Products – AntID

ANT AM

Access Management

Our AM provides a secure entry point, able to manage users and memberships in real time . It takes care of the entire user identity lifecycle through our Directory Management, offering both modern and legacy Single Sign-On (SSO), governance, multi-factor authentication (MFA), and attributes such as Windows Hello for Business

Directory Management

Manages users, group of users, users’ group membership (privileges) for internal or external identity source, through approval procedures

Application Catalogue

Uniquely consents to define applications and propagation group through approval processes for both internal and external applications

Directory Services and Federation

Enables the use of an external identity provider (e.g. Azure) and delegates the authentication to Entra ID, allowing Azure identities to connect to ANT ID

Tenant Admin Console (TAC)

Manages all tenant-related configurations

Self Service

Provides all the functionalities for you as a user. It lets you manage independently tokens, personal documents, contact details, invitations, approvals, requests, and external plug-ins

Emergency Access

Provides access to the user cannot log ing. This happens through one-time passwords (OTP), via mobile phone or email address, and magic questions

Onboarding Process:

Onboarding Process

Contact or other information is collected and authentication methods are registered to eventually onboard users on ANT ID

Operational Console

Enables the ability to perform actions on behalf of another user. It allows to create, unenroll, and unlock admin groups, privileges, as well as managing lifecycle of such users

Central Login Point

Activates different authentication methods (or IDP) and provides a single access point for users to securely log in to applications

Identity Governance Administration (IGA)

Used to manage fully customized approval configurations and email templates and to set the approval level granularly

Global dashboard

Provides dashboards for different populations. Defines objects and creates shortcuts to different applications, approval processes, agent connections, and RDP connections

Modern Single Sign-on (SSO):

Modern Single Sign-on (SSO)

Users can access all the applications without any other needs to reauthenticate. Our Modern SSO uses protocols such as SAML and OpenID

ANT PAM

Priviliged Access Management

Our PAM approach is characterized by offering products like connection manager agent, privileged access and identity management infrastructures, remote gateway, and session recording. It provides multi-layered security approach that protects against unauthorized access from both internal and external threats and ensures granular access controls

Vault

Core of the PAM module. Here our secrets – sensitive information to be kept secure – are stored and created using customizable-field templates. Manages the permissions, audit log view, handles lifecycle of passwords, conducting regular checks to ensure password validity

Secret Manager

Flexibly organizes secrets in folders and subfolders, possibly following a hierarchical order and respecting role-based access control settings

Connection manager

Central place to define SSO to any type of application consuming a secret and store connections via the agent or injector

Legacy Single Sign (SSO)

PAM supports SSO for legacy authentication protocols. Moreover, it covers SSO to web applications via F5 injection of credentials

Password rotation

Through regular changes, new passwords, and history check, it enhances security and compliance

Password reconciliation

Resets automatically the password and do the reconciliation to make the re-alignment again. It streamlines password management, enhance security, and simplify user access within the organization

Remote Gateway

Provides a secure entry point for users to access critical systems. It establishes a connection from the secure gateway to internal resources via desired available protocol and is necessary for Session Recording

Session recording

Captures a video or creates a log that records the session taken during privileged sessions. It provides a detailed audit trail for compliance purposes and investigation in the event of a security incident or any suspicious activities

ANT CMAS

Certificate Management and Automation System

CMAS facilitates secure authentication while remaining agnostic to the underlying Public Key Infrastructure (PKI) provider, therefore, addressing both public and private Certificate Authorities (CA). It has been developed with meticulous expertise and does not require any technical knowledge of certificate management

Certificate Lifecycle Operations

Detects certificates validity, e.g. expiration date

Unified Certificate Management

Provides a centralized platform to manage all certificates and enables some unique functions (e.g. certificate take-over) coordinated by approval flows

Automation

Enables a complete transparent automation of the distribution to the target system as CMAS supports multiple different automation protocols

PKI Agnosticism

Operates with different PKI providers, providing flexibility and preventing vendor dependency as it supports both public and private Certificate Authorities. Built-in IGA allows for customizable approval processes to be implemented

Key escrow

Puts and holds a private key in a vault to use it at any time on different devices, further reinforceable by a HSM

Scan Engine

Detects certificates validity, e.g. when they are expired, revoked, having certificate or (TLS) configuration issues

ANT HILL

Administration Console

ANT HILL is the heart of the solution which allows a multi-tenant architecture, enables access to different environments through role-based access control (RBAC). Within ANT HILL, the groups, privileges, approval, and notifications are defined centrally for all modules (AM, PAM, CMAS)

Global Administration Console (GAC)

Configures global settings for all the tenants and gets visibility of the setup cross-tenant. This enables the swift deployment of an entire tenant in a matter of hours rather than the usual days or weeks

Tenant Admin Console (TAC)

Manages the tenant’s affairs directly. This includes the ability for the administrator to set comprehensive policies, such as Identity Governance and Administration (IGA) rules, along with tailored parametrization

Identity Governance Administration (IGA)

Seamlessly integrated into the solution, IGA plays a vital role in tasks such as duty segregation, role management, auditing, and reporting. It allows configuration of key solution components, customizable email templates, application catalog setup as well as resource and role mapping flexibility

Central login point

Offers a centralized platform for logging in via various identity providers and consolidates authentication logs in one central location – streamlining user experience, saving time and enhancing security

Vault encryption

Stores sensitive data in an encrypted way converging within PAM, AM, CMAS, and external applications, this component elevates the level of security

Statdashboard

Generates comprehensive reports on various statistics, offering insights into product usage across features and licenses. This transparency is invaluable for understanding costs and expenses, aiding in effective budget planning

Multilingual support

Option to interact with, input, and receive information in various languages, improving users’ accessibility and usability

HSM

Hardware Security Module

The Hardware Security Module (HSM) enhances security through tamper-proof hardware, protection against key theft or misuse, reliable key generation and storage, and streamlined compliance with encryption standards.

Military-grade encryption

Relying on algorithms like AES or RSA to secure data, the HSM generates and stores encryption keys within its tamper-resistant hardware, ensuring sensitive information remains protected. When data is encrypted, it’s scrambled using these keys.