Perfect for the larger heterogeneous environment where security is taken very seriously, and is required on more than one user level.
Not ideal for the smaller organization or to simply solve the problem of remote access for employees.
A very strong authentication solution that delivers everything from single sign-on to multiple authentication models where security is of the highest priority.
Not all remote access initiatives are used solely to provide employees with multi-location access. It may be necessary to provide a wider core of access rights that are in line with your business activities and, therefore, a more extensive resource may be required to fulfill all of your objectives.
This is where a solution such as Novell iChain comes into its own. This solution accomplishes more than simply allowing one level of access. It is capable of delivering a web-based authentication process that can be granular to your business needs, allowing customers and partners to access areas crucial for your commercial needs.
iChain is deployed within the organization to provide an identity-based authentication through its eDirectory. When a user authenticates, he or she is governed by rights and privileges extended to their particular identity.
Installation remains at the administrator level and users gain access by utilizing the authentication methods bestowed on them by their administrator. These will depend on the level of security required, from single sign-on through to tokens provided by big names such as RSA and ActivCard. Password authentication methods can be used, with stipulated password lengths to further enhance security levels, and during communications SSL is active to ensure secure data transfers.
From a user perspective iChain is simple enough, requiring only the method of authentication and the privileged information to make it happen. Digital certificates are also supported; identifiers such as user name, email address and LDAP known attributes may also be manipulated or several methods may be utilized to enhance the security levels in practice.
The software is delivered on two CDs, with installation explained fully within well written documentation provided in pdf format. The software uses a proxy-based method and fits neatly into most environments. The beauty of this kind of solution is that it can be managed centrally. Users do not have to concern themselves with installing and managing software or hardware to stay secure.