features

New! Password Station Features List
Password Reset Station includes the following revolutionary enhancements: Ability to reset locally cached passwords on end user workstations (Windows 98, NT, XP, 2000, 2003) Transparent password synchronization Administrators can check for new versions of the software through Avatier's LiveUpdate Optional "agentless" telnet and ssh connectors for any platform Support for RSA SecurID without requiring end user identity enrollment The world's first and only self-service password reset through a telephone authenticated by RSA SecurID Support for resetting local Lotus Notes ID files while preserving settings Support for resetting Tru64 and VMS passwords Support for designating any LDAP directory as primary repository and user authentication source Enterprise password reset help desk console now displays real-time audit log Internationalization with support for over 26 different languages, including double byte languages Built-in real-time cost savings analysis reports with support for over 50 international monetary dominations Password Station is now a component of Avatier's Identity Management Server (AIMS) which includes Account Terminator and Account Creator
Features Summary
	Accessibility Successful self-service password management initiatives depend heavily on how many people use the solution. You will not see a call reduction and likewise an immediate cost savings if your end users can't or won't access the self service solution you deployed.  Avatier's Password Station offers six access options to provide the ease of use, instant availability, and flexibility to accommodate the needs of any size business.
	Platforms Supported Avatier's AIMS supports over 30 of the leading network operating systems, directories, databases, and applications.
	Password Policies Your password can be cracked in less than 14 seconds if your password is contains words found in a dictionary. These threats and many others require that organizations must enforce strong password policies. Password Station cross platform password management allows you to centrally define and consistently enforce strong password policies to ensure compliance with your corporate security guidelines and maximize data security.
	Password Synchronization Avatier's transparent password synchronization and manual end user selective synchronization provides maximum flexibility.
	Design Advantages Avatier's Password Station is designed from the ground up to be the state of the art integration platform utilizing the latest in web service technology.
	Auditing All activity is audited and tracked.
	Security Tested by some the governments toughest security sites, Password Station has proven to be very secure.
	Reporting A combination of real-time and schedule reports makes wins the hearts of IT professionals and managers.
	Help Desk Avatier's enterprise password reset help desk console has several key features necessary for large organizations.

