Part of Managed Security Services
So much more than just token security.
In a nutshell, there are three key components: Users and their tokens, the Authentication node and the Managed Authentication Service itself.
Users and their tokens
Each user is provided with a token. These are used to deliver the One Time Password, which, when combined with the end user’s unique PIN, identifies them to the Managed Authentication Service - which then authorises their connection to the network. Simple but effective.
Just select the token type or token types that suit your user base and security policies best.
All our key chain tokens are provided with a five-year warranty. And they don’t expire (unlike those of some of our competitors).
KT-1 Key Chain Token
The KT-1 is the most common token. Its simplicity makes it the ideal authentication token for users of virtually any skill level. It generates a new passcode each time it’s activated - by pressing the button beside the LCD display.
KT-2 Key Chain Token
The KT-2 Key Chain token is an economical alternative to the KT-1. It combines the same simplicity and durability, and costs less when purchased in quantity.
SC-3 USB Style Token
This token is a software implementation of the RB-1 hardware token installed on a USB-packaged device. The ideal multi-function token card for companies that want the advantages of hardware tokens, and the convenience and integration of software tokens.
ST-1 Software Token
The ST-1 Token is a software implementation of the RB-1 hardware token for installation on computers and PDAs. Perfect for companies that want the strength of two-factor authentication without the overheads and cost of hardware distribution.
ST-1 Token for BlackBerry®
The ST-1 Token for BlackBerry® is a software implementation of the RB-1 hardware token for installation on BlackBerry® devices. It’s ideal for companies that want the strength of two-factor authentication without the overhead and cost of hardware distribution.
The SMS Mobile Phone Token uses your existing SMS enabled mobile phone to provide you with secure and protected login access. It works on all ordinary mobile phones and users will never need to install anything on their existing mobile phone. The ‘Security on Demand’ feature ensures that a One-Time Password is immediately available to the user on their mobile phone without you ever needing to request it.
The device that terminates the end user connection onto your network must be configured to pass all of its authentication requests to the Managed Authentication Service. This device is referred to as the Authentication Node. The solution is proven to work with Cisco, Juniper, Watchguard, SonicWALL - in fact, any RADIUS based device.
The Authentication Node sends requests to one of the Managed Authentication Service Points-of-Presence (A-PoP). Communication between the Authentication Node and A-PoP is encrypted to ensure maximum security throughout.
There’s very little work required within your network to make use of the Managed Authentication Service. What’s more, the re-configuration of the Authentication Node to direct the requests to the Managed Authentication Service and the setting up of the user database typically takes no more than a few hours.
Managed Authentication Service
The function of the Managed Authentication Service is to authenticate the end user request and to provide a portal interface for management of the service. The Managed Authentication Service architecture is built around multiple data centres around the globe and therefore provides multiple A-PoP’s. Each data centre is housed in a secure, well managed and totally resilient building and is regularly checked. Data held in these centres is backed up onto multiple servers with built-in redundancy and backup capability. All of the data centres are interlinked with a robust network infrastructure with diverse internet connectivity.
The architecture of the Managed Authentication Service, together with the design of the data centres, allows multiple customers to be managed from a single service, which in turn is managed from a unique management portal.
The Managed Authentication Service Administration Portal (MAP) can be accessed over the internet via a standard web browser and, as you would expect, is secured by two-factor authentication. It allows your Administrator to perform various administrative functions including: importing, creating, editing and deleting end users, assigning and de-assigning devices to end users and reporting on authentication activity.