BNETAL MANAGESECURE FAQ

BNETAL ManageSecure: Enterprise Security

Digital Certificate
Issual and
Lifecycle Management

Role Based
Access
Control

Two Factor
Authentication

Strong Management of Security Tokens

Strong Management of
Security Tokens

BNETAL: Trusted Advisors on
National Health IT
and Security Projects

Customer Focused
Responsive Service

Hands on Approach to
Solving Challenges

Satisfied Customers,
Repeat Business

ManageSecure® Frequently Asked Questions


What is ManageSecure?
Image 1
ManageSecure is a software product that enables you to secure your Intranet and Internet based applications, and to manage your security resources.

What type of Organizations may use ManageSecure?
ManageSecure can be used by corporations that deal with sensitive or mission critical information and want to ensure that only a designated user (or group) can access a particular web application or resources. It can also be used by organizations that want to better manage their security resources. Further, organizations that want to issue certificate or become a certificate authority can use ManageSecure. Please see Usage Scenarios for more information.

My organization uses a firewall that blocks accesses from the web. Why do I need ManageSecure?
Most security attacks come from within the Intranet. Firewalls are not adequate for protecting the Intranet assets from these attacks. Some security attacks are made over port 80 (http) or 443 (https). Typically firewalls permit traffic on these ports. Further, Firewalls are not adequate to control access based on URLs. ManageSecure provides this additional access control over your web resources.

Does ManageSecure replace a traditional firewall?
Image 1
No. It only complements a firewall by adding an additional security layer that provides fine grain access control, identity management, security credential issual and management, and a host of other functions needed to establish a security perimeter around web based applications that a firewall does not provide.

Does ManageSecure protect both Intranet and Internet applications?
Yes. ManageSecure has access control components that can protect both Intranet and Internet applications by controlling access at the web-server layer.

My organization has application X that has a login mechanism. Why do I need ManageSecure?
Having each application implement its own authentication mechanism creates disparate, hard to manage, and often inconsistent enforcement of security policies. Having a common, standards based security solution allows you to have a consistent, centrally managed security policy across your Intranet. ManageSecure provides such a solution.

What kinds of security threats are addressed by ManageSecure?
Image 1
- Unauthorized access to URL based applications both from within the organization and from outside.
- Internet sniffing attacks (e.g., passwords, credit card information, or other sensitive data).
- Password compromise due to large number of poorly managed passwords
- Denial of service due to lost passwords

What types of access control does ManageSecure offer for web applications?
At the most basic level, ManageSecure can use plain login/password to identify and authenticate the user, and control access to web resources based on this identity. Beyond this, ManageSecure can also enable SSL based communication. Further, ManageSecure can offer strong security by managing client-side certificates (i.e., full PKI support), and using the strong authentication based on client certificates to control access to web resources. ManageSecure can define access roles and privileges, hence it supports Role Based Access Control (RBAC).

What additional features are in ManageSecure?
Image 1
- Password management
- Keystore management
- Encryption management
- LDAP management
- Certificate management
- Certificate request management
- Trust relation management
- Monitoring of web and application servers for various error conditions

What security standards does ManageSecure conform to?
Image 1
- X.509 Certificates and CRLs
- Security Assertion Markup Language (SAML)
- PKCS12 Keystores
- PKCS7, Base64 or DER Certificates
- PKCS10 Certificate Request
- PEM private keys
- JKS Trust Stores
- SSL
- Kerberos/Active Directory
- LDAP
- Java Authentication and Authorization framework

What web-servers can ManageSecure access control filter be used with?
Image 1
- Microsoft IIS
- Apache (Solaris 5.9 Sparc, Redhat Linux 8.0)

What type of security expertise is needed to run ManageSecure?
A good UNIX or Windows network administrator can be trained to install and operate ManageSecure. For organizations using strong security, administrator should have a high level knowledge of PKI and X.509 certificates.

What is the cost structure?
BNETAL offers flexible licensing models (see Licensing Information). For more information, please contact Info@ManageSecure.net for pricing information.

How can I obtain more information on ManageSecure?
Please send in your enquiries by email to Info@ManageSecure.net

Image 1
What is single sign-on?
When using multiple instances of web-servers on a network (e.g., each may be hosting a different application), the ability to authenticate a user at one point in the network and to propagate the user session to all subsequent web-servers throughout the network (without requiring additional logins) is called single sign-on. ManageSecure provides single sign-on capability.

How configurable is ManageSecure?
ManageSecure authentication policies are extensible using Java Authentication and Authorization framework, whereby you can define your own custom authentication mechanisms and plug them in. Also, Kerberos/Active Directory authentication and LDAP based authentication are supported. User interface layout is also configurable. You can edit the provided set of HTML pages to create custom look and feel for user interfaces.