Wallix Trustelem

Unify, Secure, and Simplify User Access

What is Wallix Trustelem?

Simplify and secure access to key business applications from a centralised platform.  Protect strategic assets, increase efficiency and productivity, and improve user experience for both application users and administrators.

Identity Management Features

Central Directory

Gather your identity sources into a single identity referential to easily control access rights in one centralised location.

  • Support for Active Directory, Azure AD, LDAP directories, and Google G Suite directory
  • Import as many directories as needed into your WALLIX Trustelem platform
  • Complete or partial directory import, based on group membership and attribute filtering
  • Import of group memberships and user attributes to define proper access management policies

SSO

Provide users with a Single Sign-On experience to remove the burden of managing a different password for each target application and entering credentials again and again.

  • User dashboard displaying all applications to which the user has access rights
  • Integrated Windows Authentication and X.509 client certificates support to access the user dashboard with no login form
  • Identity federation through SAML, OpenID Connect, and OAuth protocols
  • Pre-integrated applications such as Office 365, G Suite, Salesforce and many others

MFA

Choose from an array of Multi-Factor Authentication mechanisms to fit the specific requirements of your different populations, because there is no one-size-fits-all MFA solution.

  • Trustelem Authenticator: a mobile application offering a strong authentication solution which is both secure and easy to use.  Within network coverage, Trustelem Authenticator receives push notifications.  When the device is offline, the application generates a 6-digit code.  In addition to users locking their device, the application can be fingerprint-protected or require a four-digit PIN.
  • OTP over SMS authentication: a simple and practical solution, widely known by users in other contexts
  • FIDO 2 security devices: can be used through the WebAuthn protocol to implement multi-factor authentication based on USB or NFC physical keys.  WALLIX Trustelem supports all FIDO2-compliant devices, including ANSSI-certified devices.
  • Google Authenticator or any RFC 6238-compliant OTP generation mobile application is supported by WALLIX Trustelem for multi-factor authentication

Self-Service

Offer users a self-service solution for simplifying and streamlining management of credentials.

  • Active Directory Self-Service Password Reset (SSPR) allows users to re-initialise their Active Directory password independently, after re-authenticating with one or more add-on solutions such as the Trustelem Authenticator mobile app, an SMS, one or more secret questions, a link sent by email, or other solutions
  • The user dashboard suggests renewing the Active Directory password either spontaneously or upon expiration
  • Users are prompted with MFA enrollment procedures when they access their dashboard or a specific target application, so that enrollment is fully autonomous.  Administrators control which user or group is prompted for auto-enrollment of the MFA solutions