Follow us on Twitter
TIMETOACT on Facebook
Add to Favorites
SecureDomino: Authentication and Intrusion Prevention for Lotus Domino
SecureDomino is the universal authentication and security tool for Domino web servers.
By extending authentication options beyond the Domino Directory, SecureDomino allows a broader usage of Domino servers.
SecureDomino enhances data security and helps to enforce Sarbanes-Oxley compliance. Domino servers with activated HTTP task are protected by preventing unauthorized users from gaining access.
Lotus Domino authentication has several shortcomings:
Even with the Domino Directory Assistance and the Active Directory Synchronization users must still handle multiple passwords.
Domino does not log authentication successfully and failed attempts efficiently.
Domino does not support IP-based authentication.
Domino does not allow the definition of log-on hours
SecureDomino Authentication Features
Designated (SPNEGO) Authentication Server (new in R7!)
Use one central SPNGEO activated server to handle automated authentication even on non-SPNEGO supported Platforms and Domino-Versions like Linux or Solaris.
Authenticate against Microsoft or any other LDAP directory and thus eliminate the need for users to remember multiple passwords.
Log sign-in attempts (either all, successful only or failed attempts only) for analysis, documentation and user-information.
Identify and authenticate users (and proxies) through their IP-address automatically.
Log-on Hours Definition
Restrict signing in, e.g.: restrict log-in to business days and hours from 8am to 5pm.
Lotus Notes and Domino offer extensive and mature security architecture. Nevertheless, a Domino server in the Intra-, Extra- or Internet is exposed to many risks:
Browser clients can endlessly attempt to sign in to a Domino Server. Retrieving a user's password is just a matter of time.
Hackers can access sensitive data or cause a heavy server load by simply using hacking tools provided in the internet (Brute Force Attacks, Denial-of-Service).
URL´s like $DefaultNav and $DefaultView often reveal much more information than intended.
Loading the HTTP-server task makes all database accessible through browser-clients, not just the desired ones.
SecureDomino Intrusion Prevention Features
Prevent Brute-Force Hacking and Password Guessing Attempts
Effective protection against hacking and denial of service-attacks through HTTP lockout. IPs and user accounts are locked after a number of failed attempts. Unlock on a scheduled interval or have administrators unlock manually.
Forgotten Password Handling
Users may request new http passwords and have them send to their Notes-mail accounts.
Restrict http-access with white- and black-lists to directories and databases. Have all other databases accessed through Lotus Notes clients only.
Create redirections for custom and unwanted URL-commands like $$DefaultNav, $$DefaultView, %%Source%%. Works even with unicode characters.
is widely tested and implemented by corporations (including IBM) and governments around the world.
is a DSAPI-filter and can simply be plugged into any Domino server
can be installed within minutes
does not does require any modifications to the Domino directory or even a new Domino directory
does not slow down the Domino server
does not write into the Domino directory
even works with strong password encryption
is available on all relevant Domino platforms (Windows, Linux, AIX, Sun OS, others on request)
SecureDomino is available for the following platforms:
Sun Solaris / Risc on request
iSeries and zSeries on request
SecureDomino R7 requires a Domino R6 (or higher) server.
Screenshot: SecureDomino Administration and Logging Database
Share on Facebook
Tell a Friend
© 2016 TIMETOACT GROUP, Im Mediapark 2, 50670 Köln
Intrusion Prevention Features
Detailed Product Description (PDF)
Detailed Product Desciption (PDF in German)
What's new in SecureDomino R7 (PDF)
Artikel digital business magazin: "Benutzername, Kennwort? Single Sign-On!" (German only)
Artikel digital business magazin: "Mehr Sicherheit im Intra- und Internet" (German only)
Get in touch
+49 221 97343 0
Mail to Michael Gollmick
Test SecureDomino now
Request your free 30-days fully functional trial version of SecureDomino today.
Bold fields are required to complete this form. Inquires without proper company names and mail addresses (e.g.: hotmail etc.) will be ignored.