January 02, 2013
Starting at $15 per user per year, plus $2,000 per virtual server per year.
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Full multifactor and single sign-on authentication management.
- Weaknesses: None that we found.
- Verdict: A myriad of features with good deployment choices.
SecureAuth IdP combines a multitude of authentication and identity management features. This product can be installed as an on-premise or cloud-based deployment for managing single sign-on and two-factor authentication for many facets of the enterprise infrastructure. Some areas for which this product can manage authentication are web and mobile applications, VPN and gateway authentication, and cloud-based resources. SecureAuth can plug into an existing Active Directory structure to leverage user account and security policies. This tool also features quite a bit of identity management functionality to further enhance user and authentication management capabilities.
We found initial setup to be straightforward and easy to complete. The initial setup consisted of deploying the virtual appliance in our environment and then tying it to our Active Directory user database for authentication. After the appliance was setup with an initial configuration, we were able to access the SecureAuth SSO (single sign-on) portal. This portal can be accessed by users to set up and manage their various accounts and credentials. We found this to be easy and intuitive to use. As for managing the server itself, all configuration and management is done using a web-based management console. We also found this console intuitive to navigate with many configurable options.
Overall, this product can integrate into many areas of the existing infrastructure to provide multifactor and single sign-on options to users. Two-factor authentication options include USB keys, smart cards, certificates and one-time passwords through SMS, phone or email, as well as password, PIN, knowledge-based question-and-answer authentication. From an application standpoint, this solution can integrate into on-premise applications, such as SharePoint and Outlook Web Access, VPNs from Cisco, Juniper and F5, as well as cloud-based applications, such as Salesforce and Google Apps.
Documentation included appliance setup and administrator guides, as well as various material for getting around the testing environment. While the review guides were specific to our testing scenario, we found them to be quite helpful in understanding how to use the product. As for the standard documentation, we also found this to be well-organized and well written. All documentation included screen shots along with step-by-step instructions and configuration examples that were easy to follow.
SecureAuth provides both phone- and email-based technical support to customers as part of an annual subscription cost. Customers can access live phone assistance during normal business hours. Mission-critical after-hours calls are handled by an on-call support staff. Email support staff will return enquiries within one business day of the request. Customers also can access an online area via the website that includes a knowledge base along with product documentation and other resources.
At a price starting at $2,000 per server per year, plus $15 per user per year, this product may seem a bit on the pricey side. However, we find SecureAuth to be a reasonable value for the money. This solution includes many features and functions to easily deploy multifactor authentication along with single sign-on throughout the enterprise - both in an out of the cloud.
SC Magazine Articles
- Was Spotify breached? Account info shows up on Pastebin
- Report: Ransomware feeds off poor endpoint security
- Researcher finds backdoor that accessed Facebook employee passwords
- Intelligence court affirms FBI's right to search Americans' emails without a warrant
- Most orgs couldn't quickly detect breach, study
- DōTERRA breach exposes customer info; including SS, DOB, and addresses
- UPDATE: Petya ransomware leverages Dropbox and overwrites hard drives
- Federal court bucks trend, rules general liability insurance covers data breach
- The anatomy of a spearphishing scam, or how to steal $100M with a fake email
- 3,000 Tidewater Community College workers victimized in W-2 scam
- Ransomware rampant, but chinks found in its armor
- Mining company's data is more valuable than gold
- PCI DSS version 3.2 release extends multifactor authentication requirement
- RSA EMEA Summit: Writing a security strategy that will make Vivaldi proud
- U.S. CIO hints federal adoption of 'bimodal IT' to balance old and new tech