There is no other commercial off-the-shelf (COTS) product that can do all that Power LogOn COA does.

U.S. Air Force Project Manager

Power LogOn:

COA

Use certificate credentials for authentication onto disconnected or intermittently connected networks without online revocation list access.

Schedule a Call

Introducing

Power LogOn:

Your Complete Cyber Authentication Solution

 

How can Power LogOn help you?

Power LogOn COA solution provides secure verification and login authentication onto disconnected or intermittently connected networks that cannot access online certificate authority servers or revocation lists, using your existing digital certificate enabled credentials (CAC/PIV/CIV and others).

Currently used within the US government on air-gapped networks. Power LogOn COA works out-of-the-box with most digital certificates to facilitate secure authentication, authorization, verification, and non-repudiation for Windows login. Enables distributed authentication for tactical units under Degraded, Delayed, Intermittent and Limited (DDIL) conditions.

Flexible and Scalable

Power LogOn COA supports a wide range of certificate-based credentials and technologies, and ensures compliance with government standards and regulations, with minimal infrastructure changes. 

Power LogOn COA doesn’t replace your digital certificate architecture or require new certificates, it adds additional functionality and flexibility to existing certificates when accessing government or commercial networks that are disconnected from any network for Security, Degraded, Delayed, Intermittent and Limited (DDIL) conditions. With strong encryption, centralized IT control, and compatibility across platforms, Power LogOn COA is a scalable solution providing both convenience and robust protection.

Power LogOn COA has passed compliance review by third-party pen testers (NIST approved Network Security Inc.), and STIGs self-evaluation approved by United States Air Force.

Secure, Automated Logins

Power LogOn COA streamlines verifiable certificate-based off-line MFA authentication access management by automating logins across disconnected or intermittently connected workstations, while enhancing both convenience and security.

With strong encryption and administrative tools, Power LogOn COA ensures comprehensive protections while simplifying IT security by utilizing existing credential infrastructure.

  • Zero Trust authentication
  • Works side-by-side with digital certificates
  • Doesn’t replace existing credential digital certificates
  • Provides Username & Password to Windows Authentication process
  • Uses existing credential, certificate and PIN for true MFA
Zero Trust Authentication Methods

Power LogOn creates zero trust by using government cybersecurity standards, regulations, and best practices to authenticate and verify user against approved revocation lists without network connectivity.

  • Possession (Something you have, i.e. credential), 
  • Knowledge (Something you know, i.e. PIN), 
  • Digital certificates public and private key,
  • Encryption Keys, 
  • CUID (Chip Unique Identifier)

 

 

 

 

System Requirements

Power LogOn is compatible with Windows operating systems, supports major cloud platforms, and requires minimal client computer resources, making it a highly scalable solution.

Primary Application: Identity management, multi-factor authentication, and enterprise security

Secondary Application: Strong passwords, safeguards against many hacker techniques

Operating System: Windows 11, Windows 10 (32/64-bit), and earlier versions

Servers: Win Server 2022, 2019, 2016, and earlier versions and SQL Server 2022, 2019, 2016, 2014, and earlier

Server RAM: at least 4GB for small installations, 8+GB for installation over 50 users

Virtual Server: Recommended

Client computer hard drive space: 70GB

Clouds: AWS, Azure, Google, or any private cloud supporting Virtual Machine

Web Browsers: Auto launch IE, Edge, Firefox, and Chrome browsers

Secure your Virtual Front Door with:

Power LogOn

Multi-Factor Authentication

According to Microsoft, MFA blocks 99.9% of attack vectors.

True multi-factor authentication (MFA) is essential for enhancing security by requiring users to verify their identity through multiple forms of validation, such as something they know (password), something they have (security token), and/or something they are (biometrics).

By adding these layers of protection, MFA greatly reduces the risk of unauthorized access, minimizing threats from compromised credentials and bolstering overall cybersecurity defenses.

IT Centralized Password Management

Ideally suited for computer workstations isolated from an organization’s network that require certificate-based multifactor authentication.

  • Works with any credential with a valid X509 certificate.
  • Does not require any additional hardware infrastructure.
  • FIPS 140-2 verified, FIPS 201, HIPAA, CJIS, NIST 800-171 & 800-63b-AAL3 Compliant
  • Self-evaluated STIGs review accepted by USAF 
  • Scalable and adaptable for organizations of any size

Power LogOn

Certificate-based Offline

Authentication Features

Advantages and Benefits

sThere are cybersecurity circumstances where workstations cannot be connected to any outside network, and where digital certificates are required for user verification prior to Username and Password workstation logon. The issue with certificates is that they are validated through online revocation lists. But, if the workstation is not allowed online access, how can the verification be accomplished?

