Gemalto - Allynis Device Administration Service |
| |
|
|
|
The Allynis Device Administration Service from Gemalto is a turnkey managed service for secure use, provisioning and administration von .NET Cards and .NET Token like the SEG (Secure Enterprise Guardian) for smaller and medium-sized enterprises and organisations. Because DAS is a web based service, DAS is flexible, easy and ready to work very fast.
|
 |
|
|
|
|
Small and medium size businesses have the same needs for digital security and identity protection as larger enterprises. They need to protect network access and user identities with strong authentication. They can also leverage the benefits of PKI services, such as digital signature, file encryption and secure remote access, to enhance productivity and business
process efficiency. However, they typically do not have IT resources available to implement, support and maintain strong authentication systems, while the present administration tools on the operating system are not sufficient for organisations with more than a few people. Rich card management systems like Intercede or in a limited way the Microsofts ILM do have such capabilities, but they are not economical to use for SMBs. Therefore the Allynis Device Administration Service is made for SMBs to manage their .NET smart cards in their environment.
|
|
|
The advantage of .NET for SMB |
Each smart card needs cryptographic middleware PKCS#11 or CSP (Cryptographic Service Provider) on the computer where the card is used. .NET cards from Gemalto can be used with Microsofts Base Smart Card CSP, which is installed on Vista and Server 2008, an can be installed via online update on XP and 2K SP5. .NET cards can be used on a computer with MS operating systems without prior software installation, contrary to the other current smart cards. Certifikates and cryptographic capabilites of a .NET card are available immediately.
|
The Benefit of DAS |
Small and medium sized enterprises are able to use the advantages of a .NET card, which is to deploy strong authentication and PKI in a non extensive way, without using the ILM of Microsoft. DAS allow the administrators and users to deploy and manage the .NET cards and Token (Like Secure Enterprise Guardian)easily. Allynis DAS is hosted and maintained by Gemalto, customers can rely on a strong SLA for keeping it running.
Video: Configuration DAS Controller
Video: Personalisation Card
Video: PIN Unblock
|
|
 |
Turnkey solution for strong authentication and Microsoft-based PKI services |
|
Optimized TCO for small and medium size businesses since the solution requires no server hardware investment or training budget |
|
Rapid implementation of integrated system for secure network access, digital signature and file encryption |
|
Ease of use and minimal learning curve for IT administrators and end-users due to simple and intuitive browser-based Admin and User portals |
|
IT organizations have full control over security because end-user administrative keys are diversified through the DAS Controller, under sole control by the IT administrator |
|
Maintenance free - DAS is operated and maintained by Gemalto using the industrystandard software as a service model |
|
24 x 7 availability - DAS is backed by a rigorous SLA (Service Level Agreement) which ensures continuous availability of the service |
|
DAS Admin Portal |
IT administrators access the Admin Portal with a DAS Controller, a secure and reliable device based on Gemalto .NET smart card technology. The DAS controller is personalized by the administrator prior to first usage. For security purposes, both the Controller itself and a PIN are required for secure authentication to the Admin Portal; if the Controller is removed from the host PC, the administrator is automatically logged off. Gemalto and Cryptoshop recommend to have at least 3 DAS Controller, because, if one controller is broken, there is still no "single point of failure". The DAS capabilities are ongoing widened, the main features are
|
|
|
Remote PIN Unblock |
|
Local PIN Unblock |
|
Reset Gemalto .NET devices |
|
Reset controller |
|
Activation and personalization of end-user |
|
.NET devices: |
|
- End User Admin Key rotation |
|
- Default PIN Value |
|
- Set limit on number of PIN attempts |
|
Manage (P12 file format) Certificates |
|
DAS User Portal |
This enables them to complete routine tasks without needing specialized IT resources for routine support and maintenance. Through the User Portal, employees can perform the following support tasks.
|
|
|
Change PIN |
|
Remote PIN Unblock |
|
View device information (diagnose) |
|
View Certificate on device |
|
|
|
|
|
|
|
|
|
|
|
