Announcing New Update of Validation & ID Protection (VIP) Service
Symantec would like to announce the new update of VIP, with a new look and feel to VIP Manager and new functionality for Enterprise Gateway v9.2.
The current VIP Manager will continue to be available using the current URL for approximately six months to allow for a smooth transition to the new URL https://manager.vip.symantec.com. Both VIP Manager interfaces will use the same database backend so you may use them interchangeably if desired.
Summary of New Features:
- A brand new VIP Manager with Symantec branding, new navigation and dashboard, and redesigned user and credential management functions
- Support for configurable VIP user IDs improve data privacy
- Enhancements streamline process when migrating from legacy authentication solutions to VIP
- Improved manageability in diverse and complex environments
- Support for multiple user stores with a single Enterprise Gateway instance
- Ability to use a single VIP credential to login to various applications with any supported login format
- Support for several new 3rd party applications (see list under Feature Highlights below)
- New Security and Platform support for VIP Access Desktop
- Support for Windows 8 native desktop mode as a platform along with IE 10
- VIP Access Desktop for Mac 1.0.1 now available from https://idprotect.verisign.com/
With this new release of VIP we’ve continued to deliver on our promise to keep improving VIP security, scalability, and ease of use. Enhanced data privacy, flexibility to address diverse environments; plus ease of use and manageability for administrators are the primary themes. The most obvious enhancement is the redesign of VIP Manager. Although this is only the first phase it provides significant improves in the way administrators manage users and credentials; and gives them greater overall visibility with real-time, interactive charts and graphs.
- We Continue to Enhance Security and Data Privacy.
- Configurable VIP user ID improves data privacy. This enhancement allows administrators to map a username to an employee ID number or other directory attribute to be registered as the user ID in the VIP cloud.
- Enhancements Streamline Migration from Legacy Authentication Solutions
- Enhancements have been made to allow for a smoother transition when migrating from legacy authentication solutions to VIP. VIP now has the ability to act as a true proxy for RADIUS authentication requests meant for third party authentication servers. Thus, providing a mixed authentication environment during transition.
- We’ve Improved Manageability in Diverse and Complex Environments
- Support for multiple user stores allows for support of complex multi-directory and multi-forest customer environments with a single VIP Enterprise Gateway instance. It is no longer necessary to use a separate VIP Enterprise Gateway for each distinct LDAP directory or Active Directory forest. With this new capability, you can now configure a list of distinct user stores (in priority order) within a single Enterprise Gateway. And, irrespective of the directory, your users will registers their VIP credential ID only once (with any of the directories), and VIP will recognize it on subsequent logins with any of the other directories. This method is less cumbersome and reduces administrative overhead when compared to those employed by competitive products.
- Also new in this release is the ability for your users to use a single VIP credential to login to various applications with any supported login format (ex. john_doe or firstname.lastname@example.org). Supporting multiple login formats using the same credential without any additional steps greatly improves the user experience.
- Support for additional 3rd party applications further improves our support for diverse environments. New in this release is support for: Microsoft Active Directory Federation Services 2.0, Microsoft Outlook 2010 Web Access, Microsoft SharePoint 2010, Microsoft Remote Desktop Web Access, IIS 7.x on Windows 2008 Server, Microsoft Outlook Web Access 2007, Pluggable Authentication Module supporting RHEL 6.2 and 6.3, SAP Netweaver 7.0. Integrated Intelligent Authentication capabilities with Firepass and Juniper SSL VPNs, CA Siteminder, Microsoft GINA support for Windows 2003 64-bit, Pluggable Authentication Module with ability to exclude a subset of users from two factor login.
- We’ve Enhanced Security and Platform Support for VIP Access Desktop
- Access Desktop 2.1.1 for Windows – now supports Windows 8 native desktop mode as a platform along with IE 10. Security enhancements include log levels and the reporting of error level log messages active by default.
- VIP Access Desktop for Mac 1.0.1, which has been available from VIP Manager, may now be downloaded by the public from https://idprotect.verisign.com/
Sample Screen Shots:
New VIP Manager login screen provides the first glimpse of the new look and feel. The new dashboard boasts interactive graphics allowing administrators to drill down into different credential types or states. The Inventory Control tab is evidence that this is an administrator account.
In addition to real-time reports showing successful vs. unsuccessful credential validations over 7 days, 30 days, and 90 days. A user activity log is also available on the dashboard as is notfications - alerts, support notifications, and news.
The user management page has been redesigned to show users and the credentials bound to them. Also visible are any temporary security codes that have been created. Search capabilities are available that auto-complete with user names existing in the database to allow administrators to search more quickly. Filters are an easy way to zero in on desired users.
Selecting Edit Detail on the User pages will take you to the User Detail page. There are now separate sections to manage the credentials a user has more easily, including the ability to generate a temporary security code if necessary. If the user does not have a particular credential it will indicate that there is no device/certificate associated with the user.
The Credential Management page has the same look and feel as the User Management page with the same search and filter capabilities. The ability to generate temporary security codes and disable credentials is available from this page in addition to drilling down into credential details.
The Credential Details page provides a consolidated view of the credential type, state, and user; with the option to drill down to the user details.