Key Features
Web based management console
The DualShield Management Console is accessed through any standard Web browser. With its rich web GUI, system administrators can easily manage groups, units and users, tokens, policies and configurations anywhere at any time.
Native LDAP/AD integration
DualShield delivers true native LDAP support for direct integration with LDAP directory servers such as Active Directory and Open LDAP. Native LDAP support does not require change to the database schema, does not require import from the database and does not require synchronisation. Any changes made to the external user directory are immediately effective in DualShield in real time.
Multi-level user management
DualShield enables system administrators to organise user units and groups and assign them with administrative roles and access control policies. The Multi-level user management increases the efficiency and flexibility of managing users credentials and access control. DualShield further streamlines user management by integrating with existing user directory, such as LDAP or Microsoft Active Directory.
Full life cycle token management
DualShield provides facilities that enable system administrators to easily manage the entire life cycle of tokens:
- Provisioning
- Deployment
- Enablement
- Replacement
- Synchronisation
Policy based configuration
Policies control various aspects of your system and your users. DualShield provide a comprehensive set of policies such as Password Complexity, Session Lockout, Token Provisioning and Authentication Policies, that provides the flexibility for the system administrator to configure two-factor authentication on the level of solution and user account.
Web based management console
DualShield logs all transactions and user activities. Administrators can utilise it as an auditing, accounting and compliance tool. It includes report templates that can be easily tailored to administration needs, including activity, exception, incident and usage summaries.
Extended RADIUS support
DualShield has a built-in RADIUS server that is fully compliant to RFC 2865. It supports an extended set of features such as attribute mappings between RADIUS and LDAP attributes and configurable RADIUS profiles. These features enable granular access control via RADIUS down to users according to their account profiles, attributes and settings.
Single Sign-On
DualShield provides a fully compliant SAML 2.0 single sign-on server for every web and cloud applications, such as Google Apps, Salesforce and any SAML enabled application. DualShield SSO enables users to sign on once then access multiple applications without additional logins.
Self-service web portal
A self-service console is available for end users to request a variety of services, including requesting for replacement of lost or damaged tokens and issuing on-demand tokens for emergency access. The self-service console can dramatically reduce the call volume into the IT help desk because users are empowered to manage all aspects of their token life-cycles.
Managed Service
DualShield is increasingly being used by Managed Service Providers to provide "Authentication as a Service". On one single platform, Managed Service Providers can host authentication services for multiple organisations and each organisation has it own private realm for managing their own domains, users, tokens etc.
|
