Ediport: SafeGuard LANCrypt

Products:

  products
  EDI products
  PKI products
  Meta directory products
Mail products

Contact

Ediport Ltd.
Phone:
+36-1-392-22-40
Fax:
+36-1-392-25-71
Email:
ediport@ediport.hu
Our other weblinks:
www.ediweb.hu
www.notebookvedelem.hu
www.internetszolgaltatas.hu

SafeGuard LAN Crypt

Wherever sensitive or valuable data are stored, handed over or exchanged in companies and institutions, SafeGuard® LAN Crypt ensures the necessary level of security. For files which are stored locally and also on file servers and Terminal Servers, SafeGuard® LAN Crypt offers access protection by a multi-stage encryption. Now, security concepts can also be realized in a faster and simpler way for divisions, work groups or company wide.

The Challenge

Networked PCs are widely accepted in organizations as, with the help of modern IT concepts, many of today's business processes are carried out faster and more reliable than before. This way, confidential information is combined at networked workstations: customer and personnel data, research results, self-created software, ad hoc re-leases etc.
But this company-internal information is much sought after. For many years already, most studies on IT security threats have shown that, in most cases, the attackers come from the organization itself. These dangers are not reduced by a return to a central data management in Terminal Server environments. What is actually asked for is a security solution, which adapts to the changing IT structures and gives access to sensitive data to authorized user groups only. Unauthorized persons, e.g. administrators, will not be able to access the data.

The Product

   SafeGuard® LAN Crypt is a matured solution for data security. It fulfils the requirements of IT managers, security administrators and users in terms of adaptability, security and transparency. SafeGuard® LAN Crypt regulates the access rights of users and groups by key profiles. On the bas-is of his profile, every user gets an individual "key ring". By this unique combination of keys to be used individually and commonly, only authorized users are able to read files in plain text. Unauthorized persons will only see encrypted, illegible data.
    As the allocation of keys is regulated centrally, users cannot read or change the security concept. This way, the highest level of data and operation security is guaranteed. By the role concept realized in SafeGuard® LAN Crypt, it is also possible to separate system and security administration. Only the SafeGuard® LAN Crypt administrator has the right to allocate keys for files and directories. In spite of unlimited access rights, the system administrator has no possibility to read files, which have been encrypted before.

Scalable Data Security for User Groups
    SafeGuard® LAN Crypt offers organizations the best file security possible for the internal electronic workflow. But also when exchanging data with external personnel, e.g. consultants and certified accountants, the confidentiality of data is guaranteed. This way, the program is scalable from small temporary teams over divisions, management levels (e.g. R&D, board of directors) and project teams up to organization wide use. It offers any feature for the large area use in companies and institutions.

Simple Integration and Administration
   SafeGuard® LAN Crypt integrates smoothly into the operating system and existing IT infrastructures. The software and key profiles can be distributed automatically with the help of the Microsoft's administration concepts (Active Directory etc).
   The central administration of SafeGuard® LAN Crypt makes the assignment of keys to users and their profiles simple, but still offers detailed setting options to be able to realize complex security policies as well. For experienced administrators, the distribution and activation (roll-out) is quite simple; even with more extensive installations.

High User Acceptance by Transparency
   SafeGuard® LAN Crypt remains invisible to the user. Encryption and decryption of files are done transparently in the background, according to the security administrator's definitions. Thus, a high user acceptance is guaranteed.

The Characteristics

Comprehensive File Security
   SafeGuard® LAN Crypt can be used very flexibly as it protects sensitive data on local hard disks, removable and mobile storage media, but also on network drives of Microsoft, Novell, Unix and Linux servers.
   As the data is only encrypted and decrypted on the workstations, no performance loss is caused on the file servers by the encryption. For this reason, the files are automatically protected from reading and manipulation by SafeGuard® LAN Crypt even when transferred within the local network (LAN) and, above all, also in increasingly spread wireless environments (WLAN).
   SafeGuard® LAN Crypt is also excellently suited for the use at Terminal Servers and offers efficient protection here as well.

Secure Encryption
    By strong encryption algorithms, SafeGuard® LAN Crypt protects from unauthorized access. For this, several algorithms with up to a 256 bit key length are available. The software uses Microsoft' Crypto API interface and therefore can be flexibly extended by any smart card and USB token. By X.509v3 certificates, Safeguard® LAN Crypt can clearly authenticate the users.

Use of Standard Interfaces Reduces Operating Costs
   If necessary, the required X.509 certificates will be self-created, if SafeGuard® LAN Crypt is not connected to a Public Key Infrastructure (PKI) which is able to generate these certificates. With the interfaces for the software distribution and remote maintenance, it is easy to handle for administrators and the costs for rollout and the current operation remain low.

    SafeGuard® LAN Crypt offers comprehensive security for files on mobile devices, servers, networks (LAN/WLAN) and PCs. Thus it meets all requirements in terms of flexibility, security and transparency.

System Requirements

Platform
   PC with Intel Pentium or compatible processor

Operating System
        • Microsoft Windows NT version 4.0
        • Microsoft Windows 2000
        • Microsoft Windows XP Professional

Supported File Server Operating Systems
        • Microsoft Windows
        • Novell Netware
        • Linux, Unix (Samba)

Supported Terminal Servers
   Microsoft Windows NT Terminal Server, Microsoft Windows 2000 Terminal Server Support of Citrix Metaframe

Special Product Features

Administration
Installation and configuration by Windows mechanisms (Active Directory group policy objects or system policies) or Novell Networks.

Supportable Media
Hard disks, network drives, floppy disks, CD-ROM, Zip, USB drives etc.

Security Features

Authentication
   X.509v3 certificate-based user authentication

Encryption
   DES 56 bit, 3DES 168 bit, IDEA 128 bit, AES 128 and 256 bit

Hash
   MD5, SHA-1, SHA-256

Standards/Protocols
   PC/SC, PKCS#12, CSP

Token
   Smart cards, USB token

Interaction

Utimaco Safeware Products
SafeGuard® Advanced Security SafeGuard® Biometrics as add on enables fingerprint authentication

Third Party Products
Integration of Microsoft Crypto API: Cryptographic Service Providers (CSP) can use any third party RSA-able component used for the user authentication (e.g. Smart cards and USB tokens).

PKI products:

	PKI systems

	Authorized systems with PKI:
	digital signature securized client (MS,Notes,SAP)
	digital signature securized web
	computer protection
	network protection
	internet protection
	PKI toolkit

	disk, notebook protection
	palmtop protection
	biometrics
	cards, card readers