Aladdin eToken Management System for eToken PRO, eToken OTP and SmartCards

Aladdin eToken Token Management System

The Aladdin Token Management System (TMS™) is a robust management system that enables the deployment, provisioning and maintenance of all eToken devices, including security tokens, smartcards and ID badges, within an organization. It supports a comprehensive range of security applications such as network logon, VPN, web access, one-time password authentication, secure e-mail, data encryption and many others.

One of the main challenges in managing security in an enterprise is connecting the users, their security devices, and the organizational rules to the associated security applications. The Aladdin TMS provides a unique solution linking all above components into a single automated and fully configurable system, removing the barriers to the implementation of these security services - in particular those that rely on PKI technology.

TMS provides powerful tools so that you can cost-effectively and conveniently handle all aspects of token life cycle management. TMS capabilities include token deployment and revocation, web-based user self-service token enrollment and password reset, automatic backup and restore of user credentials, handling of lost and damaged tokens, and much more.

TMS has an open, standards-based architecture, based on configurable connectors for integrating with a wide variety of security applications. Recognizing the inherent complexity and the needs facing network and IT managers charged with managing user and security services, Aladdin developed its TMS based on the proven Microsoft Active Directory framework. Although based on Active Directory, TMS can also be operated in a stand-alone mode, allowing the organization to use any standard user management system.

Features : Token Enterprise Suite

eToken PRO smartcard authentication devices
eToken NG-OTP hybrid USB token with one-time password functionality
ID badges, proximity, and magnetic stripe add-ons
Secure storage of private keys, credentials, and certificates
Standard connectivity for multiple business applications (CAPI, PKCS#11)
Support for a wide range of security solutions including secure network access, PC and data security, and password management

TMS

Full life cycle management capabilities, including token deployment and revocation
User self-service token management capabilities
Local and remote web-based enrollment and maintenance of devices
Automatic, secure backup and restoration of user keys and credentials
Handling of lost and damaged tokens
USB and smartcard personalization support
Built on Active Directory technology; full support for any LDAP-compliant user repository
Open, standards-based architecture with configurable connectors
SDK for integration and management of thirdparty security applications

Benefits

Enables easy and robust use of tokens within the enterprise
Provides native support for the existing organizational user repository
Reduces identity and password management costs via enhanced management of user keys and access profiles
Removes barriers for the implementation of many security services, in particular those relying on PKI technology
Open architecture enables adding support for new applications and Tokens

Fast and Easy User Management

Using the TMS, an administrator simply needs to mark a user or a group of users in the Active Directory Users and Computer View, and then implement a simple enrollment request. The TMS will automatically check which applications (connectors) have been allocated to this group and either create credentials (i.e. keys, certificates and password profiles), or request them from the appropriate service on behalf of the users. They are then automatically loaded onto the token.

Flexible Support and Implementation

TMS has an open architecture that enables flexible connectivity to almost any external service or system - standard or proprietary - requiring interaction with a token or smartcard, via a set of APIs. Different connectors can be implemented by way of these APIs. For example, TMS connectors can be created to support PKI RAs (Registration Authorities), firewalls, or VPN applications, or to implement user specific functions. IT managers need not have deep knowledge of the particular application. TMS does this for them.

Token and Smartcard Life Cycle Management

Aladdin TMS also enables device life-cycle management, support for proximity coil and magnetic stripe data, photo ID imprinting, user help desk support (like unlocking a forgotten PIN), and software deployment to users’ desktops or laptops. All this is done without the need to implement separate user management systems and with minimal need to educate administrators already familiar with Microsoft Active Directory. TMS offers a customizable web-based GUI for administration and user support.

Aladdin eToken PRO

The Aladdin eToken PRO USB form factor smartcard provides two factor authentication at pre boot when used with SafeGuard Easy. The tokens can be managed using the Aladdin Token Management System together with the Utimaco TMS SafeGuard® Plugin, together this provides a seamless way to manage SafeGuard credentials in an Active Directory environment.

Aladdin eToken NG-OTP

The recent introduction of the new Aladdin NG-OTP token combines the tried and trusted USB form factor smartcard together with a One Time Password generator. When used with the Token Management System (TMS) this token delivers a more easily managed, better integrated, more cost effective and future proof solution for identity management than the traditional alternative.

Aladdin TMS