SecureDomino: Authentication and Intrusion Prevention for Lotus Domino

SecureDomino is the universal authentication and security tool for Domino web servers.




By extending authentication options beyond the Domino Directory, SecureDomino allows a broader usage of Domino servers.

SecureDomino enhances data security and helps to enforce Sarbanes-Oxley compliance. Domino servers with activated HTTP task are protected by preventing unauthorized users from gaining access.

Authentication

Lotus Domino authentication has several shortcomings:
  • Even with the Domino Directory Assistance and the Active Directory Synchronization users must still handle multiple passwords.
  • Domino does not log authentication successfully and failed attempts efficiently.
  • Domino does not support IP-based authentication.
  • Domino does not allow the definition of log-on hours

SecureDomino Authentication Features

  • Designated (SPNEGO) Authentication Server (new in R7!)
    Use one central SPNGEO activated server to handle automated authentication even on non-SPNEGO supported Platforms and Domino-Versions like Linux or Solaris.
  • LDAP Authentication
    Authenticate against Microsoft or any other LDAP directory and thus eliminate the need for users to remember multiple passwords.
  • Authentication Logging
    Log sign-in attempts (either all, successful only or failed attempts only) for analysis, documentation and user-information.
  • IP-based Authentication
    Identify and authenticate users (and proxies) through their IP-address automatically.
  • Log-on Hours Definition
    Restrict signing in, e.g.: restrict log-in to business days and hours from 8am to 5pm.

Intrusion Prevention

Lotus Notes and Domino offer extensive and mature security architecture. Nevertheless, a Domino server in the Intra-, Extra- or Internet is exposed to many risks:
  • Browser clients can endlessly attempt to sign in to a Domino Server. Retrieving a user's password is just a matter of time.
  • Hackers can access sensitive data or cause a heavy server load by simply using hacking tools provided in the internet (Brute Force Attacks, Denial-of-Service).
  • URLĀ“s like $DefaultNav and $DefaultView often reveal much more information than intended.
  • Loading the HTTP-server task makes all database accessible through browser-clients, not just the desired ones.

SecureDomino Intrusion Prevention Features

Prevent Brute-Force Hacking and Password Guessing Attempts
Effective protection against hacking and denial of service-attacks through HTTP lockout. IPs and user accounts are locked after a number of failed attempts. Unlock on a scheduled interval or have administrators unlock manually.
  • Forgotten Password Handling
    Users may request new http passwords and have them send to their Notes-mail accounts.
  • Access Restrictions
    Restrict http-access with white- and black-lists to directories and databases. Have all other databases accessed through Lotus Notes clients only.
  • Redirection
    Create redirections for custom and unwanted URL-commands like $$DefaultNav, $$DefaultView, %%Source%%. Works even with unicode characters.

SecureDomino benefits

is widely tested and implemented by corporations (including IBM) and governments around the world.
  • is a DSAPI-filter and can simply be plugged into any Domino server
  • can be installed within minutes
  • does not does require any modifications to the Domino directory or even a new Domino directory
  • does not slow down the Domino server
  • does not write into the Domino directory
  • even works with strong password encryption
  • is available on all relevant Domino platforms (Windows, Linux, AIX, Sun OS, others on request)

    Platforms
    SecureDomino is available for the following platforms:
    • Windows NT/2000/2003
    • Linux
    • AIX
    • Sun Solaris / Risc on request
    • iSeries and zSeries on request
    SecureDomino R7 requires a Domino R6 (or higher) server.


     Domino Server Authentication, Security, Intrusion Prevention

    Screenshot: SecureDomino Administration and Logging Database
  • Get in touch

    Michael Gollmick
    Michael Gollmick
    Technische Fragen
    +49 221 97343 0

     SecureDomino - Protect Your Data!

    Test SecureDomino now

    Request your free 30-days fully functional trial version of SecureDomino today.
    Bold fields are required to complete this form. Inquires without proper company names and mail addresses (e.g.: hotmail etc.) will be ignored.