Business/Technology Editors
SAN FRANCISCO--(BUSINESS WIRE)--April 17, 2000
ClearTrust SecureControl 4.0 Detects Suspicious Activity to Prevent
Fraud, Centralizes Access Management for All Platforms, and Eases
User Administration for Extranets, B2B Exchanges, ASPs, Portals
Securant Technologies - the access management company that secures e-business - today announced ClearTrust SecureControl version 4.0, the first access management solution that uses integrated application level threat detection to proactively secure e-business transactions and prevent fraud. ClearTrust SecureControl 4.0 also allows enterprises to centrally protect and control user access to any Web application regardless of operating platform including UNIX, Windows NT/2000, MVS, AS/400 and application servers, via the new Smart Proxy module. To ease the cost and resource burden of user account management, ClearTrust SecureControl 4.0 is the only access management solution that allows enterprises and service providers to securely delegate granular administration powers on three levels: within an enterprise, outside the enterprise, and to individual subscribers via a self-service function.
Threat Detection for Proactive Security
Breaking away from the limited capabilities of a static security model, ClearTrust SecureControl 4.0 now provides integrated application level threat detection to proactively secure high value and sensitive transactions. The Detector module complements network level intrusion tools and provides a new line of defense for protecting Web applications, content and transactions. Detector allows enterprises to establish policies for detecting application misuse, monitor Web resources for suspicious activity, and automatically take counter measures to deter attackers. Administrators can choose to be alerted via pager or e-mail, suspend or disable an account, or execute custom responses - whenever a user breaches a security policy.
ClearTrust SecureControl 4.0 monitors Web resources for pre-defined as well as custom defined patterns of suspicious activity including password guessing, unauthorized access attempts, unauthorized transaction attempts, and expired accounts. In a typical configuration, when ClearTrust SecureControl 4.0 detects a pattern of suspicious activity the user's activities are logged for analysis, notification is sent to the administrator, and the user is automatically restricted from further application access.
To help administrators track the origin and targets of attempted security violations, ClearTrust SecureControl 4.0 features reporting and analysis tools that list detected events ranked by time/severity, violating IP sources, most frequently attacked internal resources, and suspicious users. ClearTrust SecureControl 4.0 also allows administrators to develop custom reports using a simple query interface. All reports can be viewed via a standard Web browser, and exported to other applications for more powerful analysis or centralized data management.
Smart Proxy Unifies Web Access Management Across All Platforms
To allow enterprises with heterogeneous computing environments to deploy a single Internet security infrastructure and eliminate the need to port the security system to each operating environment, ClearTrust SecureControl 4.0 features the integrated Smart Proxy module that protects Web content hosted on any platform. The Smart Proxy module enables enterprises to implement a consistent security policy regardless of the operating system on which the application and content is hosted, while providing a single point of security configuration and management. ClearTrust SecureControl 4.0 protects Web content on UNIX, Windows NT/2000, MVS, AS/400 as well as other enterprise operating systems.
The ClearTrust SecureControl 4.0 Smart Proxy module can also be used to secure application servers that are hosted on Web servers, or that are implemented using a direct HTTP interface to the Internet. It supports all HTTP capable Web application servers including Cold Fusion, Forte, Lotus Domino, Net Dynamics, Netscape Application Server, Oracle, People Soft 7.5, SAP R/3, Web Logic/BEA Systems, and Web Sphere/IBM.
"As enterprises and service providers move more and more of their business operations to the Web, they require a centralized security infrastructure that can proactively protect all transactions, content, and applications," said Eric Olden, Chief Technology Officer, Securant Technologies. "ClearTrust SecureControl is the only security infrastructure that provides a single point of control and integrated threat detection to secure all e-business resources regardless of platform, while preventing user management bottlenecks by allowing routine administration to be delegated both inside and outside the enterprise."
Three Tiers of Distributed Administration
To reduce the cost and complexity of user management, ClearTrust SecureControl 4.0 is the only access management solution that provides three tiers for securely delegating user administration within an enterprise, outside the enterprise, and to individual users via a self-service function. This allows time consuming and escalating user administration workloads to be shared internally across individual departments, divisions, and operating companies; externally to Extranet partners and customers; and to individual users/subscribers. By creating and maintaining clearly defined administrative hierarchies, called Virtual Business Units (VBUs), enterprises and service providers can control on a very granular basis which resources and users an administrator can access and manage.
ClearTrust SecureControl 4.0 provides 23 different options of control for delegating administrative rights, which allows administrators to grant as much or as little control as needed. For example, help desk personnel may only be granted the ability to unlock accounts and reset passwords. To overcome the scalability challenges of managing large user populations, ClearTrust SecureControl 4.0 also supports self-service administration to empower users to perform common management tasks such as registration, profile editing, password resets and subscription management.
ClearTrust SecureControl VBUs also significantly reduce the administration burden for Extranets and Internet Portals, by allowing partners/vendors/customers to manage their own users. This capability is a critical requirement for new Internet based business models such as business-to-business electronic exchanges and ASPs, where user administration can rapidly scale beyond the resources of the largest MIS departments.
Pricing and Availability
ClearTrust SecureControl 4.0 is available immediately from Securant Technologies and its business partners. Pricing starts at $20 per user.
Company Background
Securant Technologies, the access management company that secures e-business, is a leading developer of Internet security software that provides a secure infrastructure for controlling user access to Web-based resources including applications, content and transactions. The company's flagship product, ClearTrust SecureControl, uses business rules to centralize, unify and automate every component of access management including access control, single-sign on, authentication, authorization, delegated administration and auditing. Securant customers include Chase Hambrecht & Quist, First Union/The Money Store, Lehman Brothers, Thomson Financial and Wells Fargo Bank. The company's partners include BEA / WebLogic (NASDAQ: BEAS), Check Point (NASDAQ: CHKP), Entrust Technologies (NASDAQ: ENTU), Fujitsu, Netscape Communications, Oracle (NASDAQ: ORCL), Sun Microsystems (NASDAQ:SUNW), Sybase (NASDAQ: SYBS) and Verisign (NASDAQ: VRSN). Securant is privately held and headquartered in San Francisco. To contact Securant call 415.315.1500, visit us on the Web at http://www.securant.com, or write to info@securant.com.
Unified Access Management, 24/7 Security, ClearTrust, ClearTrust SecureControl, ClearTrust Virtual Business Units and SpeedSecure are trademarks of Securant Technologies Inc. Product names mentioned herein may be trademarks and/or registered trademarks of their respective companies.
No comments:
Post a Comment