This document summarizes the key features of a multi-factor authentication product. It highlights the product's hybrid cloud model, single sign-on support, customizable user interface, and ability to integrate with multiple directories. Notable features include contextual authentication, mobile password reset apps, desktop password management, and various authentication methods. The product has both on-premises and cloud hosting options and includes standard features like self-service account management, RADIUS support, and flexible support tiers.
2. Product Tour
① Our Differentiators
② Product Overview
③ Standout Features
④ Standard Features
3. What Sets Us Apart
• A Hybrid Cloud Model
• No need to choose either or
• Multiple Directory Integration
• Active Directory, SQL, LDAP, Novell,
etc.
• No Forced Adherence
• Fully Customizable User Interface
• True Single Sign-on Support
• Real-time Password Reset
OurDifferentiators
4. Feature Categories
• Web-based Single Sign-On (SSO)
• Self-service Password Reset
• Multi-factor Authentication
• VPN, Web and Windows Desktop
ProductOverview
• Contextual Risk-based Authentication
• Password Management (Expiration,
Quality)
• Password Synchronization
• Advanced Reporting
6. On-PremisesRequirements
• Requires Windows Server OS & IIS:
• Windows Server 2008/R2 or later
• .NET 2.0 Framework or later
• Shared IIS Instances (website co-existence)
• Load balancing/HA fully supported
• For PG Desktop Multi-Factor:
• Windows Workstation 7, 8
• Windows Server 2008, 2012
ProductOverview
NebulaRequirements
• SSL must be enabled on the Domain
Controller
• Export the Public Certificate from
the Certificate Authority that created
the SSL Certificate
• Service account in the user
repository with the appropriate read
and write privileges.
• Access to Port 636 in the local
firewall/gateway.
7. StandoutFeatures
• Unique Identity Provider (IdP)
• Fully Customizable User Interface
• Multiple OTP Methods
• Passivekey® Transparent OTP
• Mobile Password Reset App
• Contextual Risk-Based
Authentication
• Windows/Mac Desktop Support
• Sidecar™ Mode
• Advanced Reporting
• Detailed Deployment Kits
• Dedicated Technical Support
• Fixed Pricing Model
• Tailored Authentication Program
8. UniquePortalGuardIdentityProvider(IdP)
• Web-based Multi-factor
• Supports on-premises and cloud-
based applications
• Fully Accessible Account
Management
• Password Reset
• OTP Support Registration &
Configuration
StandoutFeatures
• Single Sign-on Jump Page
• Supports Federation via standard
industry protocols:
• SAML
• WS-Federation
• Shibboleth
• CAS
• OAuth (coming in Q2 2016)
10. OTPMethodFlexibility
• Supports 11 different OTP methods
• Any enabled method works (Fallback)
• Easy integration with existing Hard or
Soft Tokens
• Optionally suppress OTP prompt for
“remembered” devices
StandoutFeatures
12. MobilePasswordResetApp
• Free To Use
• One-time, Integrated Enrollment
• Securely generated Time-based OTP
• Familiar password generator
• Available on iTunes and Google Play!
StandoutFeatures
13. Contextual/Risk-BasedAuthentication
• Uses a configurable credibility score to determine
remote/external login validity
• Ranges from requiring “Multi-factor” to
completely blocking the request
• Dynamic categories include:
• Network (e.g. LAN, Wireless encryption type)
• Device characteristics (OS, Hard drives)
• Geo Location (requires Google Gears API)
• Login time restrictions (to align with typical
access hours)
StandoutFeatures
14. DesktopPasswordReset
• Access to Password Reset and Password
recovery directly from the login screen
of both Windows and Mac machines
• Immediately updates credentials in the
associated user repository
• For Mac Users: can also allow for the
recovery of the Mac Keychain Password
StandoutFeatures
15. SidecarMode
• For customers who already have a
working/branded login portal
• Able to force user enrollment
• Enables password reset through
the use of an ‘iframe’ window
• Helps eliminate Administrative
Overhead and End-User training
StandoutFeatures
16. AdvancedReporting
• Web-based Dashboard Reporting Out-of-the-Box
• Supports the creation of numerous report types:
StandoutFeatures
• Successful Web Logins
• Failed Web Logins
• Strikes & Strikeouts
• Password Change Activity
• Self-service Enrollment
• Account Unlock, Password
Resets, etc.
• Enrollment Status
• Successful SSO Activity
• Failed SSO Activity
• All RADIUS/VPN Activity
17. DeploymentKits
• Developed through collaboration with customers who have successfully
deployed.
• Proven techniques for quickly deploying PortalGuard in your environment
• Results in higher user adoption & satisfaction
• Email templates, videos, FAQs and more!
StandoutFeatures
18. DedicatedTechnicalSupport
• Complete, Guided Install with a PistolStar, Inc.
Engineer
• Included in every support tier
• Handled remotely via screen-sharing
• Engineer has developed or tested PortalGuard
• No “script readers”!
• No mandatory training required
StandoutFeatures
19. FixedPricingModel
• Unlimited users
• Unlimited applications
• Only pay for each PortalGuard license
• Single PortalGuard license entitles use of:
• 1 Production instance
• 1 Cold Standby/Disaster Recovery instance
• 2 Test/Development instances
• Access to Nebula Cloud Server
StandoutFeatures
20. TailoredAuthenticationProgram
• A Program designed to create Customer-Specific product enhancements
• Work directly with a PortalGuard engineer
• A Scope of Work document is created and reviewed before committing
• Delivered within weeks, not months
• Becomes part of main product – no one-off versions
StandoutFeatures
21. Standard Features
• Independent Directory
Support
• Self-service Account
Management
• Knowledge-based
Authentication (KBA)
• Windows Desktop/Server
Multi-factor
• Typical OTP Method Support
• Radius Support
• Flexible Support Tiers
• Batch Import User Data
22. IndependentDirectorySupport
• A Single PortalGuard instance can support multiple user directories:
• Active Directory
• LDAP
• Real-time directory access
• No need to worry about synchronization issues
StandardFeatures
• SQL (including customized user tables)
• IBM System i (AS/400)
23. Self-ServiceAccountManagement
• Account Unlock
• Password Reset
• Password Recovery (“see” current password)
• Forgot Username
• Self-registration
• Independent, flexible authentication for each action
• Single or multi-factor authentication supported
• I.E. Challenge answers -AND- an OTP
StandardFeatures
24. Knowledge-BasedAuthentication(KBA)
• Require users to login with:
• Username
• Static Password
• Answers to one or more Challenge Questions
• Completely configurable
• Allows for pre-written or custom questions
StandardFeatures
28. BatchImportUserData
• Run on-demand or on a scheduled basis
• Eliminate unnecessary user enrollment
• Phone numbers
• Email addresses
• Linked accounts for password synchronization
• “Mandatory” challenge answers to set initial passwords
StandardFeatures
29. FlexibleSupportOptions
• Support performed by in-house engineers (all plans)
• Support available via: Phone, Email, Website chat
• Silver (standard): 9:00 AM to 5:00 PM EST
• Gold: 7:00 AM to 7:00 PM, North American business hours
• Platinum: 24x7 Support
StandardFeatures