January 02, 2013
Starting at $15 per user per year, plus $2,000 per virtual server per year.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Full multifactor and single sign-on authentication management.
- Weaknesses: None that we found.
- Verdict: A myriad of features with good deployment choices.
SecureAuth IdP combines a multitude of authentication and identity management features. This product can be installed as an on-premise or cloud-based deployment for managing single sign-on and two-factor authentication for many facets of the enterprise infrastructure. Some areas for which this product can manage authentication are web and mobile applications, VPN and gateway authentication, and cloud-based resources. SecureAuth can plug into an existing Active Directory structure to leverage user account and security policies. This tool also features quite a bit of identity management functionality to further enhance user and authentication management capabilities.
We found initial setup to be straightforward and easy to complete. The initial setup consisted of deploying the virtual appliance in our environment and then tying it to our Active Directory user database for authentication. After the appliance was setup with an initial configuration, we were able to access the SecureAuth SSO (single sign-on) portal. This portal can be accessed by users to set up and manage their various accounts and credentials. We found this to be easy and intuitive to use. As for managing the server itself, all configuration and management is done using a web-based management console. We also found this console intuitive to navigate with many configurable options.
Overall, this product can integrate into many areas of the existing infrastructure to provide multifactor and single sign-on options to users. Two-factor authentication options include USB keys, smart cards, certificates and one-time passwords through SMS, phone or email, as well as password, PIN, knowledge-based question-and-answer authentication. From an application standpoint, this solution can integrate into on-premise applications, such as SharePoint and Outlook Web Access, VPNs from Cisco, Juniper and F5, as well as cloud-based applications, such as Salesforce and Google Apps.
Documentation included appliance setup and administrator guides, as well as various material for getting around the testing environment. While the review guides were specific to our testing scenario, we found them to be quite helpful in understanding how to use the product. As for the standard documentation, we also found this to be well-organized and well written. All documentation included screen shots along with step-by-step instructions and configuration examples that were easy to follow.
SecureAuth provides both phone- and email-based technical support to customers as part of an annual subscription cost. Customers can access live phone assistance during normal business hours. Mission-critical after-hours calls are handled by an on-call support staff. Email support staff will return enquiries within one business day of the request. Customers also can access an online area via the website that includes a knowledge base along with product documentation and other resources.
At a price starting at $2,000 per server per year, plus $15 per user per year, this product may seem a bit on the pricey side. However, we find SecureAuth to be a reasonable value for the money. This solution includes many features and functions to easily deploy multifactor authentication along with single sign-on throughout the enterprise - both in an out of the cloud.
Sign up to our newsletters
SC Magazine Articles
- 'Sexy Girls' wallpaper app in Google Play store accessed account info
- Zeus variant targeting Canadian banks, U.S. banks may also be a target
- New attack uses ransomware to drop trojans and keyloggers
- 'GHOST' bug in Linux library enables remote takeover of victim's system
- Firm finds link between Regin spy tool and QWERTY keylogger
- Report: From Q3 to Q4, 90 percent increase in global DDoS attacks observed
- Researchers observe databases being encrypted, websites held for ransom
- ZeroAccess botnet reactivates, click fraud activity resumes
- BCBS of Tennessee shares personal data on 80K in marketing campaign
- Tips for organizations in the wake of the biggest corporate hack in history