February 01, 2004
Starting from $1,864,including ten Digipass GO1 or GO3, the VACMAN Middleware software license and a one-year maintenance subscription
- Ease of Use:
- Value for Money:
- Overall Rating:
Flexibility of implementation.
Not for the faint hearted.
A potentially comprehensive product using dynamic passwords.
The Digipass pack product from Vasco is perhaps less of a product in the accepted sense and more of a security philosophy – the philosophy in question being that of dynamic, one-time password creation using portable tokens.
The tokens supplied for review were the Digipass GO1 variety, a read-only token from which the user simply reads the one-time password when required (there are other types of tokens which allow for direct user input as part of the password-generation process).
These tokens are attractively finished and feature a pull-out section which, when activated, displays the six-digit password number that stays visible on the small LCD for about 15 seconds. The tokens come supplied with a holder to be worn "around the neck," making them easy to carry at all times. They are battery powered and should remain active for roughly five years.
From the user perspective, this is a straightforward methodology, undertaken via the robust, attractive and easily carried Digipass token. There is more to it than this though and Vasco has considered a number of approaches to implementation, supplying various flavors of the Vacman Radius middleware software.
Comprehensive implementation guidelines are provided for a number of gateway and server products and should help system administrators who want to quickly understand how to deploy such a product.
Indeed, the supplied CD is full of useful information, from white papers to original product leaflets.
Furthermore, Digipass products are supported by a wide range of technology suppliers and partners, ensuring a practical implementation in most cases, whatever your particular network architecture.
This is a serious product for those who are serious about security. For many, the question will be if they support the one-time dynamic password generation approach or whether they move towards tokens and/or biometrics. If the former is the case, then this is a product to investigate further.
Sign up to our newsletters
SC Magazine Articles
- Study: Open Source Software use increasing in enterprises but without vulnerability monitoring
- RSA Conference 2015: Prepare for the IoT before it's too late, Sorebo warns
- 'Aaron's Law' returns to Congress
- RSA 2015: Tension continues to grow between govt, cryptographers
- Data at risk for 9,000 individuals following unauthorized access to SRI Inc. website
- Study: Conficker declared top threat of 2014, but N. America targeted mainly by AnglerEK
- RSA 2015: Straight talk about encryption, bulk surveillance and IoT
- RSA 2015: In the healthcare industry, security must innovate with business
- RSA 2015: Unintended use of aircraft systems next challenge for counterterrorism community
- RSA 2015: Bug hunting and responsible vulnerability disclosure