Dan Hollis wrote:
> You know, none of these products seem to address network security. Anyone
> with an ethernet sniffer can get around these security products quite easily.
>
> I'm still waiting for HP to implement (at the minimum) firewalling and SSL.
> Until then, we're going to have to continue propping up our HP3000's with
> Unix machines, to provide security the HP3000 lacks.
>
 
SAF/3000 is supporting Crypto-card one time password token generator:
 
  http://www.cryptocard.com/
 
today for the HP 3000 (we were the first demo site).  Go read the web page
on Crypto-card and decide for yourself what is happening with other vendors
and Crypto-card. You may find some very familiar names listed under "What's
New".
 
The card's strongest feature is administration.  You init the card on site
in a minute or hand key it, so you may change the internal key field
periodically or re-use the card.  It comes with replaceable batteries so the
life of the card is long.  SAF/3000 has a feature to copy the key field to
_several_ HP logon user accounts, so you need only a single card to access
many HP logons (as I do) with a single key.
 
I point you to the card's Web page because you may find other uses with the
same card with other vendors.  A single card supports up to three unique key
fields (meaning three vendors could be supported on the same card) for your
enterprise-wide solution.
 
On an HP 3000, using stream job "inheritance" from an interactive session
that uses Crypto-card logon, you can just about eliminate passwords all
together.
 
Lee Courtney at Monterey Software posts to this list: [log in to unmask]
Contact him for info.
----------------------------------------------------------------
Eric J. Schubert                    Senior Data Base Analyst
Office of Information Technologies  Univ of Notre Dame, IN USA
(219) 631-7306                      http://www.nd.edu/~eschuber