January 02, 2013
Starting at $15 per user per year, plus $2,000 per virtual server per year.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Full multifactor and single sign-on authentication management.
- Weaknesses: None that we found.
- Verdict: A myriad of features with good deployment choices.
SecureAuth IdP combines a multitude of authentication and identity management features. This product can be installed as an on-premise or cloud-based deployment for managing single sign-on and two-factor authentication for many facets of the enterprise infrastructure. Some areas for which this product can manage authentication are web and mobile applications, VPN and gateway authentication, and cloud-based resources. SecureAuth can plug into an existing Active Directory structure to leverage user account and security policies. This tool also features quite a bit of identity management functionality to further enhance user and authentication management capabilities.
We found initial setup to be straightforward and easy to complete. The initial setup consisted of deploying the virtual appliance in our environment and then tying it to our Active Directory user database for authentication. After the appliance was setup with an initial configuration, we were able to access the SecureAuth SSO (single sign-on) portal. This portal can be accessed by users to set up and manage their various accounts and credentials. We found this to be easy and intuitive to use. As for managing the server itself, all configuration and management is done using a web-based management console. We also found this console intuitive to navigate with many configurable options.
Overall, this product can integrate into many areas of the existing infrastructure to provide multifactor and single sign-on options to users. Two-factor authentication options include USB keys, smart cards, certificates and one-time passwords through SMS, phone or email, as well as password, PIN, knowledge-based question-and-answer authentication. From an application standpoint, this solution can integrate into on-premise applications, such as SharePoint and Outlook Web Access, VPNs from Cisco, Juniper and F5, as well as cloud-based applications, such as Salesforce and Google Apps.
Documentation included appliance setup and administrator guides, as well as various material for getting around the testing environment. While the review guides were specific to our testing scenario, we found them to be quite helpful in understanding how to use the product. As for the standard documentation, we also found this to be well-organized and well written. All documentation included screen shots along with step-by-step instructions and configuration examples that were easy to follow.
SecureAuth provides both phone- and email-based technical support to customers as part of an annual subscription cost. Customers can access live phone assistance during normal business hours. Mission-critical after-hours calls are handled by an on-call support staff. Email support staff will return enquiries within one business day of the request. Customers also can access an online area via the website that includes a knowledge base along with product documentation and other resources.
At a price starting at $2,000 per server per year, plus $15 per user per year, this product may seem a bit on the pricey side. However, we find SecureAuth to be a reasonable value for the money. This solution includes many features and functions to easily deploy multifactor authentication along with single sign-on throughout the enterprise - both in an out of the cloud.
Sign up to our newsletters
SC Magazine Articles
- Long list of devices believed to be affected by NetUSB vulnerability
- Scammers target oil companies with sneaky attack
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Study: Employees acknowledge risky security behavior, continue to engage in it
- Hack of airplane systems described in FBI docs raises security questions
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- FireEye first cybersecurity firm awarded DHS SAFETY Act certification
- Thousands of Bellevue Hospital Center patients notified of data breach
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- Investigation ongoing in reported multimillion member Adult FriendFinder breach
- Report: $19M breach settlement between MasterCard, Target terminated
- FTC gives thumbs up to companies that cooperate during breach probes