Entrust TruePass Architecture
Entrust TruePass Technical
Firewall
Firewall
Web Servers
Application ServerPortal ManagementContent
Management
End User
Roaming Optional EAS
Portal Application Plug-ins
Local Storage
TruePassRuntimes
Smart Cards Tokens
Digital ID
(DMZ)
(Intranet)
(Internet)
119Entrust Packages Pricing
120Pilot Package Summary
Entrust Secure Web Portal Service Offering
- Pilot Systems
- Customers seeking a proof of concept - 100 users
- Uses standard deployment architectures that
support low user volumes - Package is designed to educate customer in the
operation, integration and deployment of Entrust
solutions - Customer can purchase optional components such
as - Roaming
- Self Admin Server
- Pilot Systems
- All packages include
- Architecture review customers infrastructure
and requirements and ensure a fit to the standard
pilot configuration - Systems Integration installation, configuration,
and testing of implementation - Knowledge Transfer educating the customer on the
configuration, basic operation and deployment of
the solution - Deployment Consulting guiding the engagement,
deployment assistance and guiding the customer
towards future deployment - Support Silver support and maintenance
121Production Package Summary
Entrust Secure Web Portal Service Offering
- Production Systems
- All packages include
- Everything in a pilot plus additional services
and knowledge transfer to support - Deployment Ready production architectures and
configurations such as external access - For Self Admin customers integration with
directory or database - Reduced costs on implementing a pilot lab
environment - Participation in the Certificate Administrator
Product Bundling Program
- Production Systems
- Customers looking to deploy to between 1,000 and
10,000 users - Uses standard deployment architectures that
address security requirements for internal vs.
external access - Package is designed to educate customer in the
operation, integration and deployment of Entrust
solutions - Customer can purchase optional components such
as - Roaming, Self Admin Server, PKI Lab Installation
- Shadow Directory, Policy Consulting
122Commercial Pricing for Pilot Systems
Entrust Secure Web Portal Service Offering
123Commercial Pricing for Production Systems
Entrust Secure Web Portal Service Offering