Questdefenderdatasheetfinal 1


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Questdefenderdatasheetfinal 1

  1. 1. Protects Your Perimeter with Two-factor AuthenticationToday, compliance and security demands are moving organizations to levels of securitybeyond the traditional username and password. Two-factor authentication — combining“something you have”, for example a token, with the “something you know”of usernamesand passwords — has quickly moved to the forefront of most organizations’securityand compliance initiatives.Traditionally two-factor authentication solutions have been costly to deploy and based onproprietary interfaces and directories. However, Quest Defender is entirely standards-based(OATH, RADIUS, LDAP, PAM, etc.), and utilizes the security and scalability of Active Directoryfor administration and identity management. This also enables customers to utilize existingpersonnel and skill sets to manage Defender.In addition, Defender enables users to easily request and self-register hardware and softwaretokens, reducing the costs and time involved in rolling out two-factor authentication. Defendersupports any OATH-compliant hardware token and offers numerous software and Web-basedtokens as well. By using organizations existing infrastructure investments, providing userself-registration and supporting multiple token types, Defender enables organizations toincrease security and compliance measures in a flexible, cost-effective manner.FeaturesActive Directory-centric – Use the scalability, security and compliance of Active Directory toprovide a two-factor authentication to any system, application or resource taking advantage ofthe corporate directory already in place, instead of creating an additional proprietary one. Usertoken assignment is simply an additional attribute to a user’s properties within Active Directory.Web-based Administration – Provide Defender administrators, help desk administrators andend users options for token management, token deployment, real-time log viewing, help desktroubleshooting and access to reports using the Web-based Defender Management Portal.Token Self-Registration – Enable users to request and/or receive a hard or soft token basedupon pre-defined administrator policy. Then quickly and easily assign that token to their accountthrough a unique, secure mechanism. The Token Deployment System removes the entireadministrative burden and associated costs of conventional manual token assignment.• Heightens security through strongauthentication for virtually any accessneed on any system or application• Provides convenient administrator andend user access to token management,logs and reports via Web-based portal• Enables rapid help desk response todiagnose and resolve user authenticationissues from any Web browser• Scales to fit your business needs• Delivers the highest levels ofperformance and availability• Positions your company in a forensics-ready stance by maintaining logs of allauthentication activity and providing acomprehensive audit trail• Provides authentication where it’srequired — whether local, remote ormobile• Enables you to“prove”compliance foraccess control and strong authenticationwhile providing required data to auditors• Removes the administrative burden ofand associated costs of conventionaltoken assignment through user tokenself-registrationBENEFITSAppsUser enters one-time password (OTP)(PIN/AD Password + token code)****330265 ****330265Defendervalidates the OTPUser authenticated& gains access toprotected resourcesDATASHEET“BAA will save money because Defender tokens lastat least 67 percent longer than our previous solution,and last for the life of the battery rather than havinga vendor defined lifespan of three years. We can renewusers’ tokens when they expire, as a help desk business-as-usual process, instead of issuing 7,500 tokens in onego and incurring the costs associated with runningsuch a project.”— Fiona Hayward IT Programme Manager BAA
  2. 2. Help Desk Troubleshooter – Enable Defender and help desk administrators to troubleshoot,diagnose and resolve user-authentication-related problems with just a couple of mouse clicksfrom any Web browser. View a current list of authentication attempts and routes, with associatedresults, possible reasons for failures and one-click resolution steps. In addition, user accountdetails and assigned tokens are also displayed with the ability to quickly test, reset the pin orprovide a temporary token response, as well as reset or unlock the account.Token Flexibility – Take the simple path to two-factor authentication regardless of thepreferred token vendor or mobile device. Defender supports any OATH-compliant hardwaretoken and has relationships with several major token vendors, enabling you to choose the besttoken for your organization. Defender also offers a wide range of software tokens for the mostpopular and widely deployed mobile platforms. And by offering a universal software tokenlicense, the administrator can easily reissue the appropriate device license when a user decidesto switch mobile platforms.Secure Webmail Access – Enable secure Web-based access to your corporate email systemfrom any Web browser, anytime, anywhere with Quest Webthority, a reverse proxy solutionincluded with Defender. In addition you can require Defender token use for access to ensureappropriate authentication regardless of access point.ZeroIMPACT Migration – Undertake a gradual migration to Defender from an incumbentlegacy authentication solution with ZeroIMPACT. With Defender and the legacy systemrunning side-by-side, all user authentication requests are directed to Defender. If the user isnot yet defined within Defender the authentication request is transparently passed, via theproxy feature, to the incumbent authentication solution. This allows administrators to migrateusers to Defender as and when their legacy tokens expire with virtually no overhead from anadministrator or end-user perspective.Centralized Administration – Integrate Defender with Active Directory and fully utilize allthe advantages of the centralized management of directory information, through a common,familiar user interface. User token assignment is simply an additional attribute to a user’sproperties within the directory, which makes the security administration more efficient.Encryption – Secure communications by associating a Management DES (Data EncryptionStandard) with Defender Security Server. Defender supports AES, DES or Triple DES encryption.Pluggable Authentication Module (PAM) – Specify that services and users defined on yourUnix/Linux systems will be authenticated by Defender with Quest’s Defender module for PAM.About Quest Software, Inc.Established in 1987, Quest Software (Nasdaq: QSFT) provides simple and innovative ITmanagement solutions that enable more than 100,000 global customers to save time andmoney across physical and virtual environments. Quest products solve complex IT challengesranging from database management, data protection, identity and access management,monitoring, and user workspace management to Windows management. For more information,visit Polaris Way, Aliso Viejo, CA 92656 | PHONE 800.306.9329 | WEB | EMAIL sales@quest.comIf you are located outside North America, you can find local office information on our Web site.© 2012 Quest Software, Inc.ALL RIGHTS RESERVED.Quest, Quest Software, the Quest Software logo and QuestDefender are registered trademarks of Quest Software, Inc. in the U.S.A. and/or other countries. All other trademarks and registered trademarks are property oftheir respective owners. DSW-QuestDefender-US-SW-04242011Defender Hardware TokensDefender supports any OATH-complianttoken and distributes the following tokentypes:• Vasco DIGIPASS GO 6• Vasco DIGIPASS GO 7• Yubico YubiKey• SurePass Display CardDefender Software Tokens• Defender Soft Token for BlackBerry• Defender Soft Token for iPhone• Defender Soft Token for Android• Defender Soft Token for Windows Mobile• Defender Soft Token for Java• Defender Soft Token for SMS• Defender Soft Token for Email• Defender Soft Token for Windows Desktop• Defender GrIDsure Web-based token• Defender Soft Token for Palm