SecureLogin As a Solution

Novell^® SecureLogin's single sign-on technology eliminates the need for users to remember their usernames and passwords beyond their initial network login. Single sign-on stores the usernames and passwords that each user needs and then automatically enters them for the user when required.

Single sign-on increases productivity because users no longer need to enter usernames and passwords. The computer does it for them. As a result, single sign-on greatly reduces the number of calls to help desks concerning forgotten passwords.

Novell SecureLogin is comprised of multiple integrated security systems that provide authentication and single sign-on to networks and applications throughout an organization. The goals are to provide a single entry point to the corporate network and its resources for users, increase security, and improve compliance with corporate security policies.

The separate single sign-on modules (components) of SecureLogin are designed for generic Windows*, Internet, and terminal emulator applications. SecureLogin's unique modular design allows it to be compatible with most new applications.

Security is an important feature of SecureLogin. SecureLogin stores all user credentials encrypted in the directory (Novell eDirectory^TM, Active Directory*, and other LDAP-compliant directories) and optionally caches details in an encrypted format on the local workstation. The only user who can unlock the encrypted data is the user that the details are stored for. For example, a network administrator with all rights is not able to view or use a user's password credentials.

SecureLogin is easy to use. Wizards, corporate scripts, predefined applications, and eDirectory enable you to centrally configure SecureLogin for use in the corporate network. SecureLogin includes a workstation administration tool that allows users to view their single sign-on details and, if you permit them to, add new applications and Web sites for single sign-on.

Locally encrypted caching enables SecureLogin to maintain single sign-on integrity for all mobile and remote users, regardless of network connectivity. If you permit them to, mobile users can update their single sign-on credentials when disconnected from the network and later update the directory with these details when the users are next attached.

Because SecureLogin is a directory-enabled product, users can

• Log in from anywhere and get the same capabilities as if they were at their own desks.
• Log in and log off quickly, because they only authenticate to the directory, not to Windows itself.
• Roam the enterprise, logging into several different machines during the day.
• Work on a notebook or laptop in a disconnected mode, because their login credentials are saved to a local, encrypted cache.
• Securely use a shared, kiosk-type workstation, where many people log in temporarily for quick work and then log out.