Manualshelf

Kerberos Release Notes 11311

ManualsBrandsHP ManualsSoftwareHP-UX Kerberos Data Security Software
12345678910
Kerberos Server Version 3.2.1 Benefits and Features
The Kerberos Server is primarily a centralized network authentication system providing security
solutions to geographically dispersed organizations. Following are some of the key features in
Kerberos Server v3.2.1:
Strong Authentication
Using the Kerberos Server, you can be assured that users, who logon to your network are
who they claim to be, to access the services, databases and applications on your client-server
network.
Strong authentication is the backbone of the Kerberos Server. With geographically dispersed
organizations and resources disbursed across multiple platforms the need for users to access
multiple secure systems in a secure manner is greater than ever. HP Kerberos Server v3.2.1,
provides the unique ability to broker authentication between one secure system and another.
The server provides the base for strong authentication.
In order to use the Kerberos Server network, each user and service, referred to as a principal,
in the network must prove its identity, referred to as authentication. This means that each
principal must be able to, on demand, provide authentication information that only the
principal should be aware of. Proper protection of this authentication information is a critical
aspect of enabling the best security that can be provided.
Scalability
One of the primary benefits of the Kerberos Server is that it is highly customizable and offers
the following advantages:
— Multiple secondary security servers that enable load balancing with automatic
incremental propagation, without any performance degradation.
This feature is disabled if you opt for LDAP as the backend database.
— Realms that can be organized according to types of users or services
Multithreading
Services the user requests in the Key Distribution Center. This enhances the performance
of the Kerberos Server.
High Availability
This mechanism has been provided in this version of the Kerberos Server, by having the
parent process always monitor the server daemon. If the server daemon dies or crashes, the
parent process will automatically spawn a new server daemon.
Dynamic Propagation
Automatically propagates incremental changes from the Primary server to the associated
Secondary servers, thus synchronizing both the Primary and the Secondary servers.
NOTE: Propagation is disabled if you select LDAP as your backend database. Check with
your LDAP administrator, for more information about propagation of information on the
LDAP Server.
3DES Encryption
Provides 3DES encryption type for secret key technology. 3DES is a much stronger encryption
type than the 56 bit DES encryption algorithm. You can configure your server to be either
DES or 3DES.
Kerberos Server Version 3.2.1 Benefits and Features 7