DeviceID: Curing IT Insomnia in an Uncertain World

Strong Two-Factor Authentication

Combining DeviceID with a standard username and password challenge enables strong two-factor authentication that restricts network access to only authorized users and devices. Best yet, with DeviceID there's no hardware or token to break, lose or hassle with. And unlike digital certificates, nothing is left on the end user's PC for hackers to steal.

DeviceID records a digital fingerprint of every device, inventorying the serial numbers that are burned into select device components. Upon each network access request, DeviceID compares the digital fingerprint of the requesting device with its records. If a match is found, a VPN connection is established.

Two main features give DeviceID its strength:

Dynamic machine interrogation ensures that the machine inventory process is different each time and occurs without user interaction. Because random attributes are used with each authentication request, DeviceID is safe from replay attacks and reverse engineering.

Endpoint data encryption protects captured hardware data before transferring it over a secure, encrypted channel and storing the results in protected authentication servers for comparison and validation.

Lower TCO Preserves Your Budget

In the past, adding more security layers meant adding more administration expense and disrupting users who often had to learn how to activate these technologies. That's not the case with DeviceID. The registration and activation process can be made transparent by uploading users from existing databases and silently distributing and installing the software. And since DeviceID doesn't alter the end-user experience, there's no learning curve, training or user interaction required—even for VPN launch.

Enforce VPN Use for Peace of Mind

VPN access has become mandatory for secure enterprise access. Unfortunately, some users don't see it that way. Besides validating the identity of the device, DeviceID also helps IT managers create and enforce access policies that ensure only corporate-authorized devices gain network access via VPNs.

Give IT Real-time Reporting

An intuitive Web interface lets network administrators generate reports and filter them by user, machine, transaction type and status for granular control over who accesses the network and from which devices. Reports are pulled directly from the DeviceID database, ensuring a full audit trail of all network activity.

Rest Assured, You Know with Certainty

Yes, it's an uncertain world. And there are those that are looking to do your company network harm. However, by combining user authentication with the device identification of DeviceID, your company gains protection against the use of stolen user identities and devices.

Adding device-based authentication and policy management lets IT staff apply tighter access controls and enforce compliance with endpoint security software across every network connection. DeviceID is yet another way iPass helps you enact policies that harden endpoint security, without impeding user productivity or making management more difficult for IT staff.

Put simply, with DeviceID, sleep-deprived IT staff can finally get a good night's rest.

Discover how DeviceID provides secure connections without compromise. Check out our DeviceID Product Brief, DeviceID Technical Brief and How-it-Works Demo, or talk to your iPass account manager today.

"Use a combination of remote certificates and device 'fingerprinting' to determine whether a user is connecting from a known and secured, managed company device; from a registered and known personal device; or from an unrecognized third-party device."¹

- Gartner Research
November 2004