Previous Articles >> Cyber crimes @ Web 2.0 Cybercrime: No scope for complacency

Friday, May 25, 2007

This appliance also lets you view the live connections in a network. You can view live connections either application wise, or user wise, or LAN IP Address wise.

Data transfer and bandwidth usage details of every connection can also be seen. The Cyberoam box also provides detailed reporting. By default, it creates seven reports, which include reports for web browsing, cache reports, mail usage, Internet usage and printer usage. But the benefit here is that you can generate reports based on the users. For instance you can actually create reports where you can see which person is visiting which website or sending how many mails per day. This makes user auditing a breeze.

Ilantus Password Management Portal
This product is a self service account unlock and password reset tool for Active Directory. With this software, any user can login to its main console, authenticate himself by answering a few questions and then reset the forgotten password. The benefits of the product include reduced help desk costs as there will be no tickets for reseting passwords and it also eliminates the possibility of errors by helpdesk. However, if an organization still wants to use helpdesk or if the user cannot reset the password for some reason, the software does have a helpdesk console through which helpdesk personnel can perform required tasks. It also has activity tracking and auditing features, and provides administrator with built-in auditing and activity tracking. The Password Management Portal provides the administrator a comprehensive and immediate notification of the password reset activity by the end users.

The software has three kinds of consoles: namely, a console for End users; an Administrator console; and a Helpdesk console. The end user can login and reset its password by answering a set of challenge questions correctly. Through administrator console, other than reseting a user's password, administrator can set password policies, Add challenge questions, view activity logs etc. Using the software is pretty straightforward. Users can also edit the answers to the challenge questions from the user's console. To use the software you will require a Windows 2003 Server Standard, Web or Enterprise Edition, Microsoft SQL Server 2000 or higher version, ASP.NET Framework 2.0 and IE6.

Identity 2.0 Resources on Web

http://pip.verisignlabs.com Personal identity provider. http://www.identityblog.com/?page_id=352/#lawsofiden_topic3 Laws of identity. http://vouchor.com A community of vouchers, who verify web user identities instead of government agencies. http://lid.netmesh.org/ LightWeight Identity - URL-based user-centric digital identity. http://sigly.com/ A standard method for legally collecting e-signatures online. http://numly.com Numly assigns electronic serial numbers for all digital things. http://www.trufina.com Online identity provider. http://www.rapleaf.com/ A ratings system for commerce. You can look people up before you buy or sell, and rate them afterwards. http://yadis.org/ Yet another decentralized identity interoperability system

RSA SSO
If you are coping with the problem of managing multiple logins in multiple applications in your enterprise then you require a Single Sign On manager to solve this problem. For instance, let's suppose that you have 10 different applications such as your corporate and personal e-mail accounts, the corporate Directory Service, your corporate Intranet, the ERP Solution, etc and none of them are integrated in terms of authentication. Then in that case you have to manually login to each and every application whenever you want to use or access them. And this is not all, you also have to manage the account for each of these applications-for instance you have to reset your passwords before they get expired or too old, and while reseting them you have to keep in mind the type of password policy the application has and then give the new password accordingly. And on top of it you have to remember all those passwords.

But with a Single Sign On manager such as the RSA SSO which we tested out in Labs, you can forget about managing multiple passwords. Now, all you have to do is to login with just one password to your workstation and RSA SSO will take care of the rest. It will automatically send the username and the password whenever you want to access any application.

Additionally, the software will automatically trap messages from the application which asks for password reset and will reset and save the password for you. The whole process of login, password reset, etc becomes completely transparent to the users.

With SSO you just have one password for all your applications, and this password becomes more than important for the user. Because if this password is stolen then all his applications become vulnerable. To solve this problem, RS SSO has support for two factor authentication with RSA Tokens. You can even go ahead and add biometric security with it. All these features make it pretty much secure and can help in making your organization Sarbanes-Oxley or HIPPA compliant without much effort. Because if you want to introduce SSO (which is a prime requirement for the HIPPA or Sarbanes-Oxley compliance) natively inside your DS then in that case you have to do a huge amount of modification in all your applications, so that they can become compliant with your DS and can read the users and policies directly from there.