Imprivata OneSign Authentication Management (OneSign AM) replaces Windows and remote access VPN passwords with a broad range of strong authentication options, including integrated management for VASCO DIGIPASS One-Time-Password tokens, finger biometrics, smart cards and building access cards. OneSign AM provides greater security through flexible user authentication management, whether accessed through the network locally, via remote VPN, or while working offline.

Imprivata OneSign is shipped as a hardware appliance pair - there is nothing else to buy, install or maintain. The power of OneSign is that it’s ALL in the box. You can seamlessly enable additional capabilities as your needs evolve - all with a simple license key.

Benefits for Imprivata OneSign Authentication Management

Hardened, appliance-based packaging

• Encrypted database
• Locked ports
• Hardened operating environment

Plug-and-Go

• Easy to install, configure, deploy and manage
• Built-in failover and redundancy
• Nothing else to buy, install or manage

Out-of-the-Box

• Choice of strong authentication options by user
• Simple and intuitive web-based administrative UI
• Built-in monitoring and reporting
• No change to existing infrastructure – directories, applications or workflow
• Seamless integration with OneSign Single Sign-On and Physical/Logical; simple license key upgrade

Lowest TCO

• Less than 50% of the cost of competitive solutions
• Minimal consulting/services costs
• Low end user training/support costs with no disruption to user workflow

Features for Imprivata OneSign Authentication Management

Broad Support for Strong Authentication

OneSign Authentication Management provides native support for a broad range of authentication options including:

• One-Time-Password (OTP) tokens (including built-in support for VASCO DIGIPASS OTP tokens)
• Finger biometrics
• Smart cards
• Building access cards
• Kerberos ]
• USB tokens
• ID tokens

Customers can offer their users choices that best suit their roles.  Strong authentication methods are available stand-alone or can be achieved by mix and match use of access cards with finger biometrics or passwords.  OneSign Authentication Management is designed to make deployment of authentication technologies easy, eliminating the need for third party authentication servers typically associated with implementations.  Users can even take advantage of pre-existing, low cost passive access cards as a familiar, easy authentication option without reissuing cards to users.

Built-in RADIUS Host for Remote Access Authentication

The OneSign appliance now contains a built-in RADIUS host for handling remote access authentication using passwords or VASCO DIGIPASS One-Time-Password tokens.

Built-in Support for Low Cost TouchStrip Fingerprint Scanner

OneSign provides native support for the new, low cost USB fingerprint readers that utilize the UPEK TouchStrip sensor, as well as the UPEK TouchStrip readers built into many laptop models including the Dell Latitude and IBM/Lenovo Thinkpad. Native support includes OneSign enrollment and seamless fingerprint identity matching.

Monitoring and Reporting

OneSign records all user events in a centralized log file, providing a reporting trail accessible to the administrator.  User events, including data on which users accessed the network and when, are collected and consolidated for centralized viewing and reporting.  Pre-established reports are easy to create and manage.