DigitalPersona Pro Enterprise
January 02, 2013
$84 per user, U.are.U Fingerprint Reader $89, Pro Reports module extra.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Group policy-based management allows for great control, SSO, user self-registration and password reset.
- Weaknesses: Logging is inadequate without the Reports add-on.
- Verdict: A solid product definitely worth considering.
Large scale deployment of multifactor authentication services is a complex undertaking, and the administration of those services can prove problematic for administrators. DigitalPersona has put a great deal of thought into this, and as long as one is using Active Directory, the company's Pro Enterprise product may just be the solution.
The software arrived on a CD and contained both the client and server installation files. While it wasn't particularly difficult, the installation was a multi-step process. As the product is tightly integrated into Active Directory, we were first required to run a schema extender. We needed to do this a few times - first to set the appropriate schema permissions, then again to actually perform the extensions after the changes had replicated. After that, we ran a separate domain configuration wizard, and finally we installed the server components. Once that finished, we needed to install the license activation software, and then, using the Group Policy Management Editor, we were able to activate our license. After configuring a Group Policy Objects (GPO) with our preferences, the server portion of the installation was complete. The client software installation was much more straightforward - we simply ran the setup .exe and clicked "Next" until we were done.
As mentioned above, the product is tightly integrated with Active Directory, so it can be completely managed through GPO. We find this to be a powerful way to control the software. The tool supports the storing of biometric data, either on the server or locally on the workstation. It enables multifactor authentication for Windows itself, as well as other applications and websites through the wonderfully executed Password Manager Pro application. Similar to tools like LastPass, Password Manager Pro provides single sign-on capabilities to virtually any website or application by allowing administrators to set up website and application logins for their users. The software can be restricted to only allow websites and applications specified by administrators, or it can be allowed to accept registrations from the end-users as well. The product works with a number of different types of authentication tokens, supporting fingerprint readers, PINs, Bluetooth, Proximity and contactless smart cards and facial recognition.
Regretably, the base product appears to fall short in the logging department. All authentication activity is logged locally in the client's Windows Event logs, which makes auditing a chore. This can be rectified with an add-on product, Reports Pro. Installed on a separate server with a MS SQL backend, Reports makes use of the Windows Events Forwarding mechanism to collect authentication data. Using a web-based interface, administrators can create reports, and the subscription feature can automatically run those reports on a scheduled basis. It's a nice product, unfortunately it's an additional cost.
As far as support, we found a few instances of broken or missing hyperlinks on the company's website, and some of the information appeared to be outdated.
DigitalPersona Pro Enterprise is priced at $84 per user with U.are.U Fingerprint Reader at $89. The Pro Reports add-on is listed at $1,500 for 250 users, $2,000 for 251-1,500 users, and $3,000 for more than 1,500 users.
SC Magazine Articles
- Yahoo breach; State-sponsored actors suspected, at least 500 million accounts affected
- Education sector bullied by ransomware and can barely defend itself, report
- DetoxCrypto ransomware imitates Malwarebytes software
- Cisco warns of exploitation of new flaws linked to Shadow Brokers exploits
- Hackers crack Tesla CAN Bus, DoT issues policy for securing connected car
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Hard Rock Hotel & Casino Las Vegas hit with POS breach
- X-ray and MRI machines among devices used as springboards for data breach attacks
- Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace
- Wi-Fi warning! Study finds U.S. unaware of public Wi-fi risks
- OpenSSL patches 14 vulns, including high-severity flaw that can be exploited for DoS attacks
- IoT assault, connected devices increasingly used for DDoS attacks
- Cybercriminals already able to hack ATM biometric readers
- Cities planning transparency laws for police surveillance tech
- Malicious apps leveraging top UK brands has increased by 130%