v-GO Single Sign-On Features

Application Support

v-GO SSO can be configured to automate logon and password change for almost any application, even highly customized or in-house developed applications.  v-GO SSO fully supports the following application types and platforms:

• Windows 32 based applications
• Web and Browser Based Applications
  • Microsoft Internet Explorer
  • Mozilla Firefox
• Host / Mainframe Systems
  • HLLAPI, EHLLAPI or WinHLLAPI based emulators
  • 16 bit legacy HLLAPI emulators
• JAVA
• SAP
• Applications running on Terminal Services or Citrix Servers

Policy-Driven Password Change

• Automatically changes passwords on fixed schedule, e.g. every 30, 60 or 90 days, whether or not the application itself enforces such a schedule
• Can automatically and silently generate a new password or prompt the user to create one
• Enforces the strongest possible password for each application with the following configurable password policies:
  • Minimum & maximum password length
  • Enforce or restrict the use of:
    • Alpha and numeric characters
    • Special characters
    • Repeated characters
    • Upper and lower case characters
• Eliminates the reuse of previously used passwords (password history)
• Support for synchronized/shared credentials, such as Outlook and Windows domain or applications

On-Demand Access

• Download and run v-GO SSO with a simple click of a button from a host website
• Configurable to self-install permanently upon download or self-delete after shutdown
• No administrative rights needed on client computer
• Software automatically updates itself as required

Kiosk Management

• Provides fast user authentication and switching
• Maintains multiple active sessions per workstation to allow provide users access to applications exactly as they left them
• Instantaneously locks workstation when it detects a user left the kiosk to protect sensitive data
• Gracefully terminates applications in inactive session to prevent possible data corruption

Authentication Manager

• Allows multiple authentication methods to be used to authenticate the user to
  different applications

Central Administration

GUI based Administrative Console provides point-and-click configuration and control over all settings and users, including:

• Directory configuration and administration
• Management of individual users or users by role and group
• User and application configuration and policy control
• v-GO SSO password policies, system rules, UI functionality, re-authentication parameters, etc.
• Forced re-authentication for specific applications
• Application shut down and kiosk session termination policies

User Authentication

v-GO SSO accepts user authentication from the following authentication sources:

• Windows Active Directory (Windows logon)
• LDAP Authentication
  • Oracle Internet Directory
  • IBM Tivoli Directory
  • Sun Java System Directory
  • Novell eDirectory
  • v-GO Universal Authentication Manager
• Smart cards that adhere to the MS CAPI and/or PKCS #11 standards
• Entrust Desktop Solutions 6.1
• HID PROX and iClass proximity cards (door access cards)
• RSA SecurID tokens
• v-GO Universal Authentication Manager
• Configurable for multiple authentication methods per user
• Configurable to allow access to specific applications only with specific authentication devices

Credential Storage

• Usernames and passwords securely stored in a directory or database
• Can use dedicated directory or database or existing corporate directory
• Natively supports existing organization directory to piggyback on already developed fault tolerance and disaster recovery plans Supports:
  • Microsoft Active Directory
  • Microsoft ADAM
  • LDAP v2/v3 directories, including Sun Java System Directory Server, Novell eDirectory, IBM Tivoli Directory Server, Oracle Directory
  • OpenLDAP
  • Critical Path
  • Microsoft SQL Server
  • IBM DB2
  • Oracle 9i, 10g, 11g

Reporting

• Administrator-controlled logging of user events and activities, including logon, password change, authentication, policy setting, etc.
• Logging of events to Windows Event viewer, an XML file or centralized database
• Pre-configured reports to fit most enterprise auditing needs
• Pre-configured reports are customizable to meet specific needs
• Report formats: HTML, CSV or PDF
• Schedule reports to be run on a daily, weekly, or monthly basis at off-peak hours
• Automated delivery of reports via e-mail

Security

• v-GO SSO authentication engine relies on two independent factors that are only present at run-time and randomly encrypted during the session in memory
• Credentials secured at all times in the directory, in transit, on the client, and in memory. Individual credentials only decrypted on-the-fly at the time of logon
• Full FIPS 140-2 compliant MS CAPI support for 3DES, AES, and RC4, as well as for key generation and hashing services
• Defenses protect against breach or inspection by other processes
• All components digitally signed and run-time validated

Customization

Modular architecture with exposed APIs enables easy integration, alternative authentication methods, credential repositories, and event-logging mechanisms.