Transcript SecurID Competitive Discussion

An Introduction to RSA SecurID
Agenda
•
•
•
•
•
Strong Authentication Overview
RSA Market Presence
RSA SecurID product family
Product Applications
RSA the company
Addressing Challenges Requires Key Capabilities
How do you
manage identities?
Who are you?
What can your
“identity” do?
How can you
protect data?
Authentication
& Credential
Management
Identity
Administration
Determining whether
someone or something
is, in fact, who or what
it is declared to be
Automating user life
cycle management and
administration, from
user creation and
modification to deletion
Access
Management
Enabling organizations
to carefully manage
access rights to
protected resources
Data Protection
Preserving the
confidentiality and
integrity of sensitive
data whether at rest
or in transit
Addressing Security Challenges
Identity & Access Management Solutions
How do you
manage identities?
Who are you?
What can your
“identity” do?
How can you
protect data?
Authentication
& Credential
Management
Identity
Administration
RSA SecurID
RSA Authentication
Manager
RSA Sign-On Manager
RSA Federated Identity
Manager
RSA Keon
Access
Management
RSA ClearTrust
RSA Reporting &
Compliance Manager
RSA Deployment
Manager
Xellerate Identity
Manager
Data Protection
RSA BSAFE
Why Focus on Authentication?
•
Authentication is the essential foundation
for trusted business process
— Establishes trust by proving identities
of the participants in a transaction
— “On the Internet, no one knows
you’re a dog”
NON-Repudiation!
Driving the Need for Strong Authentication
•
Expanding access
— Increasing numbers of mobile
workers and telecommuters
•
— Passwords provide weak security
— Multiple passwords are
unmanageable
— Extension of the enterprise
network to third parties
— Passwords are surprisingly
expensive
• Customers
• Partners
• “Willy Sutton effect”
— Increase in sensitive
information accessed remotely
The problem with passwords
•
Compliance laws
— 27 states require notification
— 10 million identity theft victims
— High levels of internal
compromise/theft
Source: RSAS, adapted from Frost & Sullivan
Two-Factor User Authentication
Most Common Example
+ PIN
Authentication Choices
Relative Strength
PASSWORD
+
Password
PIN
PIN
+
+
PIN
+
POLICY
Policy
+
Single factor
Weaker
Two factor
Three factor
Stronger
Market Presence
RSA Competitive Position
All
Others
RSA
2004
Source: IDC Worldwide Authentication Token 2005-2009 Forecast and
2004 Vendor Share: December 2005
11
Diverse Vertical Markets
Government
7%
Other
8%
Technology
25%
Services
9%
Healthcare
10%
Manufacturing
11%
Telecom
11%
 Added 2500+ New Customers in 2005
 21,000+ Customers Worldwide
Financial
19%
12
Advancing e-Business

Transforming e-security into a business enabler

Thousands of customers worldwide
— 89% of the Fortune 100
— 66% of the Fortune 500
— 88% of the world’s top 50 banks
Third Party Validation
Fact
• RSA SecurID has won more industry awards than any other
authentication solution.
Customer Benefit
• The best predictor of satisfaction is the
experience of other users.
RSA SecurID
Product Family
RSA SecurID Products
•
RSA SecurID Authenticators
— Hardware Tokens
— Software Tokens
— Smart Cards/USB Tokens
•
The 3 core components
of SID solution
RSA Authentication Manager
— The engine of RSA SecurID
•
RSA Authentication Agents RSA
— SecurID “security guards”
•
RSA Authentication Deployment Manager
— RSA SecurID credential deployment solution
•
RSA SecurID Select
— Co-branding service
RSA SecurID Authentication Solution
Calculates
passcode
Authentication
Agent
User enters
Passcode
(PIN + token code)
Authentication
Manager
User
Authenticated!
RSA SecurID
Time Synchronous Two-Factor Authentication
RSA
Authentication
Agent
RSA
Authentication
Manager
RAS,
VPN,
Web Server,
032848
WAP
etc.
Algorithm
Algorithm
Time
Seed
Time
Same Seed
Same Time
Seed
RSA SecurID
Time-Synchronous
Authentication Devices
RSA SecurID Authenticators
•
RSA SecurID Hardware Tokens
— Key fob
— Standard card
— PinPad
— Hybrid Token
•
RSA SecurID Software Tokens
— Windows PC
— Microsoft Windows Mobile
— Palm Handhelds
— BlackBerry Handhelds
— Wireless Phones
Store: Next Generation RSA SecurID Authenticator
Technologies
•
•
•
•
•
Phones
Toolbars
Flash Memory
Signing Token
Flexible Token
RSA Confidential – Dates and Features subject to change
RSA Authentication Manager
RSA Authentication Manager
Key System Components
•
A database
— Of users, tokens and client information
•
The authentication engine
— Performs the user authentication based on the credentials
supplied by the agent
•
An administration program
— System management: create & change settings, assigning tokens
& users, reporting, etc.
Feature Comparison
•
Base Edition
•
Enterprise Edition
R
P
•
•
•
1 Primary, 1 Replica
Only 1 Realm
Deployment Manager separate
purchase
•
•
•
•
R
P
1 Primary, up to 10 Replicas
Up to 6 Realms
High Availability support
Deployment Manager included
RSA Authentication Manager Base Edition
Highlights
• High performance
— Replication architecture results in high authentication performance
and savings in server costs
• Reduce Help Desk Costs
— Quick Admin Web-based administrator application handles 80% of
daily RSA SecurID tasks
• Reduced Administration Costs
— Centrally maintain user records in LDAP
— Synchronization between Authentication Manager database and
LDAP
RSA Authentication Manager Enterprise Edition
Highlights
•
Increase performance
— Support for up to 10 Replicas per realm
• 400% performance improvement
•
Meet business goals with network configuration flexibility
— Increase performance by locating Replicas and/or realms close to end user centers
• Reduce transcontinental network charges and traffic
•
Reduced Risk of Downtime
— Geographically distribute Replica servers
— Run software on High Availability hardware systems
• Reduce downtime (unexpected or planned)
• Avoid unexpected administrative costs
•
Deployment Manager included with license
RSA SecurID Appliance
Secure and Simple
RSA SecurID Appliance
The all-in-one solution
•
V1.0
— “Secure and Simple”
— Bundles of 10, 25, 50, 100, 150 & 250
users
•
3-yr SID700 Tokens
RSA SecurID
Appliance
V2.0 introduced in 2006
— “An Appliance to meet your needs”
Auth Mgr Base
License
• Same Bundles to 250U
• Ala Carte to 50,000 users
1YR HW Warranty
— Base or Enterprise License
— Supported Environments
• Appliance Primary / Replica
• Authentication Manager Primary /
Appliance Replica
Choose Maintenance Option
Standard or Extended
RSA SecurID Appliance
Key Features & Benefits
Features
Benefits
•
•
•
•
•
•
•
•
•
Purpose-Built Appliance
Hardened Windows® Server 2003
—
Embedded Application Firewall
—
Disabled Components & Services
—
Hardened TCP/Stack
—
Limited Group/User Sharing Options
—
Application Hardening
Authentication Manager v6.1 Full Feature
Set
Web Management Interface
—
Embedded Web Server (IIS 6.0) plus Authentication
Agent for Web 5.3
•
Supports 200+ RSA SecurID Ready
Partners
Lower TCO
Faster Implementation
Stronger Security
Full Functionality
Easy to Manage
Customer Value Proposition
Lower Total Cost of Ownership
•
•
Similar Equipment Acquisition Costs
Lower Configuration / Set-up Cost
— Lowers Risk of Mis-Configuration, etc
— Out-of-the-box Hardened OS and configured Application Firewall
•
Convenience -- Single Vendor Solution
— Lower cost of troubleshooting and ongoing service
•
Lower Management Cost
— Simple Web Admin GUI
RSA Authentication Agents
RSA Authentication Agents
•
Acts as “security guard” between RSA Authentication Manager,
the protected resource and the user
— Intercepts access requests and forces RSA SecurID authentication
•
•
•
Out-of-the-box interoperability with over 300 certified products
from over 200 vendors
