Sample illustrating Enterprise Security

Similar Messages

• SAML support in WebLogic Enterprise Security

  Are there any documents and code examples that illustrate how to use SAML in WL Enterprise Security? Is there any identity provider included (NOT identity assertion provider) or is the SAML credential mapper an identity provider?
  The only document that I could find was around setting up identity assertion provider and credential mapper in admin guide. There ia also a mention of types of SAML assertion supported as below without any further explanation on these. Moreover, there is no information available for com.bea.security.internal.SAMLChallenge interface.
  SAML.Challenge - The token is a Challenge token that has implemented the
  com.bea.security.internal.SAMLChallenge interface.
  SAML.Assertion - SAML Assertion that contains the full CertPath. Same as
  SAML.Assertion.Certpath.
  SAML.Assertion.NoCertpath - SAML Assertion that does not contain the full
  certificate chain.
  SAML.Assertion.Certpath - SAML Assertion with a full cert chain. Same as
  SAML.Assertion.

  anyone had any luck with this yet?

• WPA2-enterprise security question

  I will be attending ETSU (East TN State U) as a graduate student this fall. I have purchased a new iPad 3G and want to use it on the campus network. I have read that on some campuses there have been problems with the wireless iPads working on university networks. Will I have a problem using mine at ETSU?  
  I bought the Wi-Fi and 3G version just in case, but would prefer to use it as a wi-fi only device.  
  I emailed the OIT dept on campus and they said that they might be able to connect the iPad to the wireless, but they can not promise me that it will work.  They tell me to check my iPad to make sure that it comes with WPA2-enterprise security. 
  What is WPA2-enterprise security and does my iPad have this? Will I be able to use it on campus come August?
  Any advice would be helpful.

  Alec Edworthy wrote:
  The issue has been with DHCP and the iPad not renewing its lease when it should do. This has lead some sites to ban (through rule or a technological means) some or all iPads. The solution is to turn wireless off and on again or do not allow the screen to turn off. You can find more information at,
  http://www.net.princeton.edu/announcements/ipad-iphoneos32-stops-renewing-lease- keeps-using-IP-address.html
  Apple should be fixing this in an update in the future.
  Alec
  Unfortunately, DHCP or Princeton issues have absolutely nothing to do with the question the OP is asking. FYI, no university has banned the iPad from their network.
  As has already been stated by rutiger the iPad should work with WPA2 Enterprise.
  For more on iPad and WPA2 Enterprise security see: http://www.apple.com/ipad/business/pdf/iPadSecurityOverview.pdf

• How to start Enterprise Security Manager in 11g

  Hi All,
  How to start Enterprise Security Manger in 11g ? Should Grid Control be installed seperately ? There is no menu or utility that represent Enterprise Security Manager in 11g ? In 10g there is a menu item called "Enterprise Security Manager" , how to access it in 11g ?
  Regards,
  Senthil.

  my doubt is ,, just simply giving the above command the listener create and start or do i need to modify any other parameters which i have to copy from old listener file.The former. Unless you need/want to use non-standard parameters, you don't need anything else. Just start it.

• Oracle Enterprise Security Manager

  Hi!
  I have some problems with installing the Oracle Aplication Server Infrastructure 10g. I need to configure the Oracle Internet Directory. For this i did following steps:
  1) Install the Oracle Aplication Server Infrastructure 10g, which include the OID
  2) For the aplication server database configure a Oracle Context through the Net Configuration Assistant
  3) Configure the database for using OID
  4) Create user in the database that identified globally
  After that i need to configure a Enterprise User in OID. For this i need Oracle Enterprise Security Manager. But ESM isn't installed with the Oracle Aplication Server.
  What application includes Oracle Enterprise Security Manager?
  Thanks a lot!

  Without knowing exactly what he referring to. I can't comments much more.
  What's version are you using?
  Data Guard is very mature feature of Oracle 10g, since it first appeared in Oracle 8i in the form of Standby server.
  Whatever bugs he experienced, he should work with Oracle support to fix it. It could be known bugs that already has a fix, it could be he didn't use the feature correctly and assume it's a bug, it could be a real undocumented bug.
  Using his own stored procedure to monitor data guard like reinventing the wheel. Actually it's worse, what on earth is he thinking that he could out smart whole Data Guard team of Oracle :D

• Enterprise Security Update

  I hope someone can help me. I have an older Palm TX and i desperately need the Enterprise Security Update. The link on the HP downloads page does not work.

  Check your Private Messages here on the forum.
  WyreNut
  I am a Volunteer here, not employed by HP.
  You too can become an HP Expert! Details HERE!
  If my post has helped you, click the Kudos Thumbs up!
  If it solved your issue, Click the "Accept as Solution" button so others can benefit from the question you asked!

