Data
Security
with MOBILEmanager®
MOBILEmanager®
Supplies Five Highly Effective Encoding
Technologies:
3DES
Twofish
AES DES
Blowfish
Twofish
DES
First of all, MOBILEmanager® can use existing key
management to integrate other encoding systems (that
may already be in place). This does not require
additional work. Products from third companies that
not only satisfy the latest standards but are also
evaluated and certified as per ITSEC or CC can also
be integrated easily. Beyond this, it can utilise
encoding methods coded with hardware (such as
PCMCIA, PCI or ISA cards or USB bars).
Finally, MOBILEmanager® supports common VPN
applications and RADIUS
authentications. It is compatible with modern
standards such as IPSec and common VPNClients
meeting maximum security requirements.
|
|
Five-Fold
Access Security:
MOBILEmanager® offers a wide range of mechanisms for
user and application authentification and
authorisation. The combination of these techniques
delivers a security system satisfying even the
highest requirements.
MOBILEmanager® makes sure that your sensitive
corporate data can be securely transmitted by mobile
radio.
1. Device Authentication:
A software serial number, die world-wide unambiguous
equipment number used for mobile communication
moduls (IMEI - International Mobile Equipment
Identity) and subscriber call numbers (CLI - Calling
Line Identity) of the connecting devices need to be
explicitly enabled on the MOBILEmanager®
gateway and will be checked during connection
establishment. This means that you can be sure that
stolen notebooks can't access the network.
Additional device data can be added to the
authtication matrix, e.g. system name, MAC addresses
of built-in network modules and CPU IDs.
2. Application
Server and Application Firewall:
The application server's IP address and an
application's port numbers and names can be
explicitly cleared or blocked, allowing you to check
individual application servers and applications.
Unknown software or additional software
installations, e.g. malware, will be blocked from
any data communication across networks.
3. Access
Rights Depending on Used Networks:
Applications may only transfer data across carrier
and provider networks for which they have been given
explicit permission. This feature allows to control
which application server is addressed under which
conditions and which applications shall be allowed
to use particular networks at all. Not registered
applications will be blocked all together. Thus,
data synchronisation can be handled different from
access to a specified file.
4. Secure
Runtime Evironment:
So-called individual plug-in modules check
presumption concerning the current status of the
mobile device like active firewall processes and
virus scanners and/or up-to-date software updates
and signature files before establishing any
connection to public data networks.
5. RADIUS (optional) (Remote
Authentification Dial In User Service):
Access is protected by password with a
log-in/password pair, meaning only authorised users
have access.
6. Minimization
of Access to the Corporate Network from public
data networks:
All data connectivity managed by MOBILEmanager® will
use one and the same IP port for all application
data that shall be provided for the corporate
network.
Furthermore, the patented protocol just applies
TCP/IP as the underlying carrier protocol.
MOBILEmanager® does not use the TCP/IP protocol data
in any way; the data session is handled
independently. And so, the corporate network is
complete separated from the public networks.
|