Page 1

LSE Leading Security Experts GmbH – Product Information

LSE Radius GINA / Credential Provider

Mobility and security are the essential challenges with the integration of terminal server environments. Some processes are certainly secure, but only offer restricted mobility—imagine the classical Smartcard, which requires a local reader attached to the computer used and the installation of the corresponding reader driver.

Operating System Login with One-time Password (OTP) To be able to logon to a local computer with Windows XP or Windows 7 or a Windows Server 2003/2008 by means of one-time passwords, requires a RADIUS extension, which accepts the OTP-value transferring it to validation. In the case of Windows XP and Server 2003 the LSE Radius GINA takes on this task, which either replaces the Microsoft GINA or can be cascaded upstream. In a terminal server environment the complete exchange of the Microsoft GINA should be taken into consideration. The RADIUS extension enables the flexible and secure implementation of simple and complex logon processes and supports redundant and highly available designs. In a Windows 7/Server 2008 landscape, instead of the GINA, the Microsoft Credential Provider is used. Its counterpart is the LSE Radius Credential Provider. Compared with the LSE Radius GINA the LSE Radius Credential Provider has been extended by a function which, providing a corresponding configuration, enables an administrator to logon to a user session with an administrator OTP-token without having the OTP-token of the user. With LSE Radius GINA and a management system such as LSE LinOTP or SafeNet SAM (SafeNet Authentication Manager) you receive a simple to administer One-time Password authentication solution for your terminal server environment or Windows XP/ Windows 7 clients.

LSE Leading Security Experts GmbH

Robert-Koch-Str. 9 · 64331 Weiterstadt · Germany Schleissheimer Str. 4 · 80333 Munich · Germany

Characteristics of LSE Radius GINA and LSE Radius Credential Provider ▪▪ GINA Replacement for Windows XP and Windows Server 2003 (can be operated as a complete GINA replace­ment or as an interlinked GINA – pre-authentication) ▪▪ Credential Provider for Windows 7 and Windows Server 2008 ▪▪ One-time passwords with any OTP-Token e.g. from SafeNet, RSA, Vasco etc. ▪▪ RADIUS Support ▪▪ Microsoft IAS Support ▪▪ Multi-Domain Support ▪▪ Multi-Server Operation ▪▪ Round Robin/Realms ▪▪ Load Balancing /Redundancy ▪▪ Support for domain-wide Rollout ▪▪ Supports the logon as a second user (LSE Radius GINA) or administrative logon (LSE Radius Credential Provider)

Phone: +49 6151 86086-277

rev3/EN/2013 © LSE Leading Security Experts GmbH

Secure radius-authentication with one-time passwords (OTP) on Windows and on the Terminal Server

LSE Radius GINA / Credential Provider