• My CEO forgot the Enterprise Security passcode.

  My CEO has forgotten the Enterprise security passcode that he set up on his iPhone 4.  iTunes gives me an error saying that it can't connect to the phone because of the passcode even when it is in restore mode.  Any suggestions from the community how to unlock this phone?

  It may be possible to sync the device with the computer it normally syncs with, restoring from backup and removing the security code.
  If that does not work, place the device in DFU mode and restore as new.

• BEA Enterprise Security - Linux Support

  Hi All,
  Does anyone know if there is a plan to support Linux platform for this product
  - BEA Enterprise Security. Also, has any one used this product. How does it compare
  to IBM's Tivoli TIM/TAM or Netegrity SiteMinder?
  TIA

  Hi All,
  Does anyone know if there is a plan to support Linux platform for this product
  - BEA Enterprise Security. Also, has any one used this product. How does it compare
  to IBM's Tivoli TIM/TAM or Netegrity SiteMinder?
  TIA

• Internal SD Encryption & Enterprise Security

  Does Sony has any plans for the above?
  Internal SD encryption is something that a lot of users have been seeking. And the fact that Android doesn't have this feature built in or there's no such app in the Play store makes it more appealing to have it built in on Xperia phones. The current Android encryption only effect the 'data' partition and not the internal sd card. Which becomes an issue when an Xperia phone is lost or stolen. All one need to do is flash a new os, erasing all user data, but the content in the internal sd is still intact.
  As for Enterprise Security, it's something that Xperia phones need to have if it wants to penetrate the Enterprise Market that are still being dominated by Blackberrys. Samsung has Knox, and it's about time Xperia has one of it's own. 

  I continue to refer Sony's whitepapers. ;-) This time the section about memory in Android devices from http://www-support-downloads.sonymobile.com/c6602/whitepaper_EN_c6602_xperia_z.pdf
  "In Sony Mobile 2013 products, “Internal Storage” is now the union of what was previously known as “Phone Memory” (for applications and their data. “/data”) and “Internal Storage” (for user’s content, “/sdcard”). The reason for this change is to make the use of available memory more flexible, and also to enable the optional encryption of user’s content."
  This basically means that there are no such things as  "data partition" or " internal sd-card" anymore, only one big "internal storage" that holds everything. When it is encrypted, everything stored on the phone is encrypted.

• WebLogic Enterprise Security???

  Does anybody tell me how long the weblogic enterprise security is in the market?
  And also what is the specific business purpose of this product?
  Thanks
  Lara

  These pages have a lot of info on the subject:
  http://dev2dev.bea.com/products/wlesecurity/index.jsp
  http://www.bea.com/framework.jsp?CNT=overview.htm&FP=/content/products/security/
  Pavel.
  "Lara123" <[email protected]> wrote:
  >
  Does anybody tell me how long the weblogic enterprise security is in
  the market?
  And also what is the specific business purpose of this product?
  Thanks
  Lara

• Using Microsoft Security Essential as Enterprise security solution and deploy via domain policy

  hi, All,
  I am trying to deploy Microsoft Security Essential in a enterprise via domain policy, and met following questions ,Would anyone help?
  1. Is Microsoft Security Essential the right choice for enterprise security protection solution and if Security essential will cover enterprise security scenario in future? It seems Microsoft had Forefront Endpoint Protection as enterprise security
  solution but it was deprecated.   While, Security Essential is mainly target for consumers.
  2. I can extract msi from setup.exe, but is there an official MSI version of Security Essential? Is there any document about the MSI parameters? 
  3. Is there a domain policy template(admx) for Security Essential?
  4. As Security Essential has x86 and x64 versions. and it has built-in in win8. How would I make sure
           x86 computers install x86 msi of security essential.
           x64 computers install x64 msi of securit yessential.
          win8,win8.1 computers ignore the installation request.
          through  Group Policy Editor > Computer Configuration > Software Settings > Software Installation > New > Package

  Hi
  You are correct, Microsoft Security Essential is not for Enterprise use.
  Technical you can deploy it but its hard to manage central.
  Microsoft Enterprise solution for antimalware is System Center 2012 Endpoint Protection which is included in System Center 2012 Configuration Manager.

