CRYPTOCard BlackShield ID v2.3
Strengths: Nicely integrates into a Windows environment. Easy to manage once deployed.
Weaknesses: Not a lot, other than the complexity of the initial installation.
Verdict: Very strong solution with a lot of nice features, and not a bad price.
SummaryBlackShield ID is a web services based strong authentication server providing integrated provisioning and management. It installs as an application inside Internet Information Server (IIS) and tightly integrates with standard Microsoft server components, including IAS 2003, SQL 2005, Active Directory and Event Viewer.
The application did require quite a few server side dependencies, such as Microsoft IIS, ASP.net 2.0, .net 2.0 Framework and Internet Authentication Service (IAS/2003). It took us a couple of hours to load everything we needed, but the upfront work was worth it because once loaded, BlackShield ID was completely integrated with our infrastructure (Active Directory) and required no additional schema modifications. The product shipped with a default database, PostgreSQL 8.3.
All the configuration is done post-installation from a browser. The management interface was busy, but easy to use and navigate. In fact, it was so easy to use we were comfortable jumping right in even before reading the administration and user guides. Both local and remote management is supported.
We really liked the workflow automation, including the user self-enrollment features. Authentication agents for applications, such as OWA, Remote Web Workplace, SharePoint, Citrix and others, are included. There was support for a wide range of hardware, software and zero footprint tokens (SMS), as well as OATH-compliant tokens. The CRYPTOCard tokens could be configured to generate numeric, alphanumeric and complex passcodes.
Reporting and audit capabilities were great. Real-time activity monitoring, management by exception for notifications and standard built-in reporting were all strong features of this product.
CRYPTOCard's tool is enterprise ready with features like high performance scalability, failover and recovery options.
Multiple support options are available, for a fee, and include email and phone support for both eight hours a day/five days a week and 7/24 options. The documentation provided was very well done.
The tool delivers a lot of punch, although it will require a lot of work to initially roll out. Ongoing management is required, but is simplified through some of the features we discussed above.