DIGIPASS Strong Authentication for VPN Technologies

By adding DIGIPASS strong authentication to Check Point Connectra™, the customer has an easy-to-deploy remote access solution with enhanced security. Check Point Connectra™ is a remote access gateway which combines SSL VPN, IPSec VPN and intrusion prevention with centralized management and straightforward deployment. VASCO DIGIPASS offers one-time password (OTP) technology to protect user login and ensures that only authenticated users get access. IDENTIKEY, VASCO’s authentication server verifies authentication requests on the back-end.

How Does It Work?

When remotely connecting to the corporate network via Check Point Connectra™, the end-user is asked for an OTP generated by the VASCO DIGIPASS authenticator. Check Point Connectra™ will communicate with IDENTIKEY Server, VASCO’s back-end authentication software, through RADIUS to validate the OTP. Upon successful validation of the OTP, the user is authenticated and Check Point Connectra™ will set up the SSL VPN connection.

PKI-Based Secure VPN Access for Check Point Endpoint Security

Click here to go to the OPSEC page

By adding VASCO CertiID and DIGIPASS Key 200 or DIGIPASS Key 860 to Check Point Endpoint Security™ you can combine pre-boot encryption, certificate based Windows log-on, document and disc encryption with secure VPN access. Check Point Endpoint Security™ is a single agent that combines all the critical components for total security on the endpoint.

Check Point Endpoint Security combines the protection of the endpoint against a rising number of web based threats with a single easy login unlocking all security system on the PC with data security and remote access. VASCO’s DIGIPASS CertiID combined with DIGIPASS key offers certificate based strong user authentication to protect user login and ensures that only authenticated users get remote network access.

How Does it Work?

When remotely connecting to the corporate network using VPN, the end-user will launch the VPN application on his desktop. This application will request a user login. The end-user will plug his DIGIPASS Key 200 or DIGIPASS Key 860 in the USB port and type his PIN. This PIN will allow for Check Point Endpoint Security to use the PKI-certificate stored on the DIGIPASS Key for VPN authentication. Check Point Endpoint Security also allows to use the same technology for pre-boot encryption, PKI-based Windows log-on, document and disc encryption.

PKI-Based Pre-Boot Encryption For Check Point

By adding VASCO CertID and DIGIPASS Key 200 or DIGIPASS Key 860 to Check Point Full Disk Encryption, you have a plug & play solution which enhances pre-boot security of laptops which also allows you to use the same solution for Windows log-on, document and disc encryption. It protects corporate information stored on laptops against unauthorized access and it prevents data breaches when laptops are lost or stolen. Laptops and desktop hard drives are automatically encrypted to protect business critical information and prevent data breaches.

Check Point Full Disk Encryption provides the highest level of data security with multi-factor pre-boot authentication and the strongest encryption algorithms. The entire hard drive content is automatically encrypted. By adding VASCO’s PKI-based authentication solution, you use certificate based authentication which further enhances the security of laptop to access encrypted business critical information which is easyto- use.

VASCO’s certificate based strong authentication works both when a laptop is connected or unconnected to the corporate network.

How Does it Work?

When the end-user starts up the PC, the PC will ask for a preboot password. The end-user will plug his DIGIPASS Key 200 or DIGIPASS Key 860 into the USB-port after which the enduser will enter his PIN code. The PIN code allows Check Point Full Disk Encryption to access the certificate stored on the DIGIPASS Key device and use the certificate for authentication. Upon verification, the end-user will be able to access the PC. Once pre-boot authentication has been done, the end-user still has to perform a Windows log-on, this can be done either by traditional username and password, or he can also use the
PKI-certificate on the DIGIPASS Key for Windows log-on. Once logged on, the certificate on the DIGIPASS Key can also be used to access encrypted documents and discs.

Download the Leaflet