EMBASSY® Authentication Server
Multifactor Authentication: TPM, Smart Card, Biometric and Password for Windows Environment
Strong server-based multifactor authentication
EMBASSY Authentication Server (EAS) provides centralized management, provisioning and enforcement of multifactor domain access policies. With EAS, authentication policies can be based on Trusted Platform Module (TPM) credentials, Smart Card credentials, user passwords and fingerprint templates.
All major PC manufacturers ship PCs with embedded TPM hardware. Embedded TPM hardware provides secure storage and secure transactions for PKI credentials. TPM-based authentication with EAS, combines secure hardware embedded client credentials for the client PC platforms with strong multi-factor credentials for the users.
Multifactor authentication without complexity
EAS from Wave Systems is seamlessly integrated with a Windows Domain controller and Active Directory. EAS supports powerful combinations of:
- TPM credentials
- Smart Card credentials
- Biometrics
- Passwords
EAS is transparent by design to an existing Microsoft network authentication implementation and is also integrated with the Microsoft management and reporting utilities.
EMBASSY Authentication
Server Technical Overview
Key Features
- Domain server for hardware-based multifactor authentication including:
- Biometric
- Smart Card
- Password
- Centralized validation of TPM, biometric and password credentials
- TPM-protected credentials for client PC platform authentication
- Streamlined Enrolment
- Integrated with Server 2003 and Active Directory
Key Benefits
- Strong control over who can access corporate resources. EAS adds multifactor authentication to existing Server 2003 infrastructure.
- Strong control over what PCs connect to the corporate network. EAS adds TPM based platform authentication to existing Server 2003 infrastructure.
- Simplified management. EAS provides centralized control of credentials and policies.
- Easy to install and easy to manage.
- Extensive auditing and logging capabilities.
- Standard Kerberos system 5.0 extensions.
- Compliant with TCG standards.
To purchase or for more information, please email us at sales@wavesys.com or call us at (877) 228-WAVE.
Technical Specifications
Server OS
- Windows 2003
Authentication
- Kerberos 5.0
- Up to 2048 Bits RSA signature
- Microsoft Active Directory
Factors
- PKI Certificates (Smart Card, TPM)
- Passwords
- Biometric templates
Management Console (MMC)
- Centralized management
- Microsoft GPO
- Role/group-based provisioning
- Microsoft event logger
Compliance
- Kerberos 5.0
- Challenge/response: ANSI X9.9
- Key Management: ANSI X9.17
- PKI X.509
- TPM 1.1, 1.2
Performance & Availability
- Integrated authentication load balancing for up to 50 servers
- Authentication transaction level balancing
- High availability; automatic failover for continuous uptime
- Purchase
EMBASSY Authentication Server
Multifactor Authentication: TPM, Smart Card, Biometric and Password for Windows Environment