 |
What is Authentication / 2FA / Two Factor Authentication? |
 |
Authentication is the process of determining whether someone or something is in fact, who or what it is declared to be. |
|
|
What Benefits does Two Factor Authentication ( 2FA ) bring ? |
|
Confirming a users identity is of paramount importance in these days of hacking attacks, remote user access, phishing attacks, identity theft and online fraud.
Authentication makes 100% sure that the person accessing their bank account, your network, email account, application, VPN, email, Outlook Web Access, website, Cloud application, Salesforce CRM , shopping system or other online account etc. is who they say they are, AND that they are authorised to view information, make payments etc.. |
|
|
What does " 2-Way, 2-Factor" Authentication really mean and why is it important? |
|
Two-way authentication is where (for example), a customer is required to prove their identity to the bank's web site and the web site must in return prove its authenticity to the user. This ensures both parties can be confident that they are dealing with a legitimate source.
Two Factor authentication adds the requirement to have the ability to generate a token, or one time password using an authorised method. |
|
|
How does Deepnet DUALShield Authentication actually work ? |
|
There are many applications and authentication methods available depending on your requirements - but at a basic level it works like this;
- Customer installs DUALShield Authentication "server" software.
- Customer decides which application they wish to authenticate to occur. For example lets say Outlook Web Access (OWA).
- Following simple instructions provided configure OWA to require authentication.
- Customer decides which form of tokens they wish to issue - for example again lets say you wish to issue "One Time Password" tokens via SMS to their mobile phone.
- In the DUSLAShield "server" software, you create a user, set up their details and enter their mobile number.
- End user goes to the OWA server and tries to logon. Customer enters their username and password, and is presented with a button to send a OTP (one time password) via SMS.
- In a few seconds an SMS is received by the end users mobile phone which they enter into the logon screen, authorised and logon to OWA proceeds as normal.
- End user leaves the company. Deepnet administrator clicks a button which revokes the customers ability to receive OTP (this can be done automatically via AD / LDAP etc).
|
|
|
What's wrong with Hardware tokens such as RSA, Vasco and Safeword? |
|
Cost, security and inflexibility!
They are expensive to buy, expensive to maintain, expensive to ship, expensive to manage, easy to forget, easy to lose - and have to be replaced every few years when the battery fails.
They are also frequently lost - adding to inconvenience (no token = no access) and expense for both the end user and the issuing company.
RSA have also been the victim of a security breach which means their SecurID tokens can no longer be trusted. |
|
|
Ive read about the RSA Security breach - is Deepnet DUALShield Secure? |
|
Yes. Deepnet DUALShield is totally secure.
All software tokens are generated from seed files created by you the customer, are never made public and cannot be reproduced.
More information on the RSA Security Breach can be found here. |
|
|
Why is Deepnet DUALShield so more cost effective ? |
|
Unlike most other vendors, everything is included in one price.
All server software, integration applications, agents, RADIUS server, all software token types and all application methods are included in one low price.
You can choose how you wish to deploy / mix and match authentication and token types to your end users requirements.
For example some users may wish to have OTP delivered via SMS, Email or be able to self generate them on their Iphone - 3 tokens for 1 user. With DUALShield there is no extra charge - you only need purchase 1 user licence. |
|
|
How do I manage Deepnet DUALShield, setup users and deploy the tokens? |
|
DUALShield is managed by an intuitive, simple to use Web application which runs in any browser. Full documentation is included in the trial download package. |
|
|
How do I setup Authentication for example with Outlook Web Access, Citrix, Windows Logon or Terminal Services? |
|
Exact explanation is detailed in the user guides, but at a basic level the procedure is the same as this. |
|
|
Does Deepnet support Juniper SSL VPN? |
|
Yes. Also supported are regular VPN and SSL VPN from the following vendors.
