Computer Associates ETRPPCE8005BPE Getting Started Guide - Page 16

Advantages of Using eTrust SSO Session Management Settings Users can log on to multiple eTrust SSO sessions concurrently on different computers. This is important flexibility for many users, but also must be managed for security reasons. You can configure eTrust SSO to limit the number of sessions a user can have open at one time. Session management also helps to protect sensitive data left unattended on a workstation because it can be used with Windows screen lock. Session management can: „ Keep count of how many active logons a user currently has „ Reject a new logon by a user when they reach their set limit „ Log the user out at any moment, either manually, or when triggered by an event „ Be used with Windows screen lock „ Close old sessions when opening a new one These features are defined on the Policy Server using the Policy Manager. For information about how administrators can manually manage and terminate User Sessions, see the IA Manager Session Administration section in this chapter. Secure Network Traffic All information communicated between the eTrust SSO components is fully encrypted. One-Time Password Capability The One-Time Password (OTP) functionality increases eTrust SSO password security for UNIX applications that transmit passwords in clear text, such as Telnet. As soon as you log onto a remote server, eTrust SSO OTP agent connects to that server and changes your password so that anyone who intercepted the clear text password cannot use it to gain access to the server. 1-12 eTrust SSO Getting Started