representative
contact me
Three years before news stories of lost data were commonplace, we committed to whole disk encryption on all our laptops and field office computers. The decision is paying for itself many times over with saved notification costs, brand reputation, and by living up to our customer promise of protecting their identity and confidential information.
Pat Lefemine, Chief Information Security Officer, Lincoln Financial Group.
GUARDIANEDGE ADVANCED AUTHENTICATION
Extend Data Protection with Strong, Multi-factor Authentication
Many organizations require a more secure way to authenticate users during log-on and before accessing data on PCs, laptops, removable storage devices, and removable media. A multi-factor authentication solution meets this need by requiring users to both know something (their ID and password) and have something (a physical identifier like a smartcard) before granting access to systems and encrypted data.
GuardianEdge™ Advanced Authentication provides multi-factor authentication for GuardianEdge Hard Disk Encryption, GuardianEdge Encrypted Drive Manager and GuardianEdge Removable Storage Encryption:
- When used with GuardianEdge Hard Disk Encryption or GuardianEdge Encrypted Drive Manager, it extends the security of user log-on with multi-factor authentication to protect access to encrypted data stored on fixed disk drives
- With GuardianEdge Removable Storage Encryption, it enables the use of multi-factor authentication to safeguard access to data stored on removable storage devices and removable media
By deploying GuardianEdge Advanced Authentication organizations can:
- Use Smartcards/Common Access Cards/PIV Cards to extend user authentication
- Employ X.509-compliant cards readers and tokens
- Add strong multi-factor authentication for user login with GuardianEdge Hard Disk Encryption and GuardianEdge Encrypted Drive Manager as an additional layer of protection for data stored on laptops and desktops
- Expand access protection for encrypted data stored on removable storage devices and removable media controlled by GuardianEdge Removable Storage Encryption
- Additional protection for data on laptops and desktops with authentication using smartcards (including CAC or PIV cards) before access to Windows is granted
- Safeguard data on removable storage devices and media with multi-factor authentication access control
- Extensive support for cards, readers and tokens
Supported Readers
Embedded Readers
- Dell E4200 (Broadcom Corp. 5880)
- Dell E6400 (Broadcom Corp. 5880)
- Dell M6400 (Broadcom Corp. 5880)
- Dell D410 Embedded Reader (TI PCI GemCore Based Smart Card Controller)
- Dell D420 / D430 Embedded Reader (O2Micro OZ776 USB CCID Smartcard Reader)
- Dell D600 Embedded Reader (O2Micro 02711EC1 PCMCIA/Smart Card Controller)
- Dell D610 Embedded Reader (TI PCI GemCore Based Smart Card Controller)
- Dell D620 Embedded Reader (OZ6912 /601/711E0 CardBus/SmartCardBus Controller)
- Fujitsu 4210—O2Micro OZ711MP1/MS1 MemoryCardBus Controller
- Fujitsu 4215—O2Micro OZ711MP1/MS1 MemoryCardBus Controller
- Dell D630—O2Micro OZ711EZ1 MemoryCardBus Controller
- Dell D820—O2Micro OZ711EZ1 MemoryCardBus Controller
PCMCIA Readers
- HP SCM SCR 243 PCMCIA
- Axalto Reflex USB v2, Reflex 20 PCMCIA v2 & v3
- ActivIdentity PCMCIA
- SCM SCR 201, SCR 241, SCR 243 PCMCIA
USB Readers - All CCID-compliant USB smart card readers including the following:
- ActivIdentity USB Reader 3.0
- Axalto Reflex USB v3
- Dell SK 3106 keyboard w/ SmartCard reader
- GemPC Express, Pinpad*, Twin
- SCM SCR3311 USB Reader
*Computer keyboard must be used. to enter PIN
Supported Cards and Tokens
PIV I/PIV II Data Model
- Athena IDProtect Duo PIV
- Gemalto SafesITe PIV TPC DM
- Oberthur PIV End Point Dual Interface Smart Card
GSC-IS 2.1 Data Model
- Axalto Cyberflex 64K v1
- Axalto Cyberflex 64K v2c
- Cyberflex Access 64K v1 SM4.1
RSA Data Model - All with RSA data model including:
- RSA SID800
- RSA Smart Card 5200
CACv2 Data Model† - All with CACv2 including the following:
- Axalto Access 64K v2, Access Cyberflex 64K v1 SM4.1
- Gemalto Cyberflex Access 64K v2c, GemXpresso 64K R3 FIPS V2#2
- Oberthur CosmopolIC 32K V4, 64K v5.2 Fast ATR, 64K v5.2 Fast ATR (dual)
- Schlumberger Access Cyberflex Access32K V2 SM7.2
Aladdin Data Model (all from Aladdin)
- PRO Javacard 72k, NG-OTP 32K, NG-OTP 64K
- PRO 32K, PRO 64K
†Single Sign-On is not supported, cards must be inserted into reader
PKI Environment Support
- Supports X.509-compliant Public Key Infrastructure systems
GuardianEdge Data Protection Platform Integration
- Single Management Console: Provides a single, Active Directory integrated management console for administering the GuardianEdge suite of endpoint data protection controls
- Shared Services: Shared security and management services across data protection applications
- Auditing and Reporting: Unified auditing and reporting environment
- Lightweight client environment: Single sign-on integration; secure client/server communications; minimal to no intrusion into existing user workflows and operation
Active Directory Integrated Administration and Management
- Tight integrated with Active Directory enables GPO-based policy deployment
- Easily scales to meet enterprise requirements
- Role-based policy administration
- Detailed audit records to verify policy enforcement
Key/Password Administration and Recovery
- Simple and secure administrative access to encrypted PCs in the event of lost tokens or passwords with self-service or admin-assisted recovery
- Central master certificate (private key) digital certificate based recovery of encrypted data on portable media devices
