The SecureLogin Solution

Novell^® SecureLogin is comprised of multiple integrated security systems that provide authentication and single sign-on to networks and applications throughout an organization. The goal is to provide a single entry point to the corporate network and its resources for your users and at the same time increase security and improve corporate security policy compliance.

The separate single sign-on modules (components) of SecureLogin are designed for generic Windows*, Internet, and terminal emulator applications. SecureLogin's unique modular design allows it to be compatible with most new applications.

Security is an important feature of SecureLogin. It stores all user credentials encrypted in NDS^® eDirectory^TM and optionally caches details in an encrypted format on the local workstation. Only the user whom the details are stored for is able to unlock the encrypted data. For example, a network administrator with full rights is not able to see what a user's password is for Internet banking.

SecureLogin is extremely easy to use. With the use of wizards, corporate scripts, and predefined applications, administrators are able to intuitively configure SecureLogin for use in the corporate network from a central point using eDirectory. SecureLogin also includes a workstation administration tool that allows users to view their single sign-on details and, if permitted by the administrator, add new applications and Web sites for single sign-on.

SecureLogin employs two methods of fault tolerance. One method uses local encrypted caching to ensure that network downtime does not effect single sign-on performance. Even if the corporate network is down, by the use of caching, application logins continue uninterrupted. A second method allows for scripting to cater to different login conditions and errors during login.

Local encrypted caching also allows SecureLogin to maintain single sign-on integrity for all mobile and remote users, regardless of network connectivity. If permitted by the administrator, mobile users can update their single sign-on credentials when disconnected from the network and update eDirectory with these details when they are next attached.

Because SecureLogin is an eDirectory-enabled product, users can roam wherever eDirectory is.They can

• Log in from anywhere and get the same capabilities as if they were at their own desks.
• Log in and log off quickly, because they only authenticate to eDirectory, not to Windows itself.
• Roam the enterprise, logging into several different machines during the day.
• Work on a notebook or laptop in a disconnected mode, because their login credentials are saved to a local, encrypted cache.
• Securely use a shared, kiosk-type workstation, where many people log in temporarily for quick work and then log out.

Single sign-on has two ultimate goals:

• Automate the repetitive manual login processes so that logging in is seamless to the user
• Lower overall maintenance costs for network administrators