February 01, 2004
Starting from $1,864,including ten Digipass GO1 or GO3, the VACMAN Middleware software license and a one-year maintenance subscription
- Ease of Use:
- Value for Money:
- Overall Rating:
Flexibility of implementation.
Not for the faint hearted.
A potentially comprehensive product using dynamic passwords.
The Digipass pack product from Vasco is perhaps less of a product in the accepted sense and more of a security philosophy – the philosophy in question being that of dynamic, one-time password creation using portable tokens.
The tokens supplied for review were the Digipass GO1 variety, a read-only token from which the user simply reads the one-time password when required (there are other types of tokens which allow for direct user input as part of the password-generation process).
These tokens are attractively finished and feature a pull-out section which, when activated, displays the six-digit password number that stays visible on the small LCD for about 15 seconds. The tokens come supplied with a holder to be worn "around the neck," making them easy to carry at all times. They are battery powered and should remain active for roughly five years.
From the user perspective, this is a straightforward methodology, undertaken via the robust, attractive and easily carried Digipass token. There is more to it than this though and Vasco has considered a number of approaches to implementation, supplying various flavors of the Vacman Radius middleware software.
Comprehensive implementation guidelines are provided for a number of gateway and server products and should help system administrators who want to quickly understand how to deploy such a product.
Indeed, the supplied CD is full of useful information, from white papers to original product leaflets.
Furthermore, Digipass products are supported by a wide range of technology suppliers and partners, ensuring a practical implementation in most cases, whatever your particular network architecture.
This is a serious product for those who are serious about security. For many, the question will be if they support the one-time dynamic password generation approach or whether they move towards tokens and/or biometrics. If the former is the case, then this is a product to investigate further.
SC Magazine Articles
- USAA members hit with multiple phishing attacks
- Three zero-days found in iOS, Apple suggests users update their iPhone
- MedSec goes its own way with medical device flaw
- Two-thirds of IT security pros surveyed expect a breach to hit their company, report
- Juniper confirms leaked "NSA exploits" affect its firewalls, no patch released yet
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Wendy's POS breach 'considerably' bigger than first thought
- No hacking required: Israeli researchers show how to steal data through PC components
- Don't connect your charging cell to a computer or you may get hacked!
- Six senators urge Obama to prioritize cybercrime at G20 summit
- Creating a buzz: USBee software causes air-gapped computers to leak data via USB connections
- Privacy advocates upset over FAA drone regulations, citizen takes action
- Voter database hack in Illinois by foreign intruder compromises info of 200K
- Fantom and FairWare ransomware discovered