February 01, 2004
Starting from $1,864,including ten Digipass GO1 or GO3, the VACMAN Middleware software license and a one-year maintenance subscription
- Ease of Use:
- Value for Money:
- Overall Rating:
Flexibility of implementation.
Not for the faint hearted.
A potentially comprehensive product using dynamic passwords.
The Digipass pack product from Vasco is perhaps less of a product in the accepted sense and more of a security philosophy – the philosophy in question being that of dynamic, one-time password creation using portable tokens.
The tokens supplied for review were the Digipass GO1 variety, a read-only token from which the user simply reads the one-time password when required (there are other types of tokens which allow for direct user input as part of the password-generation process).
These tokens are attractively finished and feature a pull-out section which, when activated, displays the six-digit password number that stays visible on the small LCD for about 15 seconds. The tokens come supplied with a holder to be worn "around the neck," making them easy to carry at all times. They are battery powered and should remain active for roughly five years.
From the user perspective, this is a straightforward methodology, undertaken via the robust, attractive and easily carried Digipass token. There is more to it than this though and Vasco has considered a number of approaches to implementation, supplying various flavors of the Vacman Radius middleware software.
Comprehensive implementation guidelines are provided for a number of gateway and server products and should help system administrators who want to quickly understand how to deploy such a product.
Indeed, the supplied CD is full of useful information, from white papers to original product leaflets.
Furthermore, Digipass products are supported by a wide range of technology suppliers and partners, ensuring a practical implementation in most cases, whatever your particular network architecture.
This is a serious product for those who are serious about security. For many, the question will be if they support the one-time dynamic password generation approach or whether they move towards tokens and/or biometrics. If the former is the case, then this is a product to investigate further.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards