1 / 34

SAFLINK Corporation Biometrics for Citrix Users

SAFLINK Corporation Biometrics for Citrix Users. July 23, 2003. Meeting Agenda. Introduce SAFLINK Overview of SAFLINK solution Product demonstration Where to go for help Distribution of demo kits  Installation overview Q & A. SAFLINK Company Background.

gpace
Download Presentation

SAFLINK Corporation Biometrics for Citrix Users

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SAFLINK Corporation Biometrics for Citrix Users July 23, 2003

  2. Meeting Agenda • Introduce SAFLINK • Overview of SAFLINK solution • Product demonstration • Where to go for help • Distribution of demo kits  • Installation overview • Q & A

  3. SAFLINK Company Background • Multi-biometric “middleware” ISV • Founded in 1991 - 12 years experience developing biometric security solutions • Headquartered in Bellevue, Washington • Public company – NASDAQ: SFLK • A leader in development and adoption of open systems biometric standards • BioAPI, HA-API, ANSI/INCITS 358, ISO • Citrix CBA Premiere Partner

  4. The access challenge

  5. Reasons to Choose Biometrics • Links an authentication event to a real person • Can’t be lost, stolen or borrowed • Enhances network and workstation security by replacing vulnerable passwords • Convenient - nothing to carry or remember • Accurate - positive authentication • Protects personal privacy • Provides positive audit trail with non-repudiation of events • Reduces helpdesk support costs • Helps achieve compliance with government privacy and auditing regulations • Complements a single sign-on deployment

  6. Business Approach • We deliver a complete solution - including biometric hardware through our partnership with leading technology vendors • Technologies we deliver include: Fingerprint, iris, voice, face, smart cards, RF & proximity sensors • We deliver our products through channel partners and our direct sales organization • We also provide on-going customer support and customized system integration services • Our solutions are based on recognized biometric industry interoperability and file format standards

  7. Importance of Biometric Standards • Leverages infrastructure software investment • Protects against technology obsolescence • Permits deployment of multiple technologies • Two key standards are rapidly gaining acceptance • ANSI/INCITS 358-2002 BioAPI • Biometric Device Interoperability Standard • On track for balloting under ISO in 2004 • Common Biometric Exchange File Format (CBEFF) • Defines standard for exchanging biometric data

  8. AuthenTec BIO-key DreamMIRH Identix Iridian Lifeview Oki Electric Panasonic Precise Biometrics RFIDeas SCM Micro Scansoft SecuGen Silex Startek STMicroelectronics Targus Veridicom Zvetco Technology Partners

  9. Examples of Biometric Devices

  10. SAFLINK Product Strategy • Highly scalable, enterprise-class packaged products • Strong object oriented architecture supports fast development • Leverages existing infrastructures with “bolt-on” components approach; tightly integrated • Feature set designed to address key deployment and management issues of large enterprise • Reduces management cost by leveraging platform-provided management tools

  11. Key features of SAFLINK Products • Choice of biometric technologies • Support for multi-factor authentication • Compliance with industry standards • Choice of deployment approaches • Support for disconnected and remote access • Comprehensive policy management and auditing • Leverages existing IT infrastructure • Scalable, reliable, and easily managed • End-to-end security features • Integration with leading third party single sign-on (SSO) solutions

  12. Packaged Solutions • SAFsolution - Microsoft Windows and Active Directory • SAFmodule - Novell Modular Authentication Servicetm (NMAS) and eDirectory • SAFaccess - Computer Associates eTrust SSO • SAFremote Authenticator - Citrix, Terminal Services and XP Remote Desktop

  13. Examples of SAFLINK Customers • City of Stockholm School District • Eli Lilly • Fidelity Investments • Freddie Mac • St. Vincent Hospital • U.S. House of Representatives • U.S. Department of Defense

  14. Demonstration

  15. What about …? • Support for Password Manager? • Citrix is currently testing the combination of SAFLINK and Password Manager in Ft. Lauderdale; preliminary tests indicate no major issues • SAFLINK will participate in the beta program when available • Support for thin clients? • XPe based terminals can be supported on a one-off basis • Other terminal support not available at this time

  16. How do I …? • Order SAFLINK software and biometric hardware? • Resellers order through the channel • Alternative Technologies distributes SAFLINK software and various biometric devices to Citrix resellers in N. America • SAFLINK also has a regionally-based direct sales force • Obtain technical support? • support@saflink.com • 800-762-9595 or 425-278-1111 • Hours: 6:00 a.m. – 6:00 p.m. PST

  17. How do I …? • Locate a SAFLINK sales rep, order additional product for internal use, ask a business question, etc.? • Colleen Madigan: cmadigan@saflink.com or (810) 220-8196 • Obtain brochures, white papers and other marketing collateral? • Marketing materials on the “Company and Product Overview” CD in your demo kit • Downloadable .pdf brochures at the SAFLINK website: www.saflink.com

  18. SAFLINK Demo Kit • Hardware and software: • SAFsolution 1.1: for Windows Active Directory • SAFremote Authenticator: supports Secure Access Manager and Presentation Manager • “fat client” support only • Biometric device • PCMCIA card (if you have an available slot not compromised by an adjoining wireless card), http://download.saflink.com/authentec.zip (2.4MB) OR • Standalone USB sensor

  19. Installation Overview • “Getting Started” • Tips and tricks

  20. Questions?

  21. SAFsolution Enterprise Edition for Windows and Active Directory (Supplemental Slides)

  22. Flexible Architecture • Supports mixture of biometric devices • Biometric credentials encrypted and stored in Active Directory • Supports roaming users and profiles • Integrated with third party single sign-on products • Secure, scalable, & fast • Simple to deploy, administer, and upgrade • Leverages Active Directory infrastructure

  23. Architecture Overview • Includes client and server components • MMC Snap-ins for administrative console • Integrated with Active Directory Group Policies for policy management • Integrated with Active Directory Event Viewer for auditing • COM+ server and ADS schema for scalability • High availability configuration options • Supports ANSI/INCITS 358 BioAPI standard

  24. User-Friendly Features • Includes biometric practice utility • Supports disconnected logon • Caches biometric credentials on local drive • Screensaver/workstation lock • Self-enrollment feature • User Authority Delegation • Fast Logon • No userID required

  25. Login • User is prompted for biometric identifier — no more password • Automatically selects appropriate biometric hardware device • Can be configured with password back-up

  26. Fast Login • Provides maximum user convenience: just present your biometric and you’re in • The user never sees a User ID prompt or has to type in a password • The biometric is matched against a limited list of most recent users of this workstation to identify the person logging in • Supports multiple users sharing one workstation • Password backup is optional

  27. User Authority Delegation • User Authority Delegation puts control of account sharing in the hands of the administrator • Logging in as a delegate is as simple as putting in the other user’s ID, then presenting your biometric • You are logged in as the other user, but your actions as a delegate are recorded

  28. Biometric Practice Utility • A self-paced practice tutorial to familiarize the user with biometric enrollment and verification • Allows the user to practice with the technology and get comfortable with it before performing self enrollment • User can commit to converting his/her account to a biometric logon at any time • Low pressure, high convenience feature

  29. User Self Enrollment • Gives the user the ability to enroll their biometric at their own pace subject to administrator policy settings • Provides a flexible option for large scale enterprise deployments • Easy user experience

  30. Workstation Unlock & Screen Saver • Integration with Windows NT/2000/XP Pro Workstation Lock and password protected screen savers • Login is identical to initial login following system boot or user log off

  31. Administrative Functionality • Central management of biometric policies through MS Management Console (MMC) • Biometric matching at server or client • Full audit reporting of biometric events • Configurable: only logs selected events • Changes to auditing policy are logged • Full support for Active Directory deployments • Extensive security features • Central application deployment

  32. Policy Management • Enable/disable Disconnected login • Enable/disable administrator assisted login • Allow/disallow biometric devices for particular users or groups • Disable SAFsolution for logon (to assist in rollout to groups of users) • Enable/disable/force self-enroll • Allow/disallow passwords as backup when device fails or on verification failure • Enable/configure/disable Fast Login

  33. Policy Management (cont.) • Respond automatically to Windows change password requests • Disable accounts upon a configurable number of biometric verification failures • SAFsolution implements policies in the list of standard Group Policies edited in the Group Policy page of MMC • Group Policies can be applied to any object • Users, computers, groups, etc. • Group Policies do not apply to Windows 98/Me computers.

  34. Remote Access • Citrix Secure Access Manager and Presentation Manager • Windows Terminal Services • XP Remote Desktop

More Related