Web Password Management Software

      


Password Synchronisation

Password Geneous-Sync (PGS) module: Password Synchronisation service across multiple platforms and applications provides enhanced security and saves helpdesk costs. The same password is used for access to all platforms & all applications using best security policies & password changes are automatically propagated. Users no longer need to maintain lists of passwords.

PGS does not require significant implementation work other than linking userids together according to editable mapping rules or to the subscriber-based mappings. This module may be installed on its own or implemented with Account Geneous - More Information ...


Description

PASSWORD GENEOUS is a sophisticated multi platform tool providing transparent and secure distributed User Password Management and Synchronization. Users need only remember one “Enterprise” password to access any number of computers.

Password sync ensures that however a user changes their password at any managed platform or application, the new password is securely propagated to all the hosts to which the user has been authorized. A clear and easy to use interface simplifies the set-up and maintenance of the rules that allow Account Geneous users to manage host resources and user access.

Because users do not need to remember more than one password at any time, they will not need to write them down, and PASSWORD GENEOUS will encourage the use of non-trivial passwords, helping to reduce the risk of trial and error brute force security breaches.


Features

PASSWORD GENEOUS intercepts passwords when they are changed, using the interceptor feature of the Account Geneous Agent. For instance, in a Microsoft Active Directory (AD) or domain environment, this can be run on the domain controllers.

When a user updates this password on a computer that has PASSWORD GENEOUS agent installed, the new password is trapped by the Password Interceptor feature of that agent. This new password is transmitted in an encrypted form to the Password

Controller/Propagator, a module of the Account Geneous server. The strong encryption used by all the AG communications ensures that password secrecy is maintained.

The Password Propagator module of the Account Geneous server determines from the rules how to propagate the password change to target hosts for which the user has access.

Note: Active Directory (AD) and Domain user accounts are maintained by a Windows Server system. This server acts as the controller for the domain specified by the user during the login process, so the user is not authenticated by the workstation that he is using. When a user changes this password, the actual password change does not take place on the local machine but on the domain server. In this case the Password Interceptor running on the domain server traps the new password, and then forwards the modified password to the Password Propagator for synchronization.

1. User resets his password through the machine-specific interface

2. The AG password interceptor detects this password change and sends it to the AG Server

3. The AG password propagator reads the rules for propagation from the HR database (3a) or it's own editable rules repository (3b)

4. The AG Propagator sends the password changes to the target machines


Rules

PASSWORD GENEOUS allows a sophisticated rule base to be created that provides complete control over password propagation. The rules apply user defined tests to match incoming password change notifications. When a match is found, the appropriate user-defined actions are applied. The actions specify the accounts on remote systems that need to be updated for the specified password change notification.

Full wildcard matching is supported against incoming password change notifications, as is matching against user names, node names, Windows local or global groups, OpenVMS UICs etc. You can also specify logically associated groups of hosts, which can be referenced by a mnemonic host group name. This host group name can be used in rules as part of either tests or actions.

Another important source for these rules is the Subscriber Database itself. If the customer decides to use subscribers, then each person (subscriber) can have the passwords synchronized between all of his assigned platform accounts.

The rules database can be exported and imported to allow backup, merging, copying and updating of the database. PASSWORD GENEOUS offers a convenient GUI for editing and adding new rules according to the specific needs.


Hardware Requirements

Minimum requirements:

  • For the PASSWORD GENEOUS server component: a machine able to run a Java Virtual Machine. Access to a CDROM drive will be required for installation.

  • Target (managed) systems include

    • Windows Servers: Intel Pentium III and above, or compatible.

    • OpenVMS: Any supported Digital/Compaq/HP VAX or ALPHA (AXP).

    • Tru64 UNIX: Any supported Digital/Compaq/HP ALPHA.

    • Solaris: Any supported Sparc based.

    • AIX: Any supported Power PC based.

    • HP-UX: Any supported HP PA-RISC.

    • Linux: Intel Pentium III and above, or compatible; multi-platform (please ask).


Software Pre-Requisites

  • Client (GUI): a browser, e.g. Mozilla/Firefox 1.0 or Internet Explorer 6.

  • Server and Targets: Java Virtual Machine 1.4

  • Operating systems for the server and target systems (resulting from the above JVM requirement):

    • Microsoft Windows 2000 SP3 or higher, Workstation or Server

    • OpenVMS Vax or Alpha Version 7.3 or higher

    • Compaq Tru64 5.1 and higher

    • HP-UX PA-Risc Version 11 and higher

    • Sun Solaris sparc 8 and higher

    • IBM AIX 5.1 and higher

    • Linux distribution based on Kernel 2.4 and higher

    • OS/400 V5R1 and higher

    • Oracle 9

    • MS SQL Server 2000

    • MS Exchange 2000

    • Lotus Notes 6

    • LDAP, ODBC etc. any application supporting a standard access interface (simple configuration required).

           GENEOUS SOFTWARE provides Identity Management (IdM and IAM) solutions to increase enterprise security with enhanced access control and improved efficiency. Authentication, role and rule based access control (RBAC), database and directory integration and reduction in helpdesk calls are all provided with the implementation of GENEOUS solutions. The ability to implement the solutions quickly in order to provide a rapid return on investment (ROI) is a fundamental part of the GENEOUS design. The scalability and ROI provided by Geneous solutions makes them ideal for enterprises from a few hundred employees to tens of thousands.

Windows XP (WindowsXP, WinXP, Win XP, WXP) windows NT (WindowsNT, WinNT, Win NT, WNT), Windows 2003 (Win 2003, Win2003, W2003), Windows .Net Server (Win .Net Server, Win.Net Server), Windows Server 2003 (Win Server 2003, WinServer 2003) Windows 2000 (Windows2000, W2K, Win 2K, Win2K, Win2000, Win 2000, W2000) Windows 98 (Windows98, Win98, Win 98)

Mainframe, IBM OS/390 (os390, MVS, zSeries, z/OS, zos, z series, V2R10, V1R1, V1R2, V1R3, V1R4), VM, VSE, Linux, IBM OS/400 (os400, A/S 400, as400, iSeries, i series, AS/400, i5/OS V5R3, i5os) UNIX, IBM AIX (pSeries, p series), HP-UX (HPUX, HP UNIX), Sun Solaris, Compaq Tru64 (Tru 64), Novell Netware (Bindery, NDS), Linux, DEC VAX/VMS (Open VMS), Oracle, SAP, MQ,

TCP/IP (TCPIP), ODBC, FTP, Lotus Notes, Lotus Domino, Websphere, Apache Tomcat, BEA Web Logic (WebLogic), Tivoli Netview, Sun ONE Application Server, Microsoft .NET, SQL, LDAP, SQL Server, RACF (SecureWay Security Server), CA-ACF2, CA-Top Secret, Internet Explorer 6.x (IE6, IE 6), Internet Explorer 5.x (IE5, IE 5), Netscape 7.x, Netscape 6.x, Firefox, Mozilla, Opera