Security and Authentication
InterMapper’s powerful and flexible IM AuthServer provides a number of access control methods and can be integrated tightly with a wide variety of enterprise solutions. Industry standard authentication/encryption methods are supported.
IM AuthServer checks logins against a company-wide directory, such as Active Directory, LDAP, Open Directory, Radius, IAS, Kerberos, and others to keep unauthorized people away from your network monitoring data.
The directory lookups supplement the names in InterMapper's built-in user/password database, to simplify the creation of accounts at organizations with dozens or hundreds of technicians.
IM AuthServer includes:
-
Single Sign-On - Once you configure InterMapper to use your company-wide directory, easily add/remove individuals that are allowed to access the InterMapper server, without having to manually change users' passwords.
-
Strong Passwords – Since you can't rely on your users to create strong passwords, InterMapper uses the central directory server to conform to company-wide strict password strength rules.
-
Company-wide Password Aging - By using an external directory, InterMapper is immediately brought into compliance on an organization's password aging policies.
-
Quick set up - A double-clickable installer and a short web-based wizard get you on the air fast.
InterMapper AuthServer checks login attempts against either the external directory or its internal database of names/passwords. If the user is marked as an external user, InterMapper checks against the external directory - LDAP, Active Directory, Open Directory, Radius/IAS. Otherwise, it looks at its internal name and password database. If the credentials are verified, then the login is allowed.
Security is built-in
InterMapper uses strong encryption (SSL), both on the user's connection from RemoteAccess to the InterMapper server, and from the InterMapper server to the AuthServer. The security of the connection between the AuthServer and your directory is configurable, and the AuthServer will always use strong encryption methods where available.
InterMapper can use the following authentication/encryption methods:
-
Kerberos version 5 with 3DES-CBC-HMAC-SHA1-KD, RC4-HMAC and others. Kerberos can be used with ActiveDirectory, OpenDirectory and more.
-
RADIUS/IAS with MS-CHAPv2, MS-CHAPv1 and CHAP
-
LDAP/ActiveDirectory with SSL and DIGEST-MD5
-
Group and user accounts allow or restrict access to network maps and data.
-
Read/write, Read-only, or no access is set on a map by map basis
-
Administrators have full access to maps, configuration settings and options
-
Use LDAP, Active Directory, Radius, IAS, Open Directory, Kerberos to authenticate users
|