Accessibility
	Password Station - Universal Web Access Allows end users to securely access Password Station from any web browser, including NetScape, Monzilla, and Microsoft Internet Explorer.  This option does NOT require deploying any desktop software.
	Password Station - Secure Kiosk System Provides the most secure and efficient  method for end users to securely access Password Station from the Microsoft Windows logon screen on their own workstation even when they cannot remember their password.  Ensures end user privacy and convenience.  Improves self-service adoption and use by 40%.
	Password Station - Group Policy Kiosk with Avatier's Secure Browser Securely grants end user access to Password Station through a locked-down, shared Microsoft Windows user account that has no permissions. This option is designed for organizations who do not want to deploy software to the desktop, but would still like end users to securely reset their password at their workstation.
	Password Station- Enterprise Web Password Reset Help Desk Console Allows help desk personnel to use one enterprise help desk console for all password resets and account unlocks regardless platforms without requiring administrative privileges on any of the target platforms. This option does NOT require deploying any desktop software.
	Password Station - PIN Number Telephone Access Enables end users to reset their password from any where using any touch tone phone. This simple interface only requires the end user to enter known identity numbers. Integrates with your existing PBX systems and installs in under an hour.
	Password Station - Secure RSA Telephone Access Password Station is the only product that seamlessly integrates with your existing RSA SecurID card infrastructure to provide the most secure and robust phone password reset and synchronization solution on the market today. Integrates with your existing PBX systems and installs in under an hour.
Platforms Supported
	Supported Platforms End users can securely reset their password or unlock their account on any directory, system, database, or application used throughout their environment.  Password synchronization, real-time account status, account termination, and account provisioning all all supported on the following platforms.
Password Policies
	Advanced Password Policy Support When passwords are the primary means of authenticating your employees, business partners, and customers, strong password policies are a must. Password Station password management enables you to centrally define and consistently enforce strong password policies to ensure compliance with your corporate security guidelines and maximize data security.
Password Synchronization
	Supported Platforms End users can securely reset their password or unlock their account on any directory, system, database, or application used throughout their environment.  Password synchronization, real-time account status, account termination, and account provisioning all all supported on the following platforms.
Design  Advantages
	Secure pre-logon password reset button Allows users to securely reset their forgotten password from the privacy and convenience of their own workstation's Ctrl-Alt-Del pre-logon window without calling the help desk or disrupting a co-worker. Avatier supports any system running Microsoft Windows NT, 2000, XP, and 2003.  Additionally, Avatier's GINA (Secure Kiosk Logon) works with any other system and can be deployed through Group Policy.
	Secure Telephone Reset End users can quickly self-identify, verify, and securely reset their forgotten password anytime with any touch-tone telephone, cell phone, or PDA phone.  It now supports RSA SecurID authentication.
	Changes locally cached passwords No other solution automatically changes your locally cached domain password credentials.  This prevents your logon session from locking out preventing access to Microsoft Outlook, network resources, folder replication and internal web sites using integrated Microsoft security.
	LiveUpdate Automatically maintain the latest software version of AIMS without the associated administrative burden and expenses.  Allows administrators to check for and automatically install new versions of the software through Avatier's LiveUpdate
	Web Services Infrastructure Avatier's solutions consume any web service, making it possible to integrate with any platform.  Additionally, our solutions publish web services enabling easy integration with any automated process regardless of the target development language.
	Web Services Infrastructure Avatier's solutions consume any web service, making it possible to integrate with any platform.  Additionally, our solutions publish web services enabling easy integration with any automated process regardless of the target development language.
	Built-in Real-Time Redundancy and Super Scalability Avatier's solutions do not require any centralized database, but instead leverage any existing LDAP directory such as Sun, Novell, IBM, Oracle, Microsoft's Active Directory, and even Microsoft's Windows NT as our application primary secure repository.  This allows organizations to simply deploy multiple web servers for real-time redundancy and maximum system availability with minimal support overhead.
	Software Development Kit (SDK) Allows integrators and paying customers to develop password reset and synchronization connectors for third party or custom applications.  Useful code samples reduce development time.  Optionally, Avatier will assist with the development and integration of the first custom application.
	Configurable Directory Storage Location - No Schema Extensions System Administrators can choose the location to store answers to employee's private identity questions in any LDAP Directory or Microsoft Directory without extending the schema.  Optionally, for those organizations who prefer to store identity data in extended fields, Avatier's solutions will also support schema extended fields.
Security
	Honors password history Password Station is the only product that honors password history without storing decryptable copies of end user's current and prior passwords anywhere.
	Silent AlarmsTM Critical events are emailed directly to the designated employees and administrators which will ensure that organizations are immediately aware of suspicious activity. For example, emails are automatically sent to system administrators: whenever an employee fails to correctly answer their identity questions whenever an employee fails to correctly enter their existing password anytime a global system configuration change is made Emails are automatically sent to employees: whenever a failure to correctly answer their identity questions is detected upon successful password reset or account unlock to verify user initiated a customizable number of days as their password is expiring customizable for any successful or unsuccessful transactions
	Enhanced Password Policy Enforcement with Word list Filtering Strong integration with Password Bouncer to deliver unmatched password enforcement across multiple platforms, by preventing users from selecting vulnerable passwords that can be easily cracked by hackers.
	Highly Secure Web Service Design Avatier's solutions are not script-based.  Scripts can be manipulated before or after they reach the target computer.  Script based solutions require an army of consultants to implement. Host computer specific asymmetrical encryption keys Automatic exclusion of Root and other privileged system accounts Ability to exclude additional accounts by account or group name Only accepts requests from defined IP addresses No Unix Admin passwords are stored anywhere Configurable Web Service TCP communication port Communicates SOAP over SSL (SOAPS) Requires WSDL path and documented parameters to communicate
	Centralized Auditing and Real-time Event Logging Captures who did what to whom and when for every transaction stores to a central SQL database.  The reports can be customized and displayed in real-time through a web interface.  The reports can be exported to Excel or Text files.
	System Configurable Number of Identity Questions Employee's can be required to answer as few as 2, or as many as 9 identity questions.  Completely configurable identity questions, add, edit, retire.
	Cascading Identity Questions Employee's cannot see their second question until the first question is answered correctly.  This prevents social engineering.
	Automatic De-enrollment  after Identity Questions are Answered Incorrectly Configurable auto-lockout on failed authentication.  System Administrators can configure a threshold to de-enroll an account after their identity questions are answered incorrectly too many times.
	Force Password Change at Next Login Employee's can be forced to change their password at Microsoft Windows NT or Active Directory login time.
Help Desk
	Delegated Access to Cross-Platform Password Reset & Account Unlock Leverages your existing Microsoft groups and user accounts to delegate cross platform password reset and account unlock access to Help Desk individuals.
	Displays Real-time Cross Platform Account Status Help Desk personnel can obtain real-time account status on any platform, for any user.  Status includes: Account Disabled, Account Lockout Status, Password Expiration Date, Password Age, Full Name and more...
	Guarantees End-User Identity The Help Desk module can be configured to not allow password reset until the end-user's identity has been confirmed.  It can also be configured to manage non-enrolled accounts.
	Real-time Audit Trail of End User Activity Help desk personnel have access to view all prior end user self-service and help desk activity.  This allows help desk personnel  to quickly analyze any issues with the customer as it is occurring.
	Exclude Individuals or Groups from Help Desk Management Select specific users or groups to be excluded from Help Desk management.
	Centralized Auditing and Real-time Event Logging Who, what, when, and where are stored in a central SQL database.  Built in filtering and sorting on any field or timeframe and displayed in real-time through a web interface.  The reports can be exported to Excel or Text files.
Reporting
	Scheduled Usage Reports Summary and detailed usage reports of all password resets, account unlocks, failed answers to identity questions, failed password resets, phone password resets, and more are sent hourly, daily, weekly, or monthly to system administrators.
	Enrollment Report System Administrators can run a report to determine who is currently enrolled and who is not.
	Utilization and Licensing Reports Active monitoring of number of licenses, enrolled users and utilization rate.
	Custom Reports Using Crystal Reports or Business Objects custom reports can be run against the SQL database.