RSA Authentication Agent SDK enables additional
interoperability for customer specific resources
RSA SecurID Ready program ensures consistent testing and
certification of all third-party RSA Authentication Agent
implementations
Providing strong authentication solutions which prove a
user’s identity before granting access to a resource
Users
Resources
PAM Agent
SID4Win
Admin
SecurID Ready
Web Agents
Remote
Employee
Employee
SID4Win
6.1 Server
Web Agents
OTPS
OS: Unix
OS: Linux
OS: Windows
Systems
Web
Fax
Phone
Dialup
VPN
Citrix
SSL-VPN
OWA
Web
Phone
Windows
Wireless
Web portal
Wired 802.1x
Users
Resources
Web Agents
Custom
Business
Partner
Web Agents
Custom
Individual
Consumer
Interoperable with over 300 solutions
•
•
•
•
Web applications and servers
•
Wireless
—
Oracle
—
Cisco
—
EMC Documentum
—
Microsoft
—
Sun Microsystems
—
Nokia
—
Apache
—
BEA
—
Aventail
—
IBM
—
Check Point Software
—
Microsoft
—
Cisco
—
Citrix
•
Provisioning
Perimeter defense (Firewalls, VPNs and Intrusion Detection)
—
Computer Associates
—
Juniper
—
IBM
—
Nortel
—
Thor Technologies
—
Nokia
—
BMC
—
Microsoft
—
Sun Microsystems
•
Email, workflow and office automation
Network and communications
—
Lucent
—
Cisco
—
Microsoft
—
Novell
—
Adobe
—
3COM
—
IBM
—
Funk Software
—
Cisco
—
Lucent
•
Remote Access
—
iPass
—
Citrix
—
Nortel
—
Symantec
Radius
Customer Benefit: Reduced time to market and lower deployment costs
RSA Authentication Deployment Manager
RSA Authentication Deployment Manager
Overview
•
•
•
Provides a self-service provisioning model that allows users to request,
deploy and activate hardware and software tokens, from a Web browser
Automates and dramatically speeds the rollout of RSA SecurID hardware and
software authenticators to end users
Provides user self-service functionality which can reduce operating costs,
particularly calls to the help desk
— Self-service PIN change
— Request a hardware token replacement
•
•
Scales to easily meet the needs of both small and large user deployments
Enables flexible integration with other RSA Security products or your existing
corporate resources
— Leverage existing data resources and investments
RSA Authentication Deployment Manager
ROI
Manual process
paper
request
form
Manager
faxes form
to IT
Manager
Signature
IT gathers
user info
Results:
User data
entered in
ACE/Server
IT assigns
SecurID
IT issues
SecurID to
user
RSA Auth Deployment Manager
End user
requests token
via ADM
Mail room
issues SecurID
User activates
token via ADM
• 7 steps
• Many delays
• Time to deploy:days
• Significant IT involvement
Results:
• 3 steps
• Time to deploy: < 1 Day
• NO IT involvement,
Authentication Manager
work handled automatically
by Web Express
Authentication Deployment Manager Features
Hardware token approval process
Web Server
User Request
1
5
Activation
Approval
4a Code
6
4b
3a
User
Distributor
2
Approval
3b
Activation
Manager
RSA Authentication
Manager
Features of Deployment Manager
End user self-service PIN change
Web Server
a
Authenticated user
sets up answers
1
User forgets
PIN,
answers questions
LDAP
APIs can enable check
of 3rd party datastore
2
4
User changes PIN
b
User
3
Help desk
RSA Authentication
Manager
Any User, Anywhere
•
•
•
•
Automation brings rapid deployment
Resource limitations are no longer a barrier to rollout of RSA
SecurID
Available 24x7
RSA Authentication Deployment Manager works for the base of
users and data that you want to protect
— Enterprise
— B2B
— B2C
— ASP
RSA Authentication
Deployment Manager
RSA SecurID Common Applications
RSA SecurID
Authentication in Action
VPN
Gateway
RSA Authentication
Manager
and
Appliance
RSA SecurID
Authentication in Action
VPN
Gateway
Web
Access
RSA Authentication
Manager
and
Appliance
Remote Access
Auth Agent for Web streamlines authentication to OWA
SecurID passcode
prompt replaces the
password
RSA SecurID
Authentication in Action
VPN
Gateway
Web
Access
Citrix
RSA Authentication
Manager
and
Appliance
Citrix – No Password Required!