• Cannot connect to WIFI with WPA2 enterprise security

  I'm currently trying to switch my Wifi from WPA2 Personal to WPA2 Enterprise using a dd-wrt flashed TP-Link router and a Synology Diskstation as the RADIUS server. The diskstation also creates the CA certificate which I can download from there for all client devices.
  Configuration on the side of the router appears to be fine, I've entered all the details for RADIUS authentication and left "WPA Algorithms" at its default setting "TKIP", other options being ("AES" and "TKIP+AES"). I said it appears to be fine because my Android phone connection is established succesfully using the following (default) parameters:
  EAP method: PEAP
  Phase 2 Auth: NONE (also works with MSCHAPV2, and probably other options)
  CA cert: unspecified (didn't download it to smartphone, must be fetched automatically from router I guess)
  User cert: unspecified
  Identity: myDiskstationUsername
  Anonymous Identity: (blank)
  Password: myDiskstationPassword
  So far, so good... I still cannot manage to get a connection from my laptop running Arch. Prefered method would be via "wicd". The best match seems to be the following configuration profile:
  name = PEAP with TKIP/MSCHAPV2
  author = Fralaltro
  version = 1
  require identity *Identity password *Password
  optional ca_cert *Path_to_CA_Cert
  protected password *Password
  ctrl_interface=/var/run/wpa_supplicant
  network={
  ssid="$_ESSID"
  scan_ssid=$_SCAN
  proto=WPA
  key_mgmt=WPA-EAP
  pairwise=TKIP
  group=TKIP
  eap=PEAP
  identity="$_IDENTITY"
  password="$_PASSWORD"
  ca_cert="$_CA_CERT"
  phase1="peaplabel=0"
  phase2="auth=MSCHAPV2"
  But it's not working, both with and without specifing the optional path to the CA certificate. Any ideas what I could've been missing or any clues for debugging?
  Last edited by saciel (2013-11-07 09:55:16)

  Why don't you use netctl?
  I'm using netctl to connect to my FreeRadius Server, and I use this config...
  Description='A wireless connection using a custom network block configuration'
  Interface=wlp0s29f7u3
  Connection=wireless
  Security=wpa-configsection
  IP=static
  Address='192.168.1.200/24'
  Gateway='192.168.1.1'
  DNS=('192.168.1.1')
  WPAConfigSection=(
  'ssid="SSID"'
  'key_mgmt=WPA-EAP'
  'eap=PEAP'
  'phase2="auth=MSCHAPV2"'
  'group=CCMP'
  'pairwise=CCMP'
  'identity="user"'
  'password="password"'
  'priority=1'

• IOS vs Blackberry - enterprise security comparison

  I need some help on establishing the security of iOS devices in the enterprise compared with Blackberries.
  Our security-conscious company uses Blackberries but is seeing increasing numbers of staff using 'unofficial' iPhones and iPads to access the Exchange 2010 server and other network assets - connecting to the office network using the same VPN connection made available for remote laptop access. There is currently some debate about whether this should be stamped out'. The powers that be opine that Blackberry is inherently safer and are inclined to ban iOS devices from accessing network assets, but my suspicion would be that both platforms are secure if deployed properly. Moreover, security is not an all-or-nothing concept but should be analysed in bits (e.g. can the connection be hacked, can data on the device be hacked if it is lost or stolen, can the device be remotely wiped, etc.).
  The iPhone enterprise deployment guide should tell our systems folks everything they need to know about secure deployment, and my guess would be that we could make and enforce a policy that meets or exceeds the security available using our current Blackberry policy. Hoever, we're not yet at the stage that our systems folks are willing (or allowed) to support iOS. What I need first, therefore, is some objective discussion/comparison of the different security aspects of Blackberry vs iOS. Blackberry posts a 'white paper'  by 'J. Gold Associates' by (http://us.blackberry.com/business/leading/Choosing_an_enterprise-class_wireless_ operating_system.pdf), but it's from early 2009 and seems to be entirely pro-Blackberry. Can anybody suggest some sources?
  Many thanks,
  Jim

  It has something to do with ios 6 and netgear, I know that for sure, ios 6 and netgear had problems pre 6.1.
  I'm not sure what you mean by if it ever worked? Yes it did work, the iPad 2 on ios5 worked fine, and the other two still on ios 5 work as expected. The iPhone 4 worked the same, no problems until ios 6. Any other non-ios 6 device works as well.
  I'm not sure if it is a router / firewall problem, I wouldn't rule it out, but it HAS to be something to do with ios 6, there's just no other explanation for it :S. If you also add in the fact that netgear and ios 6 had terrible problems, it makes sense, the problem is trying to solve it :S
  I know that ios 6 works fine on other access points / routers, which is why I added netgear to the title, I'm particularly interested in any other people that have netgear wifi and had similar issues with ios 6.

