About us | Advertising | SecurityWatch
Home   Articles   Blog   Reviews   Press Releases   Security Tools   Sponsored Solutions
Press Releases
CRYPTOCard Launches CRYPTO-Server 6.2: The First Browser-Integraged Two-Factor Authentication System For Apache Web Servers
Monday, 15 November 2004 11:43 EST

CRYPTO-Server 6.2 Demonstrates Its User-Friendly Enterprise-Class Authentication Solution For Apache Web Servers At ApacheCon 2004

ApacheCon Las Vegas, November 15, 2004 – CRYPTOCard (www.cryptocard.com), the innovative leader in authentication technology, today announced the launch of CRYPTO-Server 6.2, the world’s first browser-integrated two-factor authentication solution for Apache web servers at ApacheCon 2004 in Las Vegas. CRYPTO-Server 6.2’s CRYPTO-Web component makes it simple to authorise and positively identify all Apache web server users by coupling something in the user’s possession (a multi-function smart card, USB dongle token, hardware token, or software token), with something the user knows (their PIN). With almost 75 percent (or more than 13 million) of the world’s web servers running on Apache, CRYPTO-Server 6.2 represents a significant advance in authentication technology for the dominant player in the web medium.

CRYPTO-Server 6.2’s authentication server generates a unique password for every log-on attempt, eliminating the need for users to memorise, change, or manage a variety of static passwords. This not only significantly reduces the help-desk costs associated with resetting forgotten passwords, but also negates the obvious security risk resulting from users writing down their passwords (or using the same one for everything) or hackers obtaining stolen credentials (by network sniffing, social engineering, or shoulder-surfing). CRYPTO-Server 6.2’s familiar ATM-style protocol also eliminates the user resistance often encountered when organisations attempt to implement an additional layer of security, by making the system easier to use than static passwords.

CRYPTO-Server 6.2’s browser-based administrative interface makes it simple for organisations to support hundreds of Apache servers (for example, in a web farm) through a single interface, providing a single point of administration that makes it easy for organisations to implement and administer token-deployment – by simply importing existing LDAP (e.g. Active Directory or Open LDAP) directories or to support web farms or virtual web sites. CRYPTO-Server allows easy deployment and activation of software tokens, which can reside on a user’s handheld (for Win CE devices), desktop, laptop, or smart card – or for users to activate their hardware tokens (USB, key-chain, or numeric pin-pad).

“An organisation cannot guarantee system security if it cannot authenticate each individual user, and this was practically impossible for Apache server-based applications and users,” explained Malcolm MacTaggart, President & CEO, CRYPTOCard Corporation. “CRYPTOCard firmly believes in making easy to use, cost effective, authentication available to everybody, and with nearly 75 percent of web servers running on Apache, CRYPTO-Server 6.2 obviously represents a significant advance in this regard.”

CRYPTO-Server 6.2 also includes CRYPTOCard’s innovative “Follow-Me Computing” that makes it easy for server-based computing (Citrix or MS Terminal Services) users to start a remote session by simply inserting their CRYPTOCard multi-function smart card, or USB dongle token, and entering their PIN. Then, after logging off by simply removing their authentication device, the user is free to reinsert their smart card or USB dongle token and enter their PIN at another thick-client or thin-client terminal to resume the same session at exactly the point at which it was suspended (e.g. Cell D3, in a Microsoft Excel spreadsheet) – the applications literally follow the user around the building or campus. The system can also be set by the administrator to lock the machine or to simply log-off the user.

By coupling “Follow-Me Computing” with the door access capability of CRYPTOCard’s smart card, an organisation can ensure that users have to log off after every session in order to be able to travel around the campus – eliminating the considerable security risk associated with users leaving a computer logged on – particularly in the health services, government, and financial services sectors. Alternatively, CRYPTOCard’s newly-developed USB dongle token, that plugs straight into a computer’s USB port, enables organisations to provide users with smart card-like ease of use without incurring the expense of having to purchase smart card readers.