Able to offer Password Management across multiple Windows NT/AD domains

Enrollment:

• Simple 3 step enrollment, identify, authorize, answer questions

• Users can be mass enrolled with predetermined questions and answers supplied from USA databases

• Requires unique questions and answers

• During enrollment will automatically extract primary email address form AD

• During enrollment will automatically extract primary phone number from AD for telephony enrollment

• Last questions is semi-private help desk challenge question

• Allows user to simply and quickly change their enrollment questions and answers at any time

Deployment & Management:

• Can be installed and deployed in production in 30 minutes

• Ability to un-enroll users or group

• Automatic un-enrollment upon deletion of account from Active Directory

Telephony Interface:

• Ability to enroll user automatically during mass enrollment or individually.

• Can reset password or unlock accounts only using the keypad and number inputs

• Customizable wav files for Telephony instructions and passwords

• Accessible from any telephone

• Ability to reset password across multiple systems simultaneously

 Unique Features:

• Provides ability to check all systems status prior to resetting password or unlocking account to verify their availability

• Allows user to unlock account while leaving passwords intact across multiple systems

• Allows user to reset their expiring password without challenge questions by inputting valid password and new password across multiple platforms

• Allows user to check account information across multiple platforms

  •             User ID

  •             User Full Name

  •             Account Expired

  •             Account Locked Out

  •             Password Expiration Date

  •             Password Age

• Allows user to test a password against the Password Bouncer policies in force and provided very detailed feedback on what rules were not met

• Provides user same detailed feedback when a password entered for reset or forgotten password does not meet the enforced policy