OpenOTP RCDevs

security solutions

Authentication Server Product information

The need to secure access to on- With RCDevs OpenOTP you can:
line applications and resources is increasing every day. This
is the result of the business evolution where companies staff Achieve strong security for your critical systems with a
work from remote locations, use mobile devices and develop convenient and efficient user experience.
their corporate or external services on the cloud. In this con- Save costs with lower solution TCO and very minimal
text, it is important that employees, customers and collabora- maintenance requirements.
tors get strongly identified and authenticated when accessing Comply with regulatory requirements in the government,
sensitive systems and data. industry, healthcare or financial sectors.

Enterprise-Grade Security Solution Flexible Licensing and Competitive Pricing

OpenOTP is the most advanced two-factor authentication solution With its flexible licensing options and very competitive pricing,
ever. It is versatile, device-independent and based on opened security OpenOTP brings an unbeatable combination of cost-efficiency and
standards. OpenOTP provides fine-grained user identity and access security to corporate access, Web applications and cloud services.
management (IAM), one-time passwords authentication technologies OpenOTP Enterprise Edition is available via permanent licenses or
(OTP), signed authentication with FIDO Universal Second Factor subscription-based models. The whole solution is completely free of
(U2F) and extensive authentication policies for your AD / LDAP users. charge for trials and for organizations with up to 40 users. In most
It is enterprise-ready with strong support for high-availability, load- scenarios OpenOTP has no integration cost. You do not need technol-
balancing, multi-tenancy, cloud-readiness, geolocalization, delegated ogy experts and expensive consultancy to start with the OpenOTP
administration and much more. two-factor experience!

OpenOTP includes WebADM Server: the Resilient Solution for Cloud and Corporate Access
RCDevs centralized interface used for
managing your authentication policies, OpenOTP Server can be installed on any Linux box (hosted, virtual or
LDAP users, groups and domains while dedicated) and is able to operate in both corporate or cloud service
abstracting the complexity of high-level mode. The Linux platform has been chosen for its robustness, security
security. It includes user self-services with and maintainability. Pre-configured virtual appliances are available
Token self-enrollment. It natively supports for free on RCDevs Website for a quick and simple testing.
ActiveDirectory, Novell eDirectory, OpenLDAP,
Oracle Directory, RCDevs Directory... RCDevs provides its customers with remote installation and
configuration services for both standalone and cluster setups.
OpenOTP provides two-factor authentication with a maximum of
flexibility, ease of installation and use. Even though it offers the Go to http://www.rcdevs.com/downloads/ to start OpenOTP now!
highest level of functionality available in the market, it is designed
for higher performances and simpler integrations. As a result Authentication Methods Integration APIs
OpenOTP is the only solution with such a set of features, which is Event-based Tokens RADIUS RFC-2865
being successfully deployed by thousands of companies without Time-based Tokens SOAP & XML-RPC
requiring any additional assistance. Challenge-based Tokens JSON & JSON-RPC
U2F Devices OpenID 1.1 & 2.0
SMS OTP C, C++ Libraries
Hardware Security Module Mail & Secure Mail OTP SAML 2.0
OpenOTP supports Hardware Security Modules (HSM) from Yubico. YubiKey PAM-UNIX Plugin
Printed OTP Lists Credential Provider
HSMs provide hardened storage of critical data with stronger cryp-
Emergency OTP
tography where the encryption keys are hardware-protected. HSMs Simple LDAP
provide true random numbers generation (RNG) too. Quality random Supported with
is required for Token seed generation and out-of-band OTPs. LDAP Compliant Web Applications
MS Active Directory VPNs & SSL VPNs
Using HSMs in OpenOTP is 100% transparent and the move to hard- Novell eDirectory Citrix Access Gateway
ware cryptography can be done at any time without impacting your Linux OpenLDAP Microsoft (TMG, OWA, ADFS)
business. RCDevs WebADM server supports up to 8 HSM modules in Apple Open Directory UNIX / Linux
hot-plug mode for fault-tolerance and increased performances. Oracle / Sun Directory Windows Login
RCDevs Directory Server Google Apps
389 Directory
Management
Interface
Self-
Auditing
Services
Awards Winner
OTP PKI

Web IAM Unix

VPNs Windows
SSO

http://www.rcdevs.com Info@rcdevs.com Copyright 2010-2013 RCDevs SA, All Rights Reserved

 OpenOTP RCDevs
security solutions

Authentication Server Product information

Client Support and Interfaces

OpenOTP provides two-factor authentication with OATH Software and Hardware Tokens, mobileOTP, Google Authenticator, Yubikey, out-of-band
authentication with SMS, mail and secure-mail, printed OTP lists. It supports multiple Tokens per-user, fallback OTP, combined LDAP+OTP, PIN code,
concatenated passwords, Token inventories, etc...

