Fálaina’s Web Access Manager/SSO (WSSO) is a lightweight solution for web application access control, providing an integrated standards-based solution that delivers authentication, single sign-on, access policy creation and enforcement. It is designed to support legacy on-premise (private cloud) web applications and SaaS applications. Legacy web applications include traditional in-house applications built on top of Microsoft IIS, Apache Tomcat, Oracle Weblogic, IBM Websphere, Wildfly application server and so on. SaaS based applications include Salesforce, Google, Office365, ServiceNow, Workday and many more.Fálaina’s WSSO Integration with Identity Governance and Administration (IGA) platform allows end to end access management services such as user selfservice registration, user on-boarding, password management, delegated administration, reporting and auditing.Fálaina’s WSSO integrates out-of-the-box with directory services, application servers, web servers, and enterprise applications includes SaaS applications via OpenID Connect, Oauth2 and SAML.Its architecture leverages Microsoft clustering technologies for high-availability and distributed load-balancing – providing a very scalable solution for B2E and B2C type of applications.

Fálaina’s WSSO supports cloud deployment and mobile applications to meet increasing customer demand for applications secure access.

 

Centralised authentication with single sign on across private and public cloud applications

Fálaina’s WSSO intercepts access requests to protect resources, checks for security level of a web/application resources, users existing session in the
browser, authenticate users, validate credentials, and authorize users to these resources to enforce application access control. This is done via web and application server agent for legacy web applications.

As for SaaS based applications, the authentication happens via the standard protocols such as SAML, OAuth2 and OpenID Connect.

WSSO provides various security level to protect resources, ensuring that stronger authentication policies are applied to critical and sensitive applications/services.

The WSSO is sable to detect which application authenticates to which directories or LDAP servers.Multiple combinations are supported at any one time.

Advanced session management across applications

Fálaina’s WSSO provides advanced session management capabilities, giving administrators complete visibility and control over real-time user session. It allows administrators to enforce constraints on user sessions including concurrent session, session lifetime and idle timeout.

The administration interface allows administrators to monitor all user sessions by applications, and locations. it allows the termination of a specific session of a user or attacker.

Fálaina’s WSSO also supports session sharing between WSSO servers and application servers. This includes cross-domain session management.

Application developers can take advantage of the centralized session management to improve overall security within organizations for both B2E and B2C applications.

Centralised access control policy management

Fálaina’s WSSO is 100% browser-based policy management which allows access policies management across all applications. Policies include web applications
resources to protect, authentication and asuthorization policies and session management. The policy management also support agent management, which is installed on the web and applications servers.

The policy server provides API for integration with third party management tools. The policies also can be managed via Fálaina’s IGA components for seamless users on-boarding to applications and enabling them for single sign-on.

Fine-grained resource and access authorization

Fálaina’s WSSO supports fine-grained policy which helps to provide complete security for all web methods such as Get, Post, Put, Patch and Delete. The policy administration is strengthened via RBAC and ABAC security definition to strengthen application security.

Fálaina’s WSSO provides authorization API along with agent framework, which can be used to build custom authorization logic in any applications.

Centralized authentication and authorization reduces application development cost and improves overall security for applications.

Multi-factor Authentication and Mobile applications support

Multi-factor authentication (MFA) in Fálaina’s WSSO supports out of the box One-Time Password (OTP) via mobile SMS, WhatsApp message or email. The
MFA implementation can be done by application realm, location, authentication provider or enterprise wide.

Integration with third party multi-factor authentication hardware and software solution are supported via REST API integration. Multifactor features also support step-up
authentication, which can be implemented by applications or group of applications. Fálaina’s WSSO supports mobile native applications or hybrid applications for authentication and single sign-on. With mobile application support, application developers can take advantage of mobile multi-factor authenticators to secure their applications across private and public cloud.

Fálaina Universal SSO Workspace2

Fálaina’s WSSO provides universal workspace for users to access their SSO applications including the set of applications you are allowed to login via privileged account. This web-based Universal SSO Workspace2 enables users to securely access any web based SSO applications from any device – eventually proving better user experience and improves productivity.