BNETAL MANAGESECURE FAQ
BNETAL ManageSecure: Enterprise Security
Digital Certificate
Issual and
Lifecycle Management
Role Based
Access
Control
Two Factor
Authentication
Strong Management of Security Tokens
Strong Management of
Security Tokens
BNETAL: Trusted Advisors on
National Health IT
and Security Projects
Customer Focused
Responsive Service
Hands on Approach to
Solving Challenges
Satisfied Customers,
Repeat Business
ManageSecure® Frequently Asked Questions
What is ManageSecure?
What type of Organizations may use ManageSecure?
ManageSecure can be used by corporations that deal with sensitive or mission critical information and want
to ensure that only a designated user (or group) can access a particular web application or resources. It can
also be used by organizations that want to better manage their security resources. Further, organizations
that want to issue certificate or become a certificate authority can use ManageSecure. Please see
Usage Scenarios for more information.
My organization uses a firewall that blocks accesses from the web. Why do I need ManageSecure?
Most security attacks come from within the Intranet. Firewalls are not adequate for protecting the Intranet assets from these attacks. Some security
attacks are made over port 80 (http) or 443 (https). Typically firewalls permit traffic on these ports. Further, Firewalls are not adequate to control access
based on URLs. ManageSecure provides this additional access control over your web resources.
Does ManageSecure replace a traditional firewall?
Does ManageSecure protect both Intranet and Internet applications?
Yes. ManageSecure has access control components that can protect both Intranet and Internet applications by
controlling access at the web-server layer.
My organization has application X that has a login mechanism. Why do I need ManageSecure?
Having each application implement its own authentication mechanism creates disparate, hard to manage, and often inconsistent enforcement of security
policies. Having a common, standards based security solution allows you to have a consistent, centrally managed security policy across your Intranet.
ManageSecure provides such a solution.
What kinds of security threats are addressed by ManageSecure?
- Internet sniffing attacks (e.g., passwords, credit card information, or other sensitive data).
- Password compromise due to large number of poorly managed passwords
- Denial of service due to lost passwords
What types of access control does ManageSecure offer for web applications?
At the most basic level, ManageSecure can use plain login/password to identify and authenticate the user, and control
access to web resources based on this identity. Beyond this, ManageSecure can also enable SSL based communication.
Further, ManageSecure can offer strong security by managing client-side certificates (i.e., full PKI support), and using the
strong authentication based on client certificates to control access to web resources. ManageSecure can define access
roles and privileges, hence it supports Role Based Access Control (RBAC).
What additional features are in ManageSecure?
- Keystore management
- Encryption management
- LDAP management
- Certificate management
- Certificate request management
- Trust relation management
- Monitoring of web and application servers for various error conditions
What security standards does ManageSecure conform to?
- Security Assertion Markup Language (SAML)
- PKCS12 Keystores
- PKCS7, Base64 or DER Certificates
- PKCS10 Certificate Request
- PEM private keys
- JKS Trust Stores
- SSL
- Kerberos/Active Directory
- LDAP
- Java Authentication and Authorization framework
What web-servers can ManageSecure access control filter be used with?
- Apache (Solaris 5.9 Sparc, Redhat Linux 8.0)
What type of security expertise is needed to run ManageSecure?
A good UNIX or Windows network administrator can be trained to install and operate ManageSecure. For organizations using strong security,
administrator should have a high level knowledge of PKI and X.509 certificates.
What is the cost structure?
BNETAL offers flexible licensing models (see Licensing Information). For more information, please contact
Info@ManageSecure.net
for pricing information.
How can I obtain more information on ManageSecure?
Please send in your enquiries by email to
Info@ManageSecure.net
What is single sign-on?
When using multiple instances of web-servers on a network (e.g., each may be hosting a different application), the ability to authenticate a user at one
point in the network and to propagate the user session to all subsequent web-servers throughout the network (without requiring additional logins) is
called single sign-on. ManageSecure provides single sign-on capability.
How configurable is ManageSecure?
ManageSecure authentication policies are extensible using Java Authentication and Authorization framework, whereby you can define your own custom
authentication mechanisms and plug them in. Also, Kerberos/Active Directory authentication and LDAP based authentication are supported. User
interface layout is also configurable. You can edit the provided set of HTML pages to create custom look and feel for user interfaces.