Smart cards are tamper proof on NetBackup Flex Appliances with Active Directory
Active Directory simplifies life for administrators and end users with a single logon to access global resources while enhancing security for organizations. Administrators can easily manage centralized user and rights management, as well as centralized control over computer and user configurations through the AD Group Policy feature.
To enhance your organization security, you can validate the user authenticity by a smart card reader. When a user swipes his/her card in a smart card reader and enters the PIN, multiple factors of authentication are applied. This reduces the threat of data breach from endpoints in a remotely available datacenter. Smart cards contain microprocessors that can process data directly without remote connections. Because the information in the smart card is hard to be modified, it is highly unlikely that a person can create a duplicate copy and breach security. Smart cards are encrypted with a unique ID and cannot be duplicated.
NetBackup Flex Appliances have the capability to import users from a remote AD server with Open LDAP protocol. You can seamlessly authenticate and authorize users with a global entry LDAP integration. The diagram below illustrates the processes of AD and smart card integration with Flex Appliance.
Watch this demo to learn how to configure and enable smart card authentication with Flex Appliance.
After you configure NetBackp Flex to connect to a remote AD server and import remote users and groups, you can provide a tamper proof mechanism to enable a smart card for a multi factor authentication. The smart cards allow user authentication with cryptographic keys, the keys are encrypted with a unique ID. The smart card feature enhances the security posture for public sectors and government.