* Cisco * Nortel * Checkpoint * Juniper * WatchGuard * Aventail * SonicWave * AEP * Whale * F5 |
|
|
Does Deepnet DUALShield feature RADIUS Support? |
|
Absolutely. A full RADIUS server (both 32bit and 64bit) is included out of the box. |
|
|
What Server Platforms does Deepnet DUALShield Authentication Software run on? |
|
Deepnet runs on any 32bit or 64bit Windows or Linux server platform either physical or virtual. |
|
|
How does the SMS Token delivery (T-Pass) work? |
|
If you choose to use T-Pass (SMS delivery) of OTP tokens, Deepnet is pre-configured to interface to a recommended online SMS service - ClickaTell is recommended.
The customer will then create an account, and purchase credits which are debited as users receive SMS messages.
ClickaTell are highly reliable, ultra-fast and very cost-effective. |
|
|
How do I generate a One Time Password on my iPhone or iPad? |
|
For MobileID to work on iPhone or iPad you need to download the MobileID application from Apple Appstore (for example), then configure the application with settings from your own Deepnet DUALShield Server installation.
- The Deepnet DUALShield Administrator creates a user, selects MobileID as the delivery method, and enters the end-users mobile number.
- On the iPhone / iPad you enter the URL to your Deepnet Server, plus a serial number and activation code (provided to you by your Administrator)
- Then if for example you wish to log on to Outlook Web Access using MobileID, you would visit the OWA website, enter your username and password as normal. You will also be prompted for a OTP (one time password).
- You would run the MobileID application on your iPhone / iPad. A OTP will be generated which you would enter into OWA and logon would proceed as normal.
|
|
|
How do I generate one time passwords on my other type of mobile phone? |
|
For MobileID to work you must have any modern, Java enabled phone (Nokia, PDA, Windows mobile, Blackberry, Android etc) and have a WAP / WiFi connection.
- The Deepnet DUALShield Administrator would create a user, select MobileID as the delivery method, and enter the end-users mobile number.
- An option would then be presented to deliver the MobileID application to the phone via WAP Push.
- Once received on the mobile device, you save the application.
- Then if for example you wish to log on to Outlook Web Access using MobileID, you would visit the OWA website, enter your username and password as normal. You will also be prompted for a OTP (one time password). You would go to "Applications" on your mobile and run the MobileID application.
- A OTP will be generated which you would enter into OWA and logon would proceed as normal.
|
|
|
What about the other tokens ? |
|
All are easy to deploy and use. See the Application Methods section for details of the options. |
|
|
Is it easy to install ? |
|
Very ! An install typically takes 30 minutes. |
|
|
Does Deepnet DUALShield work with Citrix ? |
|
Yes !
|
|
|
Does Deepnet DUALShield work with Cloud based apps? |
|
Yes !
Deepnet integrates with virtually any public or private Cloud based application - for example Google Apps, Salesforce, Sharepoint and more. |
|
|
Im an ASP / MSP - can I secure my application(s) using Deepnet? |
|
Absolutely. Deepnet DUALShield can operate in AAAS mode (Authentication As A Solution). Contact us for details. |
|
|
What reporting data is available? |
|
A full audit trail is included in the server software. |
|
|
Can I run Deepnet DUALShield Authentication on my PC at home? |
|
Deepnet DUALShield is a Business solution - it is not for regular home users. The server / backend of Deepnet is designed for installation and management by businesses or other organisations.
However, Tokens / token generation is decided on by the business - and depending on which authentication method is chosen you may run some authentication client software on the PC - it may even be a "home" PC.... |
|
|
Does Deepnet DUALShield integrate with Active Directory to synchronise user information? |
|
Yes |
|
|
How is it priced ? |
|
Deepnet DUALShield is priced per protected user starting at an "up to 25 user" licence.
You can use any number of software tokens for these users, and for any authentication method(s) you want.
That's it. There are NO confusing price lists and NO hidden optional extras.
- All of the server software is included.
- You can use ANY combination of available token generation methods- MobileID, T-Pass, Typesense etc. etc. Its your choice from within the management console..
- Annual support and upgrades is included.
|
|
|
My question isn't listed - how do I find out more information? |
|
Give us a call on +44(0)8456 443 911 or use our Enquiry Form. |
VPN
