Deepnet Security DualShield v5.2
Strengths: Biometric token support that is easy to deploy and use.
Weaknesses: Support is a bit pricey, but no technical weakness found.
Verdict: This is a great offering with hard, soft and biometric authentication options. It’s easy to deploy and use. This is our Recommended product.
SummaryDualShield v5.2 from Deepnet Security is a unified authentication platform, using the versatile authentication server model. The tool protects all commonly used business applications with multifactor authentication. There is support for virtual private networks (VPN), remote desktop protocol (RDP), email, web, cloud and mobile applications, including full SAML 2.0 support. The offering was delivered to us as server-based management and client applications, application-specific client deployments, and various one-time password (OTP) key fob and software-based tokens.
The installation package was intuitive. Once we launched the installer, it walked us through the deployment. We chose to load all the backend and front-end components, including the management console, and single sign-on (SSO), self-service and provisioning servers. One has the option to separate these in the environment for security and performance purposes, and deploying these modules on separate servers is recommended. We installed them all on the same server for our test. The installation took no more than five minutes, and we were ready to start. We applied the license keys and were off and running creating applications. The user interface was one of the better ones we've seen. We created a Windows authentication application and loaded the client on our test device. The client replaced the Windows graphical identification and authentication (GINA) with a Deepnet Security login that uses the Windows credentials along with the two-factor option.
DualShield supports a wide range of authentication methods, including on-demand password by SMS, email or mobile call (with support for most phone operating systems), and challenge-response, hardware and software OTP tokens, including RSA SecurID and Vasco Digipass Go. DualShield also supports static passwords, as well as question-and-answer voice and facial recognition, and keystroke dynamics (keystroke biometrics). TypeSense is a software-only authentication solution based on typeprint recognition that accurately identifies a user by the way they type characters across a keyboard. The installation of any new hardware is not required for TypeSense, as it works with a standard computer keyboard. Another feature, VoiceSense, is a text-and-language, independent biometric speaker verification system. And, FaceSense is a state-of-the-art authentication solution based on facial recognition technology that verifies a speaker's identity in real time using a simple spoken phrase.
Other features to note: OTP passwords are also supported through Twitter Direct Message. The user has a central location to administer and manage all tokens. DualShield offers native Active Directory (AD)/lightweight directory access protocol (LDAP) integration, allowing one to pull in users and deploy applications. Apps are what one creates and publishes to support options like VPN or application-level authentication access.
Support is available for 20 and 30 percent of list price. Documentation is complete and useful in both server, client and application support.