RSA SecurID
Authentication in Action
VPN
Gateway
Web
Access
Citrix
RSA Authentication
Manager
and
Appliance
Wireless
WAP/802.11
RSA SecurID
Authentication in Action
VPN
Gateway
Web
Access
Citrix
RSA Authentication
Manager
and
Wireless
WAP/802.11
Appliance
OS/Network
Devices
Administrative
Access
RSA SecurID
Authentication in Action
VPN
Gateway
Web
Access
Citrix
RSA Authentication
Manager
and
Wireless
WAP/802.11
Appliance
OS/Network
Devices
Administrative
Access
Data Encryption and
Boot Protection
RSA SecurID
Authentication in Action
VPN
Gateway
Web
Access
Citrix
RSA Authentication
Manager
and
Wireless
WAP/802.11
Enterprise
SSO
Appliance
OS/Network
Devices
Administrative
Access
Data Encryption and
Boot Protection
RSA SecurID
Authentication in Action
VPN
Gateway
Web
Access
Web
SSO
Citrix
RSA Authentication
Manager
and
Wireless
WAP/802.11
Enterprise
SSO
Appliance
OS/Network
Devices
Administrative
Access
Data Encryption and
Boot Protection
RSA SecurID
Authentication in Action
Federated Identity
Management
VPN
Gateway
Web
Access
Web
SSO
Citrix
RSA Authentication
Manager
and
Wireless
Enterprise
SSO
Appliance
WAP/802.11
OS/Network
Devices
Administrative
Access
Data Encryption and
Boot Protection
RSA Security the Company
Facts
• Is a profitable, stable company with a 20+ year history
leading the authentication market.
• Has a worldwide “follow the sun” support organization
that is recognized as best in class by customers.
• Has an experienced professional services organization
to help with special requirements.
RSA Security the Company
Facts
• Has a worldwide network of experienced channel partners
prepared to deliver and support the RSA Security products.
• Is committed to industry standards and is leading the efforts
to define the one- time password specifications.
• Has a research arm—RSA Laboratories—that is recognized
as an industry thought leader in addressing current and
future security issues.
Customer Benefit
• Customers should feel comfortable knowing they are
dealing with an innovative company committed to their
success and satisfaction.
What RSA Security’s Customers Say—
from the recent The Info Pro survey
•“It’s solid. It just works. High assurance of proper authentication.”
•“Experienced, trusted.”
•“The number 1 vendor in providing authentication.”
•“Ubiquity makes support easy and reliable.”
•“The server stays up. It is scalable and has a great track record.”
•“Great for us. It is reliable and it works when it should.”
•“Very solid and dependable.”
•“Very impressed with RSA and their products. They are a great company and
I always get the answers I need. They’ve been fantastic.”
•“Their tech support is the model for a help desk and quality of support.
are the best I’ve ever seen.”
They
RSA Security—the obvious choice
• The strongest, most proven two-factor
authentication solution in the industry
• The most dependable, highest-quality
solution . . .
– that can be used for more
applications than any other
– while providing more choices
for tokens and server software
– from an innovative company,
dedicated to supporting its
customers.