Jump to content Japan - English

Software(Japanese)  >  Security(Japanese)

IceWall SSO

What is IceWall SSO? > IceWall SSO's Unique Features
»

IceWall SSO

What Is IceWall SSO?
» What is Single Sign-On?
» What is IceWall SSO?
» Benefits
» Basic Features
Product Specifics
» Basic Architecture Diagram
» Operating Environment
» Reference Price
» Options
» FAQ
» Case Studies
» White papers
» Online Demo
» Support
» Implementation Services
» Contact Us
Related Products
» IceWall Federation
» IceWall Remote Configuration Manager

IceWall’s Office 365cloud Federation
(Last Update : 2012.4.26)

»What is Single Sign-On?

»What is IceWall SSO?

»Benefits

Basic Features

»  Basic Features
  IceWall SSO's Unique Features

Scalability

Fast authorization IceWall SSO can scale to process more than 10,000 hits per second from one million concurrent logged-in users.
High speed IceWall server Agent and MCRP combinations enable a single IceWall server to process more than 1,000 hits per second.
Distributed authentication modules You can have authentication modules distributed across your environment. The existence of multiple authentication servers enables load balancing, providing higher throughput and scalability.
IPv6 ready IceWall SSO provides support for IPv6, the next generation Internet Protocol.

Availability

Full duplication All the modules can be fully duplicated.
Session continuity under failure conditions User sessions will be maintained even when one of redundant IceWall servers or authentication servers goes down.
Access-only threads IceWall SSO provides you with the ability to configure an arbitrary number of request threads that do not require connection to the database. This way you can set up "access-only threads" used to temporarily store authentication credentials such as user IDs and passwords so that the system can continue to process access requests even when the authentication database that stores these credentials goes down.
Non-stop maintenance IceWall SSO allows you to reconfigure the authentication modules without any disruptions to the authentication server.

Security

ISO15408 certified The security implementation in IceWall SSO has been granted the ISO15408 certification by the International Organization for Standardization.
Interaction with a wide range of other authentication methods IceWall SSO can easily interact with a broad range of authentication solutions such as OTP (one-time passwords) and finger vein authentication systems.
Transaction IDs IceWall SSO provides you with the ability to implement "transaction IDs" that can be used to log and track the actions of each user during an access attempt. This allows you to, for example, quickly perform failure analysis by referencing the transaction IDs.
ICP2.0's built-in support for the HTTP interface The ICP (IceWall Cert Protocol), a protocol designed specifically for IceWall SSO, provides support for the HTTP interface. It allows a customized application to use the authentication server. You can use HTTPS (SSL) to communicate from a remote site such as hosted on cloud and therefore can easily secure authentication information.
High level encryption of communications with agents IceWall SSO provides you with the ability to encrypt the communications between the IceWall server and agents.

Web

SHA2 support for passwords and high level encryption of columns IceWall SSO provides you with the abilities to protect passwords stored in the authentication database with SHA-2 and encrypts column values in the authentication database. All these provide secure management of critical information stored in the authentication database.
Support for a variety of connection methods IceWall SSO provides support for a variety of Web application connection methods including HTTP header based authentication, Basic authentication, form authentication, and so on.
Support for original URLs
(support for Apache Virtual Host)
You can use IceWall SSO in conjunction with the Virtual Host function of an Apache HTTP server in order to ensure that URLs used to access existing Web application servers remains intact.
Display of multiple-language file names IceWall SSO provides an enhanced ability to display multiple-language file names leveraging the URL encoding scheme specified in the corresponding RFC.
HTTP header control IceWall SSO provides you with the ability to add or delete request and response headers on a basis of each back-end Web server.

Flexibility

Open and well-documented structure of the authentication database Thanks to its open and well-documented structure, the authentication database can be accessed and queried even from external applications. In addition, you can use an existing database as the authentication database of IceWall SSO.
Customizable password encryption method and session ID generation logic IceWall SSO provides you with the flexibility to implement your own custom encryption method or session ID generation logic.
Open and well-documented message communication protocol The latest version of ICP (IceWall Cert Protocol), the message communication protocol used between the forwarder and authentication modules has been released along with an open and well-documented specification. You can implement this specification to gain unprecedented flexibility in creating your own environment by for example, creating your own custom authentication client, exchanging information specific to your environment and implementing your custom encryption method.
Customizable HTML based screens You can customize all of the screens generated by IceWall SSO including the login prompt.
» Back to the top of this page
Printable version
Privacy statement Using this site means you accept its terms  
Please note: all of the links on this page navigate you to pages in Japanese.