Create single access
point to web applications

The solution based on Axidian Access creates single access point to corporate web applications

Task
Solution
Technical parameters

Task

Many companies today are seeking to make the most of the wide variety of digital resources. As part of this agenda, they focus on developing internal services such as corporate web resources. These resources have a major advantage in that they are available through any browser both from inside and outside of the corporate IT perimeter.

In addition, web applications are usually easier to develop compared to custom desktop applications. With a variety of ready-made templates and services available online, the only thing you need to do is insert relevant corporate data, in other words, customize your design and add your content. Many technical solutions and services today commonly implement user interfaces in the web application format.

But the ease of use comes at a price: studies show that on average, web applications are more vulnerable to cyberattacks compared to desktop applications. This is why many cyberattacks today have public and internal web resources as their target.

One of the main threats here lies in the fact that web applications continue to rely on passwords, a vulnerable authentication method, both for local and remote sessions.

The use of password-based authentication for remote sessions has a number of important disadvantages.

There is always a high risk of password theft (by using data interception, social engineering techniques, etc.) when intruders gain illegitimate access to your web resources on behalf of your employees.
Password theft is hard to detect, which reduces the overall efficiency of cyberattack response.
Users may sometimes disregard password security requirements in terms of password length, mandatory characters, and rotation.
A forgotten password may result in workflow disruptions until your IT/IS administrator resets it.

All these flaws can be addressed by using strong authentication tools, such as digital certificates, one-time passwords, biometrics, etc.

However, not many web applications can support other types of authentication besides passwords. And even when they are supported, the two most common options are digital certificates (individual certificates required for each web application) and external user accounts (Google, Yandex, Microsoft, etc.), which may disagree with your organization’s policy.

More often than not, web resources may also have their own user database and authentication data. Regular users may find it hard to meet all password security requirements, especially when they have to use separate user accounts for different web services. We should also keep in mind that users are forced to authenticate every time they need to sign in to access your corporate web resource, which may be a nuisance.

Different kinds of software relying on the Web Single Sign-On technology are commonly used for ensuring secure unified authentication across all corporate desktop and web applications. Additionally, a specialized solution, Two-Factor Authentication (2FA) Provider, may be used. Such software suites are your best choice for building a unified strong authentication system encompassing all your corporate web services.

Solution

If your goal is to have a centralized access security and control system, the first thing you need to do is integrate your Web Single Sign-On platform with all the target resources.

The Axidian Access platform supports the following protocols for web app integration:

SAML
ADFS
OpenID Connect

Axidian Access offers Web SSO technology for the above protocols. Whenever Web SSO is used, users can sign into one corporate web resource and then open a personal page on another web resource without having to go through authentication once again.

In addition, Axidian Access includes a specialized module that can be installed on the Microsoft Internet Information Services server.

The following strong authentication tools can be used for building a secure remote access system:

One-time passwords (OTPs) sent by email, SMS, or via a Telegram bot
Push authentication
Mobile applications serving as OTP generators
Hardware OTP generators

Axidian Access supports different types of strong authentication that can be customized for different user groups and target web resources. This means you can set up the right list of authentication tools for each employee group, depending on whether or not and to what extent they need access to critical web applications.

In addition, the Axidian Access platform can be used for neutralizing all attacks aimed at sabotaging your company’s operations. In this case, intruders may use a public page of your corporate web resource to intentionally enter incorrect passwords, causing the corresponding domain account to be blocked. But what gets blocked in the course of such cyberattacks is the authenticator rather than the actual user account.

Technical parameters

User directories

Active Directory

Target systems

Microsoft Internet Information Services
Web applications

Integration mechanisms for target applications

SAML
ADFS
OpenID Connect

Strong authentication technology for secure remote sessions

One-time passwords (TOTP/HOTP)
Push authentication

Strong authentication tools for secure remote sessions

Mobile applications serving as OTP generators (Axidian Key, Google Authenticator, and other apps that support HOTP/TOTP protocol)
Hardware OTP generators (eToken PASS and others that support HOTP/TOTP protocol)
The Axidian Key app used for generating OTPs and push authentication
OTPs sent by email, SMS, or via a Telegram bot

Get the budget estimation of your project

GET QUESTIONNAIRE

Best practice solutions

Replace passwords with biometric authentication

Implement two-factor authentication based on smart cards

Create a single access point to the corporate applications

Access information systems with RFID cards

Secure remote access to corporate resources

Implement centralized authentication management

Create a single access point to the corporate web applications

Meet the PCI DSS requirements

Finance

Telecom

manufacturing

Retail

government

Transport

Andy Woo

Regional Director of Pacific Tech

At Pacific Tech, we are continuously evolving and bringing new solutions to our partners and customers in the region. We are delighted to be partnering with Axidian. With Axidian, we found a comprehensive access management solution which perfectly complements the growing population of Singapore work-from-home workers. As a leading cyber security solution provider, this strategic partnership is perfect for our two companies.

KC KuppingerCole Report

Executive view

Axidian’s innovative approach towards designing its whole product portfolio as a highly modular open application platform allows the customers to pick and choose the modules as needed and grow in the future as their business needs expand. Even out of the box, Axidian CertiFlow provides comprehensive yet convenient management capabilities for both administrators and end users.

Michael Bürger

Founder & Sales Partner at EU-HUB Network

Since approximately 5 years now I’m working with Axidian quite successfully. First as my vendor client and next as a trusted innovative software partner. Now we are re-selling Axidian software as a Distributor for the EU and beyond. Often I met Axidian CEOs, CTO, Product Management, Partner Managers and System Engineers, on the the phone and even in person in London and Munich and always my feeling was that this is are smart people, an excellent organized company, straight forward thinking and | don’t have any doubt that together we will be very successful this decade in the 2020s on everything we target.

Leo Querubin

Executive Director for Business Development of Pointwest Technologies Corporation

The products of Axidian, like Axidian Access, a software for strong and multi-factor authentication (MFA), can provide the structural changes that force everyone to follow necessary cybersecurity procedures. Customers get the best of both worlds — the world-class cybersecurity products of Axidian and the experience and expertise of the local cybersecurity landscape of Pointwest.

Volkan Duman

Information Technologies General Manager at vMind

As a result of the long-term laboratory tests and studies that we conducted, we believe that Axidian products should certainly be on the Turkish market. Thanks to our partnership with Axidian, we sought to expand the access control and certificate management market, which is located in a narrow profile in the country, as well as add value by transferring technology to our country. When we compare Axidian products with similar products, we can safely say that they contain much more different features and are more inclusive.

Marko Pust

Director of OSI.SI

We have a long partnership with Axidian for more than 2 years already. I can confidently say that Axidian CertiFlow is one of the best and technologically enhanced products for managing digital certificates and smart cards on the EU market. This product has a number of unique features such as Client Agent and Axidian AirCard Enterprise network-attached smart card that are highly valued by our customers. One of the customers said that Axidian CertiFlow brought automation and visibility to their PKI life.

Heng Lie

Director of Synnex Metrodata Indonesia

I believe that Axidian Access is an excellent solution for many of our clients. It manages access to all information systems of the enterprise and protects companies from internal and external cyber threats. It is a flexible platform combining different authentication scenarios and methods.

Sergey Yeliseyev

X–Infotech Owner, Business Development Director, Government eID solutions

Axidian is the company of professionals in the field of information security. They provide top-level solutions for PKI management and access control to corporate resources. We recommend this company as a reliable partner.