Entrust

Release 3.3

CA-signed certificates now supported for gateway instances (AAAS-7811)

By default, each gateway instance on IntelliTrust contains a self-signed SSL certificate. Administrators can now replace the self-signed SSL certificate with a certificate issued by a certificate authority (CA). The CA could be a public certificate, such as Entrust Certificate Services, or a private CA used by the customer. This certificate will be used for the IdentityGuard Agent and Radius EAP capabilities of the Enterprise Service Gateway.

Support for Legacy Entrust hardware token (AAAS-7820)

The Legacy Entrust AT and OT Mini Tokens can now be used with IntelliTrust for authentication. The OT tokens are a time-based token and the AT tokens are a hybrid time and event-based token with a single button to display an OTP. These tokens must be bulk loaded into IntelliTrust by an administrator using your existing token seed file. Once loaded these tokens can be assigned to a user by an administrator or the user may self-register the token by proving possession using an OTP.

Note: The Entrust Pocket Token and Entrust Flexi Token are not currently supported.

ActiveSync now supported for Microsoft Office 365 (AAAS-7827)

IntelliTrust now supports ActiveSync authentication using an Active Directory or IntelliTrust password. This support leverages SAML (ECP profile) to perform a single factor password authentication. This feature must be explicitly enabled in IntelliTrust under the Office 365 SAML application.

Note: ActiveSync is limited to password authentication and does not support multi-factor authentication.

Protect soft token with facial recognition (AAAS-8946)

IntelliTrust now supports using facial recognition to unlock the Entrust Soft Token application as an alternative to a PIN. Facial recognition is supported on both iOS and Android devices. There is a new Entrust Soft Token authentication authenticator setting that controls whether facial recognition is available for use by user.

Note: This feature is dependent on the user having the Entrust Mobile Soft Token 3.4 application installed.