Features
| Feature | Benefit |
|---|---|
|
General |
|
| SSO across all Ubilogin protected applications and applications that use standards based authentication protocols | Multiple benefits
|
| Federation | Interoperability with other SAML standard-based identity providers and service providers. ID-WSF enables Web Services authentication and federation (SOA). |
| Productized solution | Rapid deployment, easy integration, product documentation and maintenance. Professional support services. |
| Compact, robust and efficient solution | Proven reliability and performance can give you not just piece of mind, but a better guarantee that your investment will provide continuous service without interruptions. |
| Centralized solution |
|
| Scalable and high-availability options | Ubilogin solutions can scale from mini-installations to nationwide deployments serving millions of users. You can start from a small solution and build your authentication infrastructure from there, gradually. |
| Agent or Agentless integration | Choose the best match for your needs. Both options enable you to adapt the authentication solution to match your infrastructure and security policy. |
| Brand graphics | Use your own brand in login screens and in the management console. |
| Platform independent solution | Use your preferred application server |
| Multiple integration options | Wide deployment options in heterogeneous environments |
|
Ubilogin Administration |
|
| Web based management | Easy and efficient management |
| Flexible site structure | You can model your organization easily within Ubilogin |
| Simple service activation | Activating Agents or importing SAML Metadata can be done through the Management console in minutes. |
| Quick policy changes | Authentication and authorization can be changed using the Ubilogin Management Console within minutes to a single service or to all the services that use Ubilogin as their IDP. |
| Delegated administration | System administration application permits full separation of duties by dividing user roles and restricting access to specific functions and site hierarchies based on user groups. |
|
Standards support |
|
| OASIS SAML 2.0 standard support | Standards based WebSSO, federation. Easy integration to other Identity Providers and SAML Service Providers. |
| Liberty ID-WSF 2.0 standard support | Standards based interoperability with Web Services solutions. |
| SAML 2.0 Attribute Authority | Enables the application server to make queries that can give real time information about a user. Helps the customer to follow compliance requirements if the real-time information is combined to a e.g. transaction. |
| ETSI TS 102-204 | Productized mobile authentication support for the ETSI MSS standard. You can integrate your applications to the mobile certificate based authentication and authorization in minutes. |
| OATH OTP Generation | You can be sure that the one-time-passwords are generated safely. |
|
Authentication |
|
| Over dozen supported authentication mechanisms out-of-the-box | There is always a suitable mechanism available that corresponds with the confidentiality level of the protected information. |
| Windows Cross Domain SSO | Seamless integration to the Windows Domain. SSO to services protected by Ubilogin from your own network or from the partner network. |
| Mobile authentication, SMS based | No need for external authentication tokens. Mobile terminals (phones, PDAs) serve as the authentication token. Eliminating specialized authentication tokens can generate huge savings in both licence fees, deployment and administration costs. |
| Mobile authentication, certificate based, ETSI 102-204 standard support | Standards based roaming digital signatures. Strong authentication using a mobile terminal. Authentication and data channel separation for identity theft prevention. |
|
Integration |
|
| Unique Identity Broker Engine (IBE) | IBE can integrate information from the authentication event to the information stored in the identity repository, e.g. integrating X.509 certificates with Active Directory or LDAP accounts. |
| Directory integration out-of-the-box | Leverage the existing user repositories and integrate them to the centralized authentication infrastructure in a matter of minutes. |
| Support for several different applications out-of-the-box | Hassle-free installation and deployment for your applications. Integrate your business applications to the authentication and authorization infrastructure within hours. |
| PKI integration out-of-the-box | SAML-based Certificate Authentication Provider enables you to plug Ubilogin to an existing PKI very quickly. |
| Windows Domain integration | Use your Windows Domain for authentication in services that do not support Windows Domain. Extend your Windows SSO to new services and improve the user experience and enable further cost savings. |
|
Authorization |
|
| 2-tier authorization scheme | Authorization can happen in two places
2-tier authorization gives you more options when implementing true Role Based Access Control (RBAC) |
| Identity Broker Engine | The unique Identity Broker Engine in Ubilogin can combine the information received during authentication with identity information received via directory integration. IBE can be used to build dynamic identities with dynamic authorization information. This means that identity information, which might be scattered around in different repositories, can be logically consolidated, using the IBE mechanism. |
|
Foundation for legal compliance and regulations |
|
| Authentication | Easy to determine who accessed what, when and in which role (attributes) |
| Authorization | Every successful and unsuccessful access attempt will log the roles of the user and can be verified at a later date. |
| Intrusion analysis and prevention | Every unsuccessful attempt will be logged so that you can quickly find out what’s going on. |
| Standards based solution | You can easily verify the protocol implementations from the standard documents. |