That is where Power LogOn Certificate-based Offline Authentication can assist. 

  • Federal identity management compliant
  • Works with existing issued government contact or contactless CAC/PIV/CIV and other certificate-based credentials
  • Compatible with most X.509 certificates
  • No new digital certificates must be purchased or uploaded to a credential.
  • Uses existing credential PIN for true MFA
  • Only verified certificates are permitted for user logon access
  • Data Storage Encryption Integration 
  • Multi-function credentials 
  • No data on the government credential is added or modified
  • Each workstation can be customized to which certificates are valid for access
  • Unlimited number of enrollment accounts
  • Card Removal Actions: User Log Off, Computer Lock Down, Computer Shut Down, Nothing, or Custom
  • Uses the existing credential’s PIN
  • Secures the logs into their federal approved identity providers (IdP)

Security

Power LogOn enhances federated cybersecurity by using advanced encryption methods, unique usernames and passwords for each site, and non-typed passwords to guard against common cyber threats like keyloggers, social engineering, and phishing. Additionally, it provides customizable actions upon card removal and ensures encrypted password backups for secure data recovery.

  • FIPS 140-2 compliant
  • FIPS 201 compliant
  • Data Encryption: AES 256, SHA-256, Hash Salting
  • X.509 digital certificates
  • PC/SC compliant card readers
  • Secure Network Technology 5-star rating
  • Passed USAF STIGs review
  • No sharing of logon passwords
  • Secure Card Data Printout
  • The certificate’s private key is secured by the smart card’s internal cryptographic functions
  • No data on the government credential is added or modified
  • No sharing of logon passwords

Compliance

Power LogOn meets stringent federated cybersecurity standards, ensuring compliance across local, state, federal and tribal governments. Its comprehensive approach protects agencies by adhering to government-specific regulations, safeguarding sensitive data, and supporting cybersecurity requirements.

  • FIPS 201 compliance by NIST– no data is added or changed on existing government credentials
  • DoD STIGs compliance (U.S. Air Force reviewed)
  • DFARS NIST 800-171 compliance
  • NIST 800-63b AAL-3 compliance
  • NIST 800-53
  • CJIS compliance
  • IRS 1076 Security Guidelines compliance
  • HIPAA and HITECH compliance
  • Insurance companies’ cybersecurity requirements

    Convenience

    Combining multiple functions onto a single CAC/PIV/CIV ID badge streamlines security management, making it easier to identify and address vulnerabilities quickly. Employees don’t carry multiple credentials and tokens—such as a physical access badge, a network access token, and a smartphone for SMS. With a single credential, the risk of a cyber vulnerability—the losing, misplacing, or forgetting increases with each additional device—is significantly reduced.

    Power LogOn’s convenience ensures that end users follow security policies by integrating various certificate technologies. This allows IT and HR to issue and manage just one credential, simplifying administration and reducing costs.

    • After certificate verification, IT centralized Username and Passwords are automatically inserted into the Windows Authentication process
    • For certificates that cannot be verified user logon access is denies
    • Auto Launch Windows Applications
    • Windows Applications Logon
    • Auto-fill and submit logon forms
    • Data Storage Encryption Integration 
    • Multi-function credentials 
    • Each certificate can access only workstations that were pre-selected during the enrollment process
    • Unlimited number of enrollment accounts
    • Employees no longer need to know, type, generate, or manage passwords
    • Secure Card Data Printout
    • The certificate’s private key is secured by the smart card Key Diversification
    • Optional Challenge/Response for Card/Workstation Authentication
    • Secures the logs into their federal approved identity providers (IdP)

      Fast, Easy, and Affordable

      Power LogOn streamlines the implementation of secure access management by utilizing existing credentials and offering flexible licensing options, making it both cost-effective and easy to deploy.

      With features that enhance both user convenience and IT control, it ensures robust security without requiring additional hardware or complex infrastructure changes.

      • No expensive re-badging required
      • No expensive training required
      • No re-certification of government badges
      • No additional expensive hardware updates or modifications
      • Leverages existing physical access credentials, eliminating the need for re-badging or re-issuance
      • Employees simply present their credential and enter a unique PIN, automating the logon process without typing usernames or passwords
      • Subscription licenses to lower annual costs based on volume and organizational needs
      • Open architecture supports non-proprietary cards and smartcard readers
      • No backend server modifications or additional hardware purchases required

        Availability

        Power LogOn COA is available through a network of approved GSA and SEWP contract holder resellers and distributors. If you’re interested in testing or implementing Power LogOn COA, reach out to your IT reseller. If they are not an authorized reseller, they can contact us to become one.