Add strong authentication to your IBM Lotus Domino infrastructure and provide roaming users with an easy to deploy and secure access to corporate published applications anywhere, anytime, anyhow.

Quick, efficient and secure data access - anywhere, anytime - is imperative for the majority of businesses these days. Remote workers use VPN and firewall technology to enter the corporate LAN and access networked resources when required. Confidential information and sensitive data is available to them as soon as they are logged on. Protecting these data by static passwords alone is insufficient and very unsafe. Therefore VASCO created a solution based on strong user authentication.

By adding the DIGIPASS Plug-In to the Lotus Domino server, the weakest link in the security infrastructure is removed. Vulnerable protection with static passwords is replaced by a highly secure two-factor authentication.

Public exposure of the credentials is no longer a concern through the use of dynamic, one-time passwords (OTPs). Unlike a regular static password, a DIGIPASS-generated OTP cannot be guessed, re-used or hacked as the passwords expire automatically after a limited time.

Limitations of the standard solution

To web enable your Lotus Domino environment, security is paramount.  The standard Lotus Notes client benefits from integrated proprietary authentication mechanisms. However, web sessions do not benefit from these same mechanisms. A standard web browser authenticates users using basic username and static password combinations, which is unsecure and a potential risk for unauthorised access.

Some Web servers provide Strong authentication via the use of SSL client certificates, however this requires additional installation, configuration and maintenance.  Deployment of this solution becomes the usual PKI rollout problem - i.e., the management and distribution of client certificates is cumbersome to both administer and track. Typically this results in traveling users only being allowed to connect from laptops over a VPN (Virtual Private Network), despite having access to the Internet from public access points. In order to avoid such complex and expensive setup, VASCO created its Plugin for Lotus Domino that offers strong user authentication by replacing the static password by a DIGIPASS-generated One Time Password.

Anywhere, Anytime

DIGIPASS Plug-In for Lotus Domino is a simple and easy to administer solution, allowing integration of strong authentication by providing remote users “anywhere, anytime” access to all web enabled applications or e-mail.

Based on VASCO DIGIPASS

DIGIPASS Plug-In for Lotus Domino is based on the renowned VASCO DIGIPASS technology. DIGIPASS devices are used to provide secure one-time passwords for use when logging on to a secured system. These one-time passwords provide positive identification, and therefore secure access for remote Lotus Domino users.

One Time Passwords can be used only one time to login.  They are valid for a very short time, like 30 seconds, and become obsolete and unusable after that time window.  So even if they could be noticed, seen, copied or duplicated, a re-use for unauthorised access will not be possible.

Integration with Lotus Domino

DIGIPASS Plug-In for Lotus Domino is easily integrated in your existing infrastructure, and requires no additional servers or services.

Assignment and maintenance tools for the DIGIPASS devices are provided out-of-the-box and have the standard Lotus Notes look and feel. Deployment of DIGIPASS Plug-In for Lotus Domino is quick and efficient, and does not interfere with your existing groupware applications.

All user and configuration settings are defined in a separate Domino database, removing the need to customize standard Domino directories. If required, a full integration into existing databases is possible by further customization.

Key features

• one-time passwords eliminate internet exposure of confidential credentials like static passwords
• May be used together with server based SSL certificates for additional security
• No cookies or modification to client PCs are required - DIGIPASS Plug-In for Lotus Domino works with any web browser
• Scalable - pay as you grow
• Fully integrated with Domino authentication mechanism
• May be used to access any web enabled Domino database
• Compatible with standard and session based authentication
• Transparent to users - no training required
• Strong two-factor authentication - based on VASCO’s proven technologies
• Selective deployment: may be used for some or all Domino users
• May be used with any Domino directory configuration: single directory, multiple directories, directory assistance

System Requirements

Server-side Requirements
IBM Lotus Domino on Windows 2000 Server, Windows Server 2003(32-bits) or Windows Server 2008(32-bits) platform.

IBM Lotus Domino on Windows Server 2003(64-bits) or Windows Server 2008/2008R2(64-bits) platform.

Supported versions: Lotus Domino 5.x, Lotus Domino 6.x, Lotus Domino 7.x, Lotus Domino 8.x(32-bits), Lotus Domino 8.5.x(64-bits).

Client-side Requirements
IBM Lotus Notes on Windows XP or Windows Vista.
Supported versions: Lotus Notes 5.x, Lotus Notes 6.x, Lotus Notes 7.x, Lotus Notes 8.x (32 bits only).