CRYPTO-Server 6.2’s other components include CRYPTO-Web, which protects Apache and IIS Websites down to the page level; CRYPTO-Kit, which provides developers with the tools to make it simple to integrate CRYPTOCard’s technology with existing security applications/systems; CRYPTO-Deploy, to facilitate the deployment and activation of tokens; CRYPTO-VPN, that makes it simple to provide authenticated access to third-party VPNs (e.g. Cisco, Checkpoint, Neoteris, and Nortel); and CRYPTO-Migration; which provides RSA Migration functionality that enables organisations to switch from an alternative system (CRYPTOCard’s tokens, with replaceable batteries, are deployed once and can be utilised indefinitely).

CRYPTO-Server 6.2 will ship for the Windows and OS X (Panther) server operating systems in the next few weeks. A five-user (all-you-need-in-1-box – the full server software plus five tokens) bundle will be available for $499. CRYPTO-Web for Apache will also be available for the Linux platform shortly. CRYPTOCard’s products are available from Tech Data and other distributors, integrators, and resellers throughout the world. For more information on CRYPTO-Server 6.2, please go to www.cryptocard.com, or visit CRYPTOCard at ApacheCon 2004 in Las Vegas.

About CRYPTOCard Corporation
Established in 1989, CRYPTOCard provides cost-effective Secure Password Technology to leading enterprises worldwide in the government, technology, aerospace, financial, telecommunications, and healthcare sectors. CRYPTOCard positively authenticates a user’s identity by coupling something in the user’s possession (a smart card, hardware token, or software token), with something the user knows (their PIN), and provides centralized authentication for all physical and network access regardless of network infrastructure or user location. CRYPTOCard’s partners include Microsoft (Nasdaq: MSFT), Apple (Nasdaq: AAPL), Cisco (Nasdaq: CSCO), Check Point (Nasdaq: CHKP), Citrix (Nasdaq: CTXS), Entrust (Nasdaq: ENTU), Oracle (Nasdaq: ORCL), Sun Microsystems (Nasdaq: SUNW), and Macromedia (Nasdaq: MACR). For additional information on CRYPTOCard, please go to www.cryptocard.com, or visit us November 15-17 at ApacheCon 2004.

For further information contact:
Barrie Desmond / Kira Hutchinson
Cohesive Communications
Tel: 0
Email:



Featured Articles

Tribal thinking in today’s IT
George Santayana once famously observed; “Those who cannot remember the past are condemned to repeat it.”. But when it comes to IT security, a better way of thinking might be; “those who fail to understand the impact of the past on their thinking may find themselves somewhat exposed”…

You can’t manage what you can’t see!
Security threats have grown more menacing with the appearance of the likes of Sober, Mytob, and Bagle. Along with the newer trends of spyware, phishing and key logging the implications of ineffective information security have become potentially debilitating to business operations and indeed strategy.

Endpoint Security: the biggest threat to your organisational flexibility
The development and execution of an endpoint security strategy is an increasingly important and urgent issue for businesses of all sizes. Many are executing – or wanting to execute - flexible working practices and organisation models that leverage contemporary technology.
Scan all company email for viruses, Trojans and worms with 4 virus engines, all in one package - GFI MailSecurity for Exchange/SMTP! Download your free 60-day trial today!

Check your website security with Acunetix Web Vulnerability Scanner. Audit your web applications for SQL injection, cross site scripting & more. Download trial!

Network Security Tools

SpyDefense
SpyDefense protects your computer against annoying, and harmful software such as Spyware, Adware, Trojan horses, etc. SpyDefense is anti-spyware software that prides itself on a very user friendly environment.


Proactive Security Auditor
Proactive Password Auditor is a password security test tool that's designed to allow Windows NT, Windows 2000, Windows XP and and Windows Server 2003-based systems administrators to identify and close security holes in their networks.


File Securer
File Securer is a powerful tool designed to protect your sensitive folder and personal file. With strong security, File Securer embeds the protect into windows system kernel, both on command mode and window mode, all work professionally.




What's up, IT? Blog

Phishing By The Numbers: 41,000 Blocked Sites in 2005
Top 7 PHP Security Blunders
The human factor and information security
Why I Love Vulnerability Analysis In 2005
IT security fear factor: Tape backups
Uncovering Cyber Flaws
State of the security mart
When the hardware gets smart
Security for SMBs
Four Security Resolutions For The New Year

Copyright © IT-Observer.com 2000 - 2006    Privacy Policy | RSS Feeds
Site Meter