• |
The Quest ESSO applications do not run directly with the LDAP directory of your company with your users’ tokens. All the operations are performed by the Security Services, in a secure system environment. |
SSOWatch is the single sign-on (SSO) engine. It is installed on the client workstations. This software module offers many optional components. | |
Advanced Login software module allows you to enforce users’ authentication and to use other authentication sources than Active Directory. When installed, it is used instead of the standard Windows log on dialog box.
Advanced Login allows users to log on their workstation using several authentication methods, as login/password, smart cards, or biometrics authentication methods.
| |
The Quest ESSO Controller is an administration server that enables the management of administration profiles.
The administration actions are not directly sent from the workstations to the LDAP account of the Quest ESSO administrator, but through the Quest ESSO Controller: upon the Quest ESSO installation, you will have to define an LDAP account that will be used by the Quest ESSO Controller to perform any Quest ESSO administration action on the LDAP directory.
You do not have to set different ACLs depending on the Quest ESSO administrators. You just have to set ACLs only once, on the LDAP account used by the Quest ESSO Controller, which manages the administration requests depending on the administration profiles defined using Quest ESSO Console.
The Quest ESSO Controller runs also as the Quest ESSO audit server. It retrieves audit information of the Quest ESSO workstations in an SQL database. The pieces of audit data are available through Quest ESSO Console, either globally, or contextually (that is depending on the selected audited Quest ESSO object). | |
Quest ESSO Console is a centralized administration and audit consultation tool that can be installed on any Quest ESSO workstation client. This administration console allows you also to define extended security policies by managing Access Points, and by defining authentication scheduling. |
For details on supported authentication devices, see Release Notes. |
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy