SafeNet eToken Virtual Product Brief
SafeNet eToken Virtual
Certificate-Based Two-Factor Authentication in a Software Authenticator
eToken Virtual is software-based two-factor authentication security solution that provides full PKI functionality for secure remote access, network access, and digital signing.
eToken Virtual works with eToken PKI Client and eToken TMS to provide a fully managed software smart card implementation with the security benefits and functionality associated with a hardware-based smart card. Just like the hardware-based eToken PRO, the eToken TMS can include PKI key pairs and certificates, as well as single sign-on profiles.
eToken Virtual’s security features ensure a high degree of software-based security and integrity:
- AES Encryption – Keys and certificates can be securely created and stored in eToken Virtual, ensuring they are never exposed to an unsecured computing environment. The contents of eToken Virtual are separated into public and private. Public contents are openly available, and private data is encrypted using the AES 128 algorithm.
- Device Locking - The contents of eToken Virtual are locked at time of provisioning to a specific storage device or to the PC in use. Once locked, neither eToken Virtual nor its contents can be copied to a different storage device.
- Policy Data Signing – eToken Virtual enforces password complexity according to organizational policies. To prevent tampering, the policies are digitally signed using the RSA 2048 key.
- Memory Protection – eToken Virtual is always stored in non-swappable memory to prevent content being written to disk.
- Key Deletion - Before deleting an eToken Virtual file from the file system, all the private data is replaced by random data and rewritten to disk to ensure no trace remains.
Management: eToken TMS 5+
Security Application: eToken PKI Client 5+
- Windows XP / Windows Vista / Windows Server 2003 / Windows Server 2008 (32-bit and 64-bit)
- Mac* OS X 10.4 (Tiger) / 10.5 (Leopard)
- Linux distributions*: CentOs 5.2 (32-bit and 64-bit), Red Hat 5.2 (32-bit and 64-bit), Ubuntu 8.04 (32-bit), Fedora Core 9 (32-bit), SUSE 10.3 (32-bit)
*Limited to flash device
Features & Benefits
- Lock and Unlock – eToken Virtual limits the number of attempts to access the authenticator, and the locked authenticator can only be unlocked by an administrator password
- Password Policy – eToken Virtual supports the enforcement of organizational policy for password complexity and rule
- Full Crypto Functionality using Crypto API - eToken Virtual works in conjunction with eToken PKI Client (5+) supporting full CryptoAPI and PKCS#11
- Smartcard Login – eToken Virtual supports the ability to provide Smartcard Login to Windows environment in conjunction with eToken Network Logon 5+
- Device Locking – eToken Virtual can be locked to a specific PC or flash device enforcing the user to use that device only thus maintaining a high level of protection and restricting use on non- authorized devices
- Full Lifecycle Management – eToken Virtual works with eToken TMS to ensure self service and management capabilities offered so far only with hardware-based authenticator systems
- Low TCO - more cost-effective than a physical authenticator
- No downtime – physical authenticators may be misplaced, stolen or broken
- Convenience – ensures two-factor authentication without an additional hardware device
- Smooth manageability – software authenticators can be distributed, deployed, managed and recovered easily due to the convenience of software portability
- Mix and match - Integrated into the mix and match of other SafeNet (formerly Aladdin) Authentication products and applications