January 02, 2013
Starting at $15 per user per year, plus $2,000 per virtual server per year.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Full multifactor and single sign-on authentication management.
- Weaknesses: None that we found.
- Verdict: A myriad of features with good deployment choices.
SecureAuth IdP combines a multitude of authentication and identity management features. This product can be installed as an on-premise or cloud-based deployment for managing single sign-on and two-factor authentication for many facets of the enterprise infrastructure. Some areas for which this product can manage authentication are web and mobile applications, VPN and gateway authentication, and cloud-based resources. SecureAuth can plug into an existing Active Directory structure to leverage user account and security policies. This tool also features quite a bit of identity management functionality to further enhance user and authentication management capabilities.
We found initial setup to be straightforward and easy to complete. The initial setup consisted of deploying the virtual appliance in our environment and then tying it to our Active Directory user database for authentication. After the appliance was setup with an initial configuration, we were able to access the SecureAuth SSO (single sign-on) portal. This portal can be accessed by users to set up and manage their various accounts and credentials. We found this to be easy and intuitive to use. As for managing the server itself, all configuration and management is done using a web-based management console. We also found this console intuitive to navigate with many configurable options.
Overall, this product can integrate into many areas of the existing infrastructure to provide multifactor and single sign-on options to users. Two-factor authentication options include USB keys, smart cards, certificates and one-time passwords through SMS, phone or email, as well as password, PIN, knowledge-based question-and-answer authentication. From an application standpoint, this solution can integrate into on-premise applications, such as SharePoint and Outlook Web Access, VPNs from Cisco, Juniper and F5, as well as cloud-based applications, such as Salesforce and Google Apps.
Documentation included appliance setup and administrator guides, as well as various material for getting around the testing environment. While the review guides were specific to our testing scenario, we found them to be quite helpful in understanding how to use the product. As for the standard documentation, we also found this to be well-organized and well written. All documentation included screen shots along with step-by-step instructions and configuration examples that were easy to follow.
SecureAuth provides both phone- and email-based technical support to customers as part of an annual subscription cost. Customers can access live phone assistance during normal business hours. Mission-critical after-hours calls are handled by an on-call support staff. Email support staff will return enquiries within one business day of the request. Customers also can access an online area via the website that includes a knowledge base along with product documentation and other resources.
At a price starting at $2,000 per server per year, plus $15 per user per year, this product may seem a bit on the pricey side. However, we find SecureAuth to be a reasonable value for the money. This solution includes many features and functions to easily deploy multifactor authentication along with single sign-on throughout the enterprise - both in an out of the cloud.
SC Magazine Articles
- Three zero-days found in iOS, Apple suggests users update their iPhone
- MedSec goes its own way with medical device flaw
- Voter databases in two states breached by foreign hackers, FBI
- Researchers find seven classes of vulnerabilities in iOS sandbox security feature
- Sony enables two-factor authentication for PlayStation
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Wendy's POS breach 'considerably' bigger than first thought
- No hacking required: Israeli researchers show how to steal data through PC components
- New macros attacks use Anti-VM and Anti-Sandbox techniques
- SWIFT warns of new attacks, pushes for security upgrades
- Paypal users targeted in new angler phishing scam, Proofpoint report
- Dropbox commended for its handling of massive data breach involving 68M users
- Google refuses to patch alleged login page flaw
- RIPPER malware suspected behind $350K Thailand ATM heist, report