TeamF1 : Products : AuthAgent Family :

The AuthAgent Family

The AuthAgent family of products is a set of authentication protocol implementations that can be used either standalone or easily glue in to various network and system security protocols.

Most modern network and system security protocols utilize strong encryption techniques to safeguard data from unauthorized access. In the case of network security protocols, data in transit is protected. In the case of system and data security mechanisms, the connected network node, or the data residing within a system is protected respectively. However, in order for this protection to be truly effective, there needs to be a strong method of differentiating between authorized and unauthorized access i.e. for a node or a user to prove that it is the entity it claims to be. In the absence of such a mechanism, strong encryption can be bypassed simply by an unauthorized entity masquerading as an authorized one. To facilitate this "proof" of identity, it is common to use authentication mechanisms that may already exist in the enterprise so that connected embedded devices can fit in without the need for specialized administration.

AuthAgents enable this by providing flexible authentication methods that can be used stand-alone with the embedded application, or in conjunctions with other security protocols that allow for configurable authentication.

AuthAgent X.509

AuthAgent X.509 is an implementation of public key and digital certificate authentication for embedded devices. It is designed for use as an authentication mechanism for various network security protocols and also as a standalone authentication agent that can be used by embedded applications. It provides the ability to validate certificates issued by a trusted Certificate Authority (CA) and includes advanced features such as certificate generation and revocation. Given its small footprint and ability to scale out optional features, AuthAgent X.509 is ideally suited for use in embedded environments.

AuthAgent Kerberos

AuthAgent Kerberos is an embedded implementation of the Kerberos V authentication protocol (RFC 4120) for client agents and network services running on embedded platforms. Being fully interoperable with Unix� Kerberos Key Distribution Centers (KDCs) and Microsoft� Active Directory Services in Windows� servers, it allows for seamless secure authentication in heterogeneous environments. With Kerberos becoming a preferred authentication mechanism for several network security protocols and a required part of several industry specifications, AuthAgent Kerberos provides a convenient way to add highly-secure authentication to embedded devices.

AuthAgent RADIUS

AuthAgent RADIUS is a lean-footprint embedded implementation of the Remote Authentication Dial In User Service as specified by RFC 2865. It relies on a client/server mechanism to carry authentication, authorization and configuration information between a service which needs to grant privileges, and a shared server that has the user and node information required to decide whether such privileges should be granted. It facilitates the use of a server based non-embedded user database with centralized user and configuration administration that is very easy to use with a provisioning system such as an OSS (Operational Support System).

AuthAgent TACACS+

AuthAgent TACACS+ is a lean, embedded implementation of the Cisco TACACS+ protocol as specified in TACACS+ RFC draft (draft-grant-tacacs). It implements the client side of a client/server mechanism to carry authentication and authorization information between a network service granting privileges and a shared server that has the centralized user and node information required to decide whether such privileges should be granted. When used in conjunction with protocols that secure the network path, AuthAgent TACACS+ provides a powerful, yet simple mechanism to authenticate and authorize access to VPNs, gateway devices, dial-up concentrators, Ethernet switches and wireless networks.