With IBM Directory and Security Server, you can simplify the effort involved in having increased control over complex networks, multivendor systems, and multiple platforms, while maintaining security within your network. With Directory and Security Server, you can generate and manage secure, distributed applications that are interoperable and portable. Directory services make it easy to combine multiple directories, even across WANs, into a simple, single view. Plus, it can be done without deleting users and resources with the same names. You get a single integrated view of all available resources, including printers, files, and applications -- no matter where they are located.
Directory and Security Server gives systems administrators a single logical view of all LAN and WAN resources -- regardless of installed platforms and vendors. And users get convenient single sign-on, providing transparent access to any authorized enterprise resource, which can include the IBM Software Servers.
The security services are based on the Kerberos security model, which uses a third-party authentication server. This server authenticates both the client and server, making impersonation virtually impossible. Another security measure allows only authentication tickets to flow over the network, to protect passwords. Data encryption standard (DES) and commercial data masking facility (CDMF) data encryption technologies are also available for total data privacy.