In this section, we look specifically at:
- Adaptive MFA for VPN EmpowerID’s VDS provides strong LDAP authentication to your applications, systems, and devices.
- Unify Your Directories the single directory support that many applications and operating systems have is problematic and causes other significant problems. EmpowerID solves them all.
- LDAP Data Firewall EmpowerID’s VDS not only provides an extra valuable security layer over your sensitive information but can also reduce the load on your live environment.
- Single LDAP API for Data Updates CRUD actions against any directory object can trigger workflows in EmpowerID and provides you with enormous scope and flexibility…
Adaptive MFA for VPN
The EmpowerID Virtual Directory Server can integrate with EmpowerID’s MultiFactor Authentication (MFA) module to provide strong LDAP authentication to applications, Linux machines, Mac OS, firewalls, network devices, and VPN servers within your network infrastructure
EmpowerID verifies user credentials against either the Identity Warehouse or live against connected directories like Active Directory. EmpowerID analyzes LDAP logins using the same contextdriven policies as with web logins and it enforces them with adaptive MFA authentication rules.
Unify Your Directories
Many companies have a combination of multiple LDAP directories, Active Directories, and SQL databases with each containing fragments of their users’ profile information.
Unfortunately, though many applications and operating systems support using an LDAP directory for centralized authentication and authorization, most only support the use of a single directory. Having information scattered across separate repositories creates substantial challenges
For organizations with enterprise architectures that maintain separate directories for internal and external users, this is a significant problem.
The EmpowerID Virtual Directory solves this integration challenge by unifying all the directories in your organization into a single LDAP Directory access point.
It also addresses the challenge of delegated authentication by allowing separate authentication paths for internal and external users. Internal users can authenticate directly against Active Directory, while external users can authenticate against the EmpowerID Identity Warehouse. This also eliminates the need to synchronize passwords.
The EmpowerID Virtual Directory also supports acting as the primary authentication directory for Linux and Mac OS devices.
LDAP Data Firewall
The Virtual Directory Server supports Zero Trust security programs by acting as a proxy (or barrier) between your users and the sensitive data stored in your corporate Active Directories. This provides a two-fold benefit of adding a valuable security layer to protect your senstive information and it reduces the load on your production directories.
For data accessed through the LDAP VDS interface, EmpowerID enforces the same multi-tenant aware data visibility and privacy controls used in its web interface.
EmpowerID’s attribute and organizational structure aware data privacy policies ensures that only authenticated applications and users see the attributes and objects to which they have access.
Single LDAP API for Data Updates
The Virtual Directory also supports Create, Update, and Delete (CRUD) actions against any connected directory object. These actions tie into EmpowerID’s visually designed workflows and can act as triggers for additional updates, actions, or flows.
For example, a create action may trigger a yet more sophisticated multi-step workflow that creates a user, provisions their account, sends email notifications to approvers, triggers additional workflows, and much more.
Fully customizable, actions are easy to work with, they provide full auditing capabilities including logging and tracking, and are secure.