OpenOTP supports OATH Event-based,

Time-based and Challenge-based
standards for both Software and
Hardware Tokens. Software Tokens
are available free-of-charge for J2ME
mobile phones, Windows Mobile,
Palm, Blackberry, iPhone and Android
platforms.

OATH-compliant Hardware Tokens with any form-factor are supported. This includes keychain-like or keypad-based OTP calculators, banking
cards, Yubikeys, etc...RCDevs provides its own time-based OTP Token for OpenOTP. Yet customers are free to choose and re-use Hardware Tokens
from any third-party provider: RCDevs solutions are100% vendor-independent and also support OATH devices from well-known vendors like
Feitian, Vasco, Secutech, SmartDisplayer, SafeNet...
You can use OpenOTP with:
- Web Applications (Java, PHP, ASP, .Net...)
- VPNs, SSL-VPNs (Checkpoint, Cisco, Nortel, Juniper, F5, Aventail...)
- Citrix Access Gateway & Web Interface
- Microsoft ISA/TMG (Exchange, Sharepoint...)
- UNIX and Linux (SSH, FTP, OpenVPN, PPTP, POP/IMAP...)
- Windows Login (2008-R2 Server, Vista, 7, 8)
- Web-based Products (Wordpress, SugarCRM, Magento, Drupal,
Joomla, RoundCube...)
- Active Directory Federation Services (ADFS)
- OpenID-enabled Web Sites
- SAML-federated Applications and Google Apps
- Amazon Elastic Compute Cloud (EC2)
- Any Other System (with our development SDK)

OpenOTP provides powerful integration APIs and plugins for Web (SOAP/XML/JSON), VPNs (RADIUS), SSO (OpenID/SAML), UNIX (PAM), Windows
(Credential Provider). The APIs are designed for simpler integrations and to let programers easily implement two-factor authentication
functionalities into existing Web applications and remote access infrastructures.

RCDevs is an award winning security company specialized in RCDevs is the developer of OpenOTP Authentication Server
next-generation two-factor authentication. RCDevs is building (http://www.rcdevs.com/products/openotp/) and TiQR Server
its growing reputation over high-quality security software and (http://www.rcdevs.com/products/tiqr/).
its customers entire satisfaction. RCDevs provides cutting-edge
enterprise-grade solutions in world-wide to customers ranging RCDevs OpenOTP and TiQR Authentication Server received the
from SMEs to large corporations in the IT, financial, healthcare Highly Commended Award for the Best SME Security Solution at
and government sectors. SC Magazine Awards 2012 Europe and the Sesame Awards 2012
for the security innovation.

Technical Specifications System Requirements

- Hardware / Software OATH Tokens - User Blocking Policies - Compatible LDAP / AD Directory
- FIDO Universal Second Factor (U2F). - Built-in Replay Attack Protections - Networking with DNS and NTP
- Google Authenticator with QRCodes - AES-256 Encryption for Sensitive Data - Optional SMSC Service Connection(s)
- Fallback OTP Methods - No Replication nor Import of LDAP Users - Linux 32 / 64Bit (Dedicated or Virtual)
- Up to 3 Tokens per User - Multiple LDAP Sources (Aggregated)
- Token Inventory Management - User Transaction Duplicates Protection
Performances and Scalability
- PSKC RFC-6030 Token Import - Customizable End-User Messages
- Combined LDAP+OTP/U2F Authentication - Comprehensive Logging and Accounting
- High Availability with 2-4 Active Servers
- Challenged or Concatenated OTP Passwd - Multilingual Support for User Messages
- Full Load Balancing and Session Sharing
- OTP PIN Prefix Protection - Mail and SQL System Alerts
- 175 Logins per Second and per Server
- Policies per User, Group, Domain, Client - Automatic Failover for LDAP, SQL...
on an Entry-Level Server (Intel-based)
- Policies per Network & Geolocalization - PCI-DSS Compliant
- Multi-Tenancy and Cloud Readyness
- Access Time Policies

http://www.rcdevs.com Info@rcdevs.com Copyright 2010-2013 RCDevs SA, All Rights Reserved