Secure operating environment A secure operating environment is set up at the same time as the installation. Appropriate access permissions settings for
all business resources, application administrator privileges, and the setting of encrypted communication associated with operation
is enabled immediately after installation. Information can be protected from security threats such as illegal access to/communication
monitoring of the business operation, and a secure business system can be set up speedily.
SSL authentication/encryption communication A robust security function is provided in business-to-business/ business-to-customer servers on the internet, so the setup
of a secure system is enabled. SSL 3.0 client/server authentication, an encryption function, and SSL communication that uses
certificates issued by VeriSign are provided. These can be managed/operated from the Interstage Management Console, and because
of linkage with multi server managements management of applications is also possible for multiple servers.
A function that tracks information leaks (Audit Trail) In readiness for information leaks, "When, Where, Who, What, Why" information about access to Interstage is collected.
Accordingly, rapid analysis/tracking when information leaks occur is possible.
Single Sign-on Single sign on enables access to multiple business servers. Managing a single repository of user information (ID, password,
etc.) for enterprise business systems simplifies user information management (adding, modifying or removing users). You can
improve usability of the system or reduce operational/installation costs of a Single Sign On system through the following
features. - User information for Single Sign On can be managed through an Active Directory. If Active Directory is used in an existing
system, Interstage Single Sign On can be installed utilizing the exisiting assets (V9.1 later) - Authentication Server Linkage enables linking with other SAML 2.0-complient SSO systems including those from other vendors
as well as another Interstage Single Sign On system. Users are authorized once by one or more of the authentication services
in systems which are linked through the Authentication Server Linkage feature.. (V9.1 later) - You can utilize Windows logon mechanism so that users can logon to the server system through their Windows logon operation. - Authentication server and repository server (which stores user information) can be built to scale for increases in the number
of users. One options is to use an RDB for the user repository. You can build the system according to its scale or operation
policy. Also Interstage Single Sign On has rich features for access control or session control such as an idle timeout (which
revokes authentication after a specified period) or deterring duplicated login, which help maintain proper acess and user
authentication.
In the Single Sign-on function, the following functions are provided: - A function for setting up a server (business server) that provides Web-based services to users - A function for setting up a server (authentication server) that is used for performing user authentication (Standard-J Edition/
Enterprise Edition) - A function for setting up a server (repository server) that manages information required for user authentication (Standard-J
Edition/Enterprise Edition)
Directory Service (Standard-J Edition/Enterprise Edition) An internet standard LDAP (Lightweight Directory Access Protocol) V3-based Directory Service is provided. Accordingly, users
and resources in the network can be managed uniformly in a directory, and user authentication is possible.
Non-super user account requirement to operate Interstage (Solaris/Linux V9.1 later) Interstage Application Server's administrator does not require the rights of the Operating System administrator.. Previously,
you had to use a super user account to execute some Interstage Application Server commands. Interstage Application Server
V9.1 enables you to use an account which does not have super user authentication for executing Interstage Application Server
commands by utilizing the Server Operation Control feature of Systemwalker Centric Manager.
