I was talking to Ilan Meller from Identiwall recently. Ilan was a SVP at CA and his latest company is doing serious work with strong identity and authentication management. They have over a million installed home banking users in Israel.. Ilan told me about three product lines – Identiwall for Secure online transactions, Identiwall VPN and Identiwall Dynamic security that was developed for an Israel defense customer. I thought that Dynamic Security was the most impressive of the 3 products – I’ll let you decide.
Identiwall for secure online transactions
Target market – online banking, online insurance
Product status: Leading product in Israel for online banking strong identification, authentication, anti-phishing, strong session security. Currently, over 1 million end users
Unique features
- No end user client software or hardware device required
- Minimal changes to Web application, hooks into ISAPI layer or Apache module
- Separate security server, not exposed to Web application server vulnerabilities
- Session risk management which is maintained external to server side session, i.e. Cannot be corrupted or attacked. It examines navigation patterns – can detect an automated attack pattern within a short time frame, or URL hacking, session hijacking, where the attacker goes directly to a particular URL, bypassing the normal application navigation performing content inspection in order to detect and stop phishing
Identiwall-VPN
Target market: Existing VPN users who rely on Radius authentication and/or tokens and want to improve security and reduce costs
Product status – production product
Unique features
- Strong 2 factor authentication
- Replacement for RSA/Checkpoint tokens
- Cheaper, more flexible, without requiring hardware devices
Identiwall-Dynamic security
Target market-Companies with large number of employees on multiple office building floors, multi-building campus
Product status – production product developed for Israeli defense clients. Currently in use by institutions in US and Europe, clients like Fortis.
Product brief
Integrates and correlates physical and logical security. Detects multiple user logins from multiple physical locations at same time, logins of employees who have left the building. Used to detect inside jobs. For example – installed in HQ of a company with 1200 employees. Security officer established a threshold to purchase if the system would detect at least 2 events/day – the system detected an average of 37 security events/day in the first week
Unique features
- Can detect inactive Pcs and automatically shut them down for big energy savings
- Can detect movement of RFI-tagged laptops
- Automated FBI: forensics based investigation on event discovery. Backtracks through logs, logins/logouts/failed logins. Aggregates access rights in order to detect users who are working in collusion.
