Enterprise Single Sign On for Sun Secure Global Desktop or Sun Ray

For Sun customers using Secure Global Desktop (SGD) or Sun Ray™ Connector for Windows OS to connect into Microsoft Terminal Server or Microsoft RDP Services, enterprise single sign on (ESSO) improves productivity by increasing ease of use and reduction or elimination of complex password policies.

Once a Windows session is established via SGD or Sun Ray Connector for Windows OS, the ActivIdentity SecureLogin SSO client automatically fills in the username and password to any Windows, Java, web or terminal emulator application running within the Windows session. This provides greater security through the addition of complex passwords, automation of changing passwords, reduced help desk costs and improved productivity of enterprise users.

The strong authentication capabilities of SecureLogin SSO make it the ideal choice for Sun customers looking to couple the productivity and cost saving benefits of enterprise single sign-on with Secure Global Desktop or Sun Ray Microsoft Connector.

Benefits

• Capture ROI with reduced help desk support costs, increased productivity, and increased user efficiency according to Meta Group and other analysts.
• Comply with mandates and government regulation for identity, privacy, policy enforcement, audit and authentication services
• Increase productivity and user experience as users need only authenticate once via a smart card, USB token or biometric in order to activate Single Sign On to corporate systems and applications. No need to remember or enter multiple passwords.
• Enhance security – user passwords are stored securely onto a pin protected smart card or USB token, and in the corporate directory (securely encrypted with the end-users PKI credentials on the device). For further security, the solution can be deployed so that users do not have knowledge of their own passwords.
• Ease of deployment – ActivIdentity SecureLogin SSO leverages existing sources of identity (such as corporate LDAP directories, Active Directory, or identity management repositories) and integrates with Sun Java System Identity Manager for automated provisioning and management of user accounts, credentials and devices.
• Future-proof – ActivClient also enables strong authentication for Windows / network login, Linux, VPN / Dial-up, web login, as well as data security and digital signature, and supports the widest range of smart cards, readers and USB tokens.

Standards compliance

• GlobalPlatform / OpenPlatform
• Java Card™
• FIPS 201 / PIV certified cards and applications
• FIPS 140-2 certified cards and applications
• FIPS 140-2 certified Hardware Security Modules
• LDAP 3.0
• SSL 3.0
• Section 508
• PKCS#7, #10
• Microsoft CAPI / Crypto API
• ISO 7816
• PC/SC
• PIV / FIPS 201
• CAC (Common Access Card)
• GSC-IS 2.1
• SNMP error and event monitoring supported
• Triple DES encryption protects credentials
• AES cyrptographic algorithm encrypts user data store (optional)

ActivIdentity products used in this solution

• ActivIdentity SecureLogin® SSO
• ActivClient™ (optional)
• ActivIdentity Smart Cards and Readers (optional)
• ActivKey® USB Tokens (optional)
• ActivIdentity SecureLogin Kiosk (optional)
• ActivIdentity SecureLogin® Password Reset Manager (optional)

Related ActivIdentity solutions

• Smart Employee ID
• Enterprise Single Sign On
• Secure Email for Mozilla® / Thunderbird® with Smart Cards

Solutions for Sun

• Strong Authentication
• SmartEmployee ID
• Enterprise Single Sign On
• with Sun Java System Identity Manager
• with Sun Java System Identity Manager and Strong Authentication
• with Sun Java System Access Manager
• for Sun Secure Global Desktop and Sun Ray
• Secure Email for Mozilla/Thunderbird with Smart Cards