• Reaching out for Enterprise Security Help

  My current environment is a medium size hospital with mulitple campuses. We have a number of different types of devices; Laptops, CoW's (Computer on Wheels) 7921's, BlackBerry's. Currently the majority of my clients are running WPA/WPA2-PSK. Personally, I'm sick to death of PSK. It's an easy and samll footprint, but managing keys is a major pain in the butt. At any one time I have an average of 500 clients connected to my WLC's (4.2.205). I've been trying to run a project on moving the devices to an EAP scenerio. Laptops work fine in EAP-TLS as do BlackBerry's but as everyone knows, EAP-TLS has some authentication overhead. Here's my problem, the CoW's. The CoW is simply a mini-pc put into a specialized cart that the nurses pull from room to room for BedSide Meds and such. With EAP-TLS testing I'm having a lot of issues with the authentication taking to long and the user getting kicked out of their app, Meditech. Our version of Meditech is basically a crap telnet application and if it doesn't get a response quickly it'll throw you to the desktop. Also, although I know EAP-TLS had some overhead, I'm dissapointed in it's roaming ability and how slow it is. As I see it, the users I have testing EAP-TLS on laptops and Blackberry's are not truely mobile. They typically don't attempt to use their device while on the move versus's the CoW. Here are a few things I've ran into in trying to figure out a security solution and hopefully you guys can help me out and suggest somethings I haven't thought of:
  EAP-TLS - Obvious overhead issues as stated above. Is anyone running this in a similiar environment, how do you deal with it?
  PEAP - Rely's on a strong user/pass which does not work in our world. The nurses log into the CoW witha generic username/password that pretty much everyone is aware of. Although Windows it's self is locked WAY down, your still on the network if you have access to this user/pass.
  EAP-FAST - As I understand it, with EAP-FAST and MSCHAPv2, there's a PAC for each user. If the user logs in more then once from different locations, I suspect this would be a problem. Not to mention I'm not sure how the manageability on usernames would work. I looked at using the Certificate on the machine to do the authentication and setting EAP-FAST to require this for autehntication and it works fine for my laptop and the IntelPro/Set Wireless utility but on the CoW's, not so.. The Cow's have an Atheros AR5006x chip and with the Atheros Client Utility, the utility will only allow you to select a personal cert, not a machine certificate for anything. Does anyone know of an Client Utility that will allow me to do this with out spending $$$$ or of Atheros Client that will allow me to do this?
  How is everyone else providing an enterprise solution with manageabillity and stability?

  Extensible Authentication Protocol (EAP) is an IETF RFC that stipulates that an authentication protocol must be decoupled from the transport protocol used to carry it. This allows the EAP protocol to be carried by transport protocols such as 802.1X, UDP, or RADIUS without having to make changes to the authentication protocol itself.
  •PEAP MSCHAPv2-Protected EAP MSCHAPv2. Uses a Transport Layer Security (TLS) tunnel, (the IETF standard of an SSL) to protect an encapsulated MSCHAPv2 exchange between the WLAN client and the authentication server.
  •PEAP GTC-Protected EAP Generic Token Card (GTC). Uses a TLS tunnel to protect a generic token card exchange; for example, a one-time password or LDAP authentication.
  •EAP-FAST-EAP-Flexible Authentication via Secured Tunnel. Uses a tunnel similar to that used in PEAP, but does not require the use of Public Key Infrastructure (PKI).
  •EAP-TLS-EAP Transport Layer Security uses PKI to authenticate both the WLAN network and the WLAN client, requiring both a client certificate and an authentication server certificate.
  http://www.cisco.com/application/pdf/en/us/guest/netsol/ns386/c649/ccmigration_09186a0080871da5.pdf

• Is RIM implementi​ng BES enterprise security on all Playbooks

  Is it possible that RIM is implementing BES enterprise strict security on all Playbooks even though they are not on BES? It seems like a lot of things that normally should work are not working and these are the same type of things that Corporate BES implements (not being able to open certain type attachments, not being able to click certain links, etc.).

  good info here
  http://docs.blackberry.com/en/admin/deliverables/2​6992/BlackBerry_PlayBook-Security_Technical_Overvi​...
  Click here to Backup the data on your BlackBerry Device! It's important, and FREE!
  Click "Accept as Solution" if your problem is solved. To give thanks, click thumbs up
  Click to search the Knowledge Base at BTSC and click to Read The Fabulous Manuals
  BESAdmin's, please make a signature with your BES environment info.
  SIM Free BlackBerry Unlocking FAQ
  Follow me on Twitter @knottyrope
  Want to thank me? Buy my KnottyRope App here
  BES 12 and BES 5.0.4 with Exchange 2010 and SQL 2